Home page logo

nanog logo nanog mailing list archives

Re: Common operational misconceptions
From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Tue, 21 Feb 2012 12:27:26 +0900

Steven Bellovin wrote:

Timer timeouts do not affect TCP MSS.

RFC 2923:
       TCP should notice that the connection is timing out.  After
       several timeouts, TCP should attempt to send smaller packets,
       perhaps turning off the DF flag for each packet.  If this
       succeeds, it should continue to turn off PMTUD for the connection
       for some reasonable period of time, after which it should probe
       again to try to determine if the path has changed.


It's Informational, not standards track, but the problem
-- and the fix -- have been known for a very long time.

I'm not sure what, do you think, is the problem, because the
paragraph of RFC2923 you quote has nothing to do with TCP

The relevant section of the RFC (relevant to MSS) should be:

   The MSS should be determined based on the MTUs of the interfaces on
   the system, as outlined in [RFC1122] and [RFC1191].

which means MSS is constant.

Note also that the next paragraph (next to the paragraph you
quote) of the RFC eventually says to use PMTU of 1280B for
IPv6 if there are black holes. It is not a very good thing
to do especially for IP over IP tunnels, because 1280B
packets are always fragmented if they are carried over a
tunnel with MTU of 1280B.

As implosion cause by multicast PMTUD of IPv6 requires ICMP
PTB black holed, you can expect a lot of black holes.

                                        Masataka Ohta

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]