RE: Small TCP packets == very large overhead == DoS?

["David LeBlanc" <dleblanc () mindspring com>]

> -----Original Message-----
> From: Darren Reed [mailto:avalon () coombs anu edu au]

> Following on from this, it occurs to me that the problem with the
> above can possibly be reproduced with TCP.  How ?  That thing called
> "maximum segment size".  The problem?  Well, the first is that there
> does not appear to be a minimum.  The second is that it is negoiated
> by the caller, not callee.  Did I hear someone say "oh dear" ?
 <snip>
> I can't see anything in the registry or MSDN which says what it
> is for Windows.  By experimentation, Win2000 appears to be 88,
> NT 4 appears to be 1

Windows NT (at least back to 4.0) and Win2k provide a registry key setting
that is generally recommended when using the system in a hostile
environment - from the NT 4.0 resource kit documentation:

============================================================
EnablePMTUDiscovery     REG_DWORD     0 | 1

Default: 1

Determines whether TCP uses a fixed, default maximum transmission unit (MTU)
or attempts to detect the actual MTU.

Value   Meaning
0       TCP uses an MTU of 576 bytes for all connections to computers outside the
local subnet.
1       TCP attempts to discover the MTU of the path to a remote host.
By discovering the Path MTU and limiting TCP segments to this size, TCP can
eliminate fragmentation at routers along the path that connects networks
with different MTUs. Fragmentation reduces TCP throughput and increases
network congestion.

Note

Windows NT does not add this value to the Registry. You can add it by
editing the Registry or by using a program that edits the Registry.
===========================================================

This value should be put into
HKLM\System\CurrentControlSet\Services\TcpIP\Paramters

David LeBlanc
dleblanc () mindspring com