North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Path-MTU-discovery
On Mon, 17 Jul 2000, Mikael Abrahamsson wrote: > On Sun, 16 Jul 2000, Greg A. Woods wrote: > > > Experience is beginning to suggest that it's the vast majority of them > > that use PMTUd now. Where it doesn't work _at_all_ on the "client" side > > you quickly find out that perhaps as many as 2/3's (anecdotally > > measured) of the "popular" web servers out there seem to be unusable > > I am behind a tunnel with something like 1446 MTU. It works just nicely, I > have not found any sites so far that won't work. > > On the other hand, at work we're doing some tunneling using ciscos. Due to > routing etc the ICMP "need-to-frag"-messages get lost and the people > behind those tunnels cannot use 90% of the www sites (so they have to > resort to proxies). Seems to me that PMTUd works better than most people > think. > > I do believe that NT and Win2k comes default with a registry setting that > makes it send all TCP traffic with the DF flag set (which I can see no > reason for unless M$ IP stack cannot do refragmentation properly). This > setting is changable as far as I know but I cannot seem to find the > information at this time. Anyone? As much as it saddens me to know the answer to a Win2K question (and believe me I'll never live this down), bust out regedt32.exe, head down to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters and add the dword value EnablePMTUBHDetect = 1. This turns on the PMTU blackhole detection, where if it suspects the ICMP is being blocked because of its PMTU-D it will test the theory by retransmitting with the DF off to see whats up. While you're there, I recommend the following additions/changes as well (since windoze stuff isn't terribly easy to navigate): Tcp1323Opts = 3 (high perf long/fat pipe window scaling & timestamping) SynAttackProtection = 2 (its turned off by default, go figure :P) EnableICMPRedirect = 0 (most people dont filter icmp redirects right) TcpWindowSize = 262144 (turn up tcp windows if you have a good pipe) These are all in decimal btw (tcpwindowsize is the only one where it matters), and all dword. -- Richard A Steenbergen <[email protected]> http://www.e-gerbil.net/humble PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
|