Home page logo
/

nanog logo nanog mailing list archives

Re: PMTU-D: remember, your load balancer is broken
From: "Brett Frankenberger" <rbf () rbfnet com>
Date: Wed, 14 Jun 2000 07:21:54 -0500


----- Original Message -----
From: <Valdis.Kletnieks () vt edu>

Good point.  It's been a long day, I wasn't QUITE thinking
straight.  Another respondent commented that Windows98 apparently
nails an MTU of 576 on a dialup - Apparently I've not run into
any Windows98 people setting their clocks off the server I got
the numbers from.  Also, he said that ADSL uses just under 1500.
I don't have a Win98 or ADSL handy to check. ;)

Small MTUs at the ends don't matter.  If I dial up with a Windows 98
machine and negotiate an MTU of 576 bytes, the MSS will be set
accordingly in the TCP SYN and SYN ACK frames that I send, and the far
end will start with 576 byte frames.  No PMTU Discovery required.

Same thing with ADSL or end-user VPN stuff.

PMTU Discovery is important when you have larger MTUs on the ends and
small MTUs in the middle.  For example, a tunnel (VPN or otherwise)
between two routers or VPN servers, for a WAN link with a small MTU, or
...

It's a real problem, and the Load Balancer manufacturers need to handle
the ICMPs properly.  But it's not so bad that everyone with a 576 byte
Windwos 98 PPP dial-up would be unable to reach Load Balanced sites.
(Arguably, it would be better if it were a problem for such users,
because that would guarantee that the problem would get fixed quickly
...)

     -- Brett





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault