|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Who does source address validation? (was Re: what's that smell?)
On Wed, 09 Oct 2002 23:05:59 BST, "Stephen J. Wilcox" said: > On a related issue (pMTU) I recently discovered that using a link with MTU < > 1500 breaks a massive chunk of the net - specifically mail and webservers who > block all inbound icmp.. the servers assume 1500, send out the packets with DF My personal pet peeve is the opposite - we'll try to use pMTU, some provider along the way sees fit to run it through a tunnel, so the MTU there is 1460 instead of 1500 - and the chuckleheads number the tunnel endpoints out of 1918 space - so the 'ICMP Frag Needed' gets tossed at our border routers, because we do both ingress and egress filtering. It's bad enough when all the interfaces on the offending unit are 1918-space, but it's really annoying when the critter has perfectly good non-1918 addresses it could use as the source... Argh... -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech Attachment:
pgp00018.pgp
|