On Mon, 17 Jul 2000, Mikael Abrahamsson wrote:
On Sun, 16 Jul 2000, Greg A. Woods wrote:
Experience is beginning to suggest that it's the vast majority of them that use PMTUd now. Where it doesn't work _at_all_ on the "client" side you quickly find out that perhaps as many as 2/3's (anecdotally measured) of the "popular" web servers out there seem to be unusable
I am behind a tunnel with something like 1446 MTU. It works just nicely, I have not found any sites so far that won't work.
On the other hand, at work we're doing some tunneling using ciscos. Due to routing etc the ICMP "need-to-frag"-messages get lost and the people behind those tunnels cannot use 90% of the www sites (so they have to resort to proxies). Seems to me that PMTUd works better than most people think.
I do believe that NT and Win2k comes default with a registry setting that makes it send all TCP traffic with the DF flag set (which I can see no reason for unless M$ IP stack cannot do refragmentation properly). This setting is changable as far as I know but I cannot seem to find the information at this time. Anyone?
As much as it saddens me to know the answer to a Win2K question (and believe me I'll never live this down), bust out regedt32.exe, head down to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and add the dword value EnablePMTUBHDetect = 1. This turns on the PMTU blackhole detection, where if it suspects the ICMP is being blocked because of its PMTU-D it will test the theory by retransmitting with the DF off to see whats up. While you're there, I recommend the following additions/changes as well (since windoze stuff isn't terribly easy to navigate): Tcp1323Opts = 3 (high perf long/fat pipe window scaling & timestamping) SynAttackProtection = 2 (its turned off by default, go figure :P) EnableICMPRedirect = 0 (most people dont filter icmp redirects right) TcpWindowSize = 262144 (turn up tcp windows if you have a good pipe) These are all in decimal btw (tcpwindowsize is the only one where it matters), and all dword. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/humble PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
participants (1)
-
Richard A. Steenbergen