Date: Thu, 8 Jun 2000 19:21:57 +1200 From: Dave Preece <dave.preece@kbgroup.co.nz> To: "Kenneth D. Merry" <ken@kdm.org> Cc: freebsd-hackers@freebsd.org Subject: RE: Path MTU discovery. Message-ID: <67B808B0DD93D211ABEE0000B498356B02BC71@internet.kbgroup.co.nz>
next in thread | raw e-mail | index | archive | help
> > Just learning about this: I can see the advantages but does > anything use it? > > Sure, TCP uses it. > > TCP (at least in FreeBSD) sets the "don't frag" bit on all > its outgoing > packets. Good lord, so it does. Mental note, packet sniff before posting in future. So... thinking about what this means for firewalls and natd. If we block all incoming ICMP's across the firewall, it is quite possible that a server behind the firewall could completely fail to send packets to a client on a smaller MTU (modem user with MTU set to 576, for instance). Likewise natd would need to look at an incoming ICMP and if it's a "can't fragment" message, address translate it and send it onwards back to the IP that caused the error to happen. Hmmmmm. I'll hit the books. Return to the temple of Mr Stevens. Dave :) BTW, NT appears to set the DF flag too. If you cared. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?67B808B0DD93D211ABEE0000B498356B02BC71>