Home page logo
/

nanog logo nanog mailing list archives

Re: PMTU-D: remember, your load balancer is broken
From: "Bora Akyol" <akyol () akyol org>
Date: Sun, 18 Jun 2000 22:22:26 -0700


FYI, there are core routers out there that can support
line rate HW-based fragmentation. I believe this is necessary in any router
with heterogeneous interfaces.

Bora

----- Original Message -----
From: <Valdis.Kletnieks () vt edu>
To: "Paul Vixie" <vixie () mibh net>
Cc: <nanog () merit edu>
Sent: Saturday, June 17, 2000 10:06 PM
Subject: Re: PMTU-D: remember, your load balancer is broken



On Sat, 17 Jun 2000 11:59:30 PDT, Paul Vixie <vixie () mibh net>  said:
Valdis.Kletnieks () vt edu writes:
Has this changed?  Has "fragmentation" become a Great Evil, ... ?

Yes.  http://research.compaq.com/wrl/techreports/abstracts/87.3.html
says:
(abstract trimmed)
                              Research Report 87/3, December 1987

                              87.3 -- Fragmentation Considered Harmful
                              Fragmentation is at best a necessary evil;
it
                              can lead to poor performance or complete
                              communication failure. There are a variety
of

Yeah, I've known about that for a while.  What I *meant* was:

Has fragmentation been reclassified from "necessary evil that can
cause problems" to "Great Evil that must be avoided at all costs"?

For instance, we probably all agree that fragging on a core router
is Bad Juju and should be avoided if at all possible.  On the other
hand, how far should we jump through hoops (such as PMTU-D etc)
to avoid fragging on a last-hop modem link from a terminal server
to a PC?

I already spend far too much of my day (even with a lot of tools)
sending flame-grams to ISPs who drop us spam, or have open mail relays,
or start running NTP or tools that query ports 13/37 and forget to open
the firewall, and then complain about my machine probing them..

Enabling PMTU-D (even if it won't buy *my* boxes that much since their
local MTU is 1500) and getting people to fix their ICMP configurations
for the benefit of those sites that WILL profit is an option, but
only if there's general consensus that it's a fight worth fighting...

Valdis Kletnieks
Operating Systems Analyst
Virginia Tech





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault