North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Maybe I'm misreading this but...

  • From: I Am Not An Isp
  • Date: Sat Oct 17 03:54:13 1998 
At 06:38 AM 10/17/98 +0000, Michael Shields wrote:
>In article <[email protected]>,
>Marc Slemko <[email protected]> wrote:
>> Note that if there is no MTU change at that point, there is no problem
>> because there will never (well, almost never and the almost is dependent
>> on having funky/broken routers) be any reason to be unable to fragment at
>> that hop.
>
>For this to be ok, you also have to be certain that whenever you add
>an interface to that router -- by adding a card, configuring a tunnel,
>or anything -- that you stop and check whether you need to renumber
>the 1918-using interfaces.  For a dialup box, you also need to be sure
>it will never create a PPP session with an MTU unequal to the MTU of
>all the other interfaces.  These things are possible, but it's more
>likely that PMTU will be broken because no one will think about it
>when adding an interface.

If we're going to argue about this, we might as well get it completely
right.  As long as the RFC1918 links are always on the smallest MTU pipes,
or on the pipes which only speak to the internal network, it won't break
anything even if everyone on the 'Net filters.

For instance, assume you have a FDDI with a MTU of 16KB pointed to your
server farm with 10.1.1.1 on it and a bunch of T1s and DS3s to random
upstreams.  As long as the FDDI is incapable of originating packets that
will leave your own network (and as long as you don't filter your own
router's address) PMTU will *never* break, no matter who filters.  Well, I
guess you could add another link with an MTU higher than 16KB, which I find
highly unlikely.

Another way to look at it, assume you have a PPP link with a MTU of 576.
Unless that router has something like dial-up links, the likelihood of PMTU
breaking because of an RFC1918 address on that link is nearly nil.

But then again, we've already established that the four largest providers
on the 'Net, plus several other large providers (Exodus, Above.Net,
Concentric, etc., etc.) all do not filter based on source IP address.  So
the likelihood of a filter breaking PMTU due to RFC1918 space on router
links is already pretty small.

>Shields, CrossLink.

TTFN,
patrick


I Am Not An Isp
www.ianai.net
"Think of it as evolution in action." - Niven & Pournelle