In message <Pine.LNX.4.21.0007141236200.16371-100000@ns1.aplatform.com>, "Gary E. Miller" writes:
Yo Bennet!
Sounds like circular reasoning:
Path MTU discovery is broken beacuse poeple use RFC1918 addresses in routers.
Since Path MTU discovery is broken then there is no need to follow RFC1918.
No -- 1918 addresses would only break PMTU if folks did ingress or egress filtering for 1918 addresses. A much bigger cause of the breakage firewalls that block the ICMP message. And most people don't notice or care, because there's been so little need for PMTU in recent years. But that will change, as assorted tunneling technologies become more popular. --Steve Bellovin
2000-07-14-15:47:22 Steven M. Bellovin:
No -- 1918 addresses would only break PMTU if folks did ingress or egress filtering for 1918 addresses.
Wouldn't RFC 1918 addrs on router links only threaten to break PMTU --- even in the face of 1918 addr filtering --- if one of the routers with an rfc 1918 interface addr did routing between interfaces with different MTUs? As best I can see, PMTU discovery should work fine traversing RFC 1918 links, and the only addrs that need to be passed on out are those of routers where the MTU decreases along the path, which would only be routers with different MTUs on different interfaces. -Bennett
Yo Steve! On Fri, 14 Jul 2000, Steven M. Bellovin wrote:
No -- 1918 addresses would only break PMTU if folks did ingress or egress filtering for 1918 addresses. I know many routers that do this, so we are back to YES.
A much bigger cause of the breakage firewalls that block the ICMP message. Agreed.
And most people don't notice or care, because there's been so little need for PMTU in recent years. But that will change, as assorted tunneling technologies become more popular. Hop on ever to the linux-ipsec group if you want to see a group of people this is driving crazy.
RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701 gem@rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676
participants (3)
-
Bennett Todd
-
Gary E. Miller
-
Steven M. Bellovin