From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 5F4A71381F3 for ; Mon, 2 Sep 2013 18:34:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 87CDFE0CA1; Mon, 2 Sep 2013 18:34:28 +0000 (UTC) Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com [209.85.212.170]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 51F70E0C9A for ; Mon, 2 Sep 2013 18:34:27 +0000 (UTC) Received: by mail-wi0-f170.google.com with SMTP id cb5so1312644wib.3 for ; Mon, 02 Sep 2013 11:34:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=BNRtAFKXgtmgdNQvXWxbxasFvCY0MELRwh7/EbwG3o8=; b=atlV23pbX/M4UbN6CLwmocIa8UTSbNybMkHv135sPlNoutESFhXEbxWP40mX5flHHp +LXHd/ndvnnmTmBcIFst73wi9FiVF3NuPE4paS95aaxhVla5/J0uWE0dv160vwb5H6m3 9sKc9MihrSnnpDT2Q3GgaVSyQm3cyYQhteIh/Emaz1biZ4Z2yw1Vf6paC5c9CL7oNnCe zFyJnFqJLWjdHct3DSZ0O5PoYg4+HgRwX8fyXQeDbWxIE4Dy6E69wXZ3CG3MtUNKFCQE +Tqcg6F9oRnbAfRnYBsmJ8lYlJYOk/D5canR34q+rqQK8mgjilMbEWDvjujG7mlrPiSy 99qA== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 X-Received: by 10.180.39.212 with SMTP id r20mr14841324wik.13.1378146865999; Mon, 02 Sep 2013 11:34:25 -0700 (PDT) Received: by 10.194.93.199 with HTTP; Mon, 2 Sep 2013 11:34:25 -0700 (PDT) In-Reply-To: <201309011951.25378.michaelkintzios@gmail.com> References: <201309011753.17624.michaelkintzios@gmail.com> <201309011951.25378.michaelkintzios@gmail.com> Date: Mon, 2 Sep 2013 11:34:25 -0700 Message-ID: Subject: Re: [gentoo-user] PMTUD From: Grant To: Gentoo mailing list Content-Type: text/plain; charset=ISO-8859-1 X-Archives-Salt: d411c207-dd92-4c82-9c49-ed05c617b4a5 X-Archives-Hash: 3cfa37a51470da62c8ab97b3ee8929b2 >> >> OK, does PMTUD lower the outgoing packet size on my system due to the >> >> hotel router's lower MTU or does the hotel router itself fragment my >> >> 1500 byte packets in order to send them out? Just curious. >> > >> > If you are sending out packets with the DF bit set no fragmentation will >> > take place - the packet is dropped and an appropriate message is >> > returned to sender. Otherwise the router will fragment them and send >> > them on to the recipient address. >> >> Shouldn't PMTUD change my MTU based on the hotel router's lower MTU? > > Yes, it should. At the start of the connection the sender sends DF in the > header to find out what is the MRU that the network nodes will support. Then > sends packets of the appropriate size so that they get through with no > fragmentation. This is the optimal scenario. > > Now, imagine another scenario where some router/firewall/server does not send > back the correct ICMP packet with its required MRU, or even worse it sends > back a 1500 (full ethernet) size with DF set, or also drops fragments ... This > reminds me of MSN IM which was a particularly bad implementation back when. > > The sender may eventually try a smaller packet, after initially increasing the > time it waits for a response, and you could well get something through 30 > seconds later, or even give up and time out. Here's my layout: laptop+shorewall (MTU:1500) -> hotel router (MTU:?) -> internet -> Westell modem/router (MTU:1492) -> desktop+shorewall (MTU:1500) Shouldn't PMTUD change the desktop's MTU to 1492? Is the fact that it doesn't due to a flaw in the Westell's operation? Should I manually change the desktop's MTU to 1492 along with that of other systems on its LAN? > If you are using Shorewall at your remote server I would expect it to behave > properly and return the correct ICMP packet when it receives a DF. However, I > am not familiar with the Shorewall properties and settings, so if you suspect > this as the cause of your problem it would be better if you look into it > properly. So I'm sure I understand, this doesn't apply if ICMP is dropped at the Westell? - Grant