nanog mailing list archives
Re: PMTU and Broken Servers
From: Joe St Sauver <JOE () OREGON UOREGON EDU>
Date: Thu, 08 May 2003 07:51:54 -0700 (PDT)
Hi Leo, #The tunnel between the tunnelboxes is a lower (1480) MTU. Originally #the user couldn't access some servers, turns out the firewall was #filtering ICMP Can't Fragment messages, preventing PMTU from working #in the server->user direction (tunnelbox1 would generate Can't #Fragement, firewall would filter). This is actually a more broadly present problem than you might think. I talked about this in the context of a jumbo frames presentation ("Practical Issues Associated with 9K MTUs") I did for the February NLANR/I2 Joint Techs in Miami; see: http://darkwing.uoregon.edu/~joe/jumbos/ (PDF and PowerPoint versions provided) #I find it slightly #(emphasis on the slightly) that someone would turn on PMTU discovery, #and then filter it out right in front of the boxes where they turned #it on. Different folks are probably driving the server network configuration and the firewall/border router configuration process. Disconnect is not inconceivable in that scenario by any means. #This is a new problem to me, but I'm sure people have run into it #before. Are the servers really that broken (PMTU enabled, ICMP #Can't Fragement filtered)? Yes, it is a huge issue potentially. Regards, Joe St Sauver (joe () oregon uoregon edu) Univeristy of Oregon Computing Center
Current thread:
- Re: PMTU and Broken Servers, (continued)
- Re: PMTU and Broken Servers Stephen J. Wilcox (May 08)
- Re: PMTU and Broken Servers Dalvenjah FoxFire (May 09)
- Re: PMTU and Broken Servers bdragon (May 10)
- Re: PMTU and Broken Servers Curtis Maurand (May 12)
- Re: PMTU and Broken Servers Stephen J. Wilcox (May 12)
- Re: PMTU and Broken Servers Stephen Sprunk (May 12)
- Re: PMTU and Broken Servers Niels Bakker (May 13)
- Re: PMTU and Broken Servers Curtis Maurand (May 12)
- Re: PMTU and Broken Servers Stephen J. Wilcox (May 12)
- Re: PMTU and Broken Servers Curtis Maurand (May 12)
- Re: PMTU and Broken Servers Stephen J. Wilcox (May 12)
- Re: PMTU and Broken Servers Leo Bicknell (May 08)
- Re: PMTU and Broken Servers Mikael Abrahamsson (May 08)
- Re: PMTU and Broken Servers Leo Bicknell (May 08)
- Re: PMTU and Broken Servers Mikael Abrahamsson (May 08)
- Re: PMTU and Broken Servers Richard A Steenbergen (May 08)
- Re: PMTU and Broken Servers Marc Binderberger (May 10)
- RE: PMTU and Broken Servers Hank Nussbacher (May 12)