From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-150298-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 0CF551381F3
	for <garchives@archives.gentoo.org>; Sun,  1 Sep 2013 18:51:59 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 214C6E107C;
	Sun,  1 Sep 2013 18:51:49 +0000 (UTC)
Received: from mail-we0-f172.google.com (mail-we0-f172.google.com [74.125.82.172])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id E6998E106B
	for <gentoo-user@lists.gentoo.org>; Sun,  1 Sep 2013 18:51:47 +0000 (UTC)
Received: by mail-we0-f172.google.com with SMTP id n5so2231868wev.31
        for <gentoo-user@lists.gentoo.org>; Sun, 01 Sep 2013 11:51:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=from:reply-to:to:subject:date:user-agent:references:in-reply-to
         :mime-version:content-type:content-transfer-encoding:message-id;
        bh=cvHz9l3aDFc8co6PYV9lLtJCPhi66w0Q6zU/JClOP1Y=;
        b=vy+K2/3wCEBAYqaYcbvBN9g+9IeYVsbIiPcO37dmZSwll7sljSjL96DtbLFY7Fsk06
         k13HZMwdxpPXCpFRKYfA6Zu/76pmDOT+Y7c+98Fx1RlyMVHPJBxS/BiRulBwk7JBXqO2
         oiSZbaFYgYomV2zmK+ASQaKNBGTaORqQH1/Y5M0xNRw3ENC93KUoIY66D9kmIzDs55Ss
         aFeeR3h2YoKWGoYO4Pi2glAIzhm1vpfCYnABS+oRW2EetwBbJz/PMEAIwRIiscIeM4dZ
         iPXDbXDji8HYqW8HB09LCYdNQ53rvH09GfDO6MiWPH8ZRAlf5fb/eQNYyZLNhWLpqN+3
         BstQ==
X-Received: by 10.180.95.101 with SMTP id dj5mr10502808wib.37.1378061506636;
        Sun, 01 Sep 2013 11:51:46 -0700 (PDT)
Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa. [217.169.3.230])
        by mx.google.com with ESMTPSA id om9sm12384500wic.8.1969.12.31.16.00.00
        (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
        Sun, 01 Sep 2013 11:51:46 -0700 (PDT)
From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] PMTUD
Date: Sun, 1 Sep 2013 19:51:06 +0100
User-Agent: KMail/1.13.7 (Linux/3.10.7-gentoo; KDE/4.10.5; x86_64; ; )
References: <CAN0CFw1NOD-cfwwOZuU8geHbLP7kzgc9FRGa+3nRFp9sbBGowA@mail.gmail.com> <201309011753.17624.michaelkintzios@gmail.com> <CAN0CFw2ux87m6FRoFwbhyAyM_X_M5Nw_iHiGow5Von1gx_v0FA@mail.gmail.com>
In-Reply-To: <CAN0CFw2ux87m6FRoFwbhyAyM_X_M5Nw_iHiGow5Von1gx_v0FA@mail.gmail.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/signed;
  boundary="nextPart5722476.qyzIG2qbQL";
  protocol="application/pgp-signature";
  micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
Message-Id: <201309011951.25378.michaelkintzios@gmail.com>
X-Archives-Salt: 583d9e22-ea49-4926-90a8-a790d921b764
X-Archives-Hash: 99f6e8e240a114ef9ce568201b8c88cf

--nextPart5722476.qyzIG2qbQL
Content-Type: Text/Plain;
  charset="utf-8"
Content-Transfer-Encoding: quoted-printable

On Sunday 01 Sep 2013 18:54:45 Grant wrote:
> >> OK, does PMTUD lower the outgoing packet size on my system due to the
> >> hotel router's lower MTU or does the hotel router itself fragment my
> >> 1500 byte packets in order to send them out?  Just curious.
> >=20
> > If you are sending out packets with the DF bit set no fragmentation will
> > take place - the packet is dropped and an appropriate message is
> > returned to sender.  Otherwise the router will fragment them and send
> > them on to the recipient address.
>=20
> Shouldn't PMTUD change my MTU based on the hotel router's lower MTU?

Yes, it should.  At the start of the connection the sender sends DF in the=
=20
header to find out what is the MRU that the network nodes will support.  Th=
en=20
sends packets of the appropriate size so that they get through with no=20
fragmentation.  This is the optimal scenario.

Now, imagine another scenario where some router/firewall/server does not se=
nd=20
back the correct ICMP packet with its required MRU, or even worse it sends=
=20
back a 1500 (full ethernet) size with DF set, or also drops fragments ... T=
his=20
reminds me of MSN IM which was a particularly bad implementation back when.

The sender may eventually try a smaller packet, after initially increasing =
the=20
time it waits for a response, and you could well get something through 30=20
seconds later, or even give up and time out.

If you are using Shorewall at your remote server I would expect it to behav=
e=20
properly and return the correct ICMP packet when it receives a DF.  However=
, I=20
am not familiar with the Shorewall properties and settings, so if you suspe=
ct=20
this as the cause of your problem it would be better if you look into it=20
properly.

=2D-=20
Regards,
Mick

--nextPart5722476.qyzIG2qbQL
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)

iQEcBAABAgAGBQJSI4ytAAoJELAdA+zwE4YeRDwH/R/9QCczWpfT7DFc5Ju3GmL5
s0gZerEE0FiN0j0vscg8jSkn8cxWxJTiJfb4Bu4qevJUPes2aEqjGyC7Hy8Ct8dI
Xk8WXIB9qtPgCpgktEkCz1m/rqN4Jwo/4BACZbAF0KOLoLOVtwnTe4f5xuNxDdCe
cGl/O3YBkAUTbArTs2d+WIrrm/T0ETuPUsuSroDLZJGmvSgH+i2RlLuLF2ORwg0r
zsjlEhiotxe40eJDpskn5ONrO057acRN+UrrjqqcaRelnJ5s7+N6VWoGN3D0Z/Vw
UHYGlrDIr4t3EDF7QOQXBoKWcUfQQIlZGyku2t9Xth1DdjujWIjAbQOAbHwZ8bU=
=1PB9
-----END PGP SIGNATURE-----

--nextPart5722476.qyzIG2qbQL--