From: Grant <emailgrant@gmail.com>
To: Gentoo mailing list <gentoo-user@lists.gentoo.org>
Subject: Re: [gentoo-user] PMTUD
Date: Thu, 5 Sep 2013 05:52:13 -0700 [thread overview]
Message-ID: <CAN0CFw3tv=5aU0z_twQHC6xqcDnBmuQ1Op6s3YDiPEBXeHCNmg@mail.gmail.com> (raw)
In-Reply-To: <201309022329.51832.michaelkintzios@gmail.com>
>> Here's my layout:
>>
>> laptop+shorewall (MTU:1500) -> hotel router (MTU:?) -> internet ->
>> Westell modem/router (MTU:1492) -> desktop+shorewall (MTU:1500)
>>
>> Shouldn't PMTUD change the desktop's MTU to 1492?
>
> Your desktop's PMTUD will get an ICMP response from Westell as it tries to
> traverse through it and it will adjust the outgoing packet size accordingly.
>
> Ditto with your laptop, when it tries to establish a connection with your
> desktop.
>
>
>> Is the fact that it
>> doesn't due to a flaw in the Westell's operation? Should I manually
>> change the desktop's MTU to 1492 along with that of other systems on
>> its LAN?
>
> It won't harm if you do. However, we don't know for a *fact* that the Westell
> is not returning the appropriate ICMP packets (Type 3, Code 4) to your laptop,
> or your desktop.
>
> You can use tcpdump to see what's being sent back and forth.
Ah, so PMTUD doesn't actually change the setting reported by ifconfig.
It's done on-the-fly.
>> > If you are using Shorewall at your remote server I would expect it to
>> > behave properly and return the correct ICMP packet when it receives a
>> > DF. However, I am not familiar with the Shorewall properties and
>> > settings, so if you suspect this as the cause of your problem it would
>> > be better if you look into it properly.
>>
>> So I'm sure I understand, this doesn't apply if ICMP is dropped at the
>> Westell?
>
> ICMP echo request may be dropped by Westell's firewall, but ICMP Type 3, Code
> 4 could well be returned when a TCP connection is being initiated by your
> laptop. I don't know how ham-fisted Westell's firewall settings are.
>
> Meanwhile, stating the obvious, have you tried using the desktop squid proxy
> while you are inside your LAN with the same laptop to see if the problem
> remains?
That's a fine idea and I will do so once I get back there. Thanks for
the education Mick. :)
- Grant
prev parent reply other threads:[~2013-09-05 12:52 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-27 8:10 [gentoo-user] PMTUD Grant
2013-08-27 14:27 ` Mick
2013-09-01 7:40 ` Grant
2013-09-01 8:37 ` Mick
2013-09-01 10:31 ` Grant
2013-09-01 12:00 ` Mick
2013-09-01 12:09 ` Grant
2013-09-01 11:17 ` Grant
2013-09-01 12:57 ` Mick
2013-09-01 13:59 ` Grant
2013-09-01 15:43 ` Mick
2013-09-01 16:17 ` Grant
2013-09-01 16:53 ` Mick
2013-09-01 17:54 ` Grant
2013-09-01 18:51 ` Mick
2013-09-02 18:34 ` Grant
2013-09-02 22:29 ` Mick
2013-09-05 12:52 ` Grant [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAN0CFw3tv=5aU0z_twQHC6xqcDnBmuQ1Op6s3YDiPEBXeHCNmg@mail.gmail.com' \
--to=emailgrant@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox