|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [NANOG] Microsoft.com PMTUD black hole?
Some Edumacation on the topic is here: http://www.netheaven.com/pmtu.html > -----Original Message----- > From: Iljitsch van Beijnum [mailto:[email protected]] > Sent: Wednesday, May 07, 2008 1:35 PM > To: Michael Sinatra > Cc: [email protected] > Subject: Re: [NANOG] Microsoft.com PMTUD black hole? > > On 7 mei 2008, at 21:46, Michael Sinatra wrote: > > >> MS does in fact block _all_ ICMP > >> at the edge of their network, that they are aware that > this will in > >> fact break PMTUD, and that they have no current plans to > change this > >> practice which they have implemented in the interest of security. > > > Perhaps > > they should also block _all_ TCP and UDP as well, and then > we can move > > on. > > > I agree with Iljitsch that it happens frequently, but I think I am > > justified in expecting more than that from Microsoft. > Anything less > > would be unprofessional. > > Right. > > Now Microsoft is also the company that built the OS that > could be crashed by a maliciously crafted fragmented IP > packet, so maybe there's something to this security policy. > (One hopes that this bug and others like it are now fixed.) > > However, in that case the only workable course of action > would be TO DISABLE PATH MTU DISCOVERY! > > You can't have your cake and eat it too. > > _______________________________________________ > NANOG mailing list > [email protected] > http://mailman.nanog.org/mailman/listinfo/nanog > _______________________________________________ NANOG mailing list [email protected] http://mailman.nanog.org/mailman/listinfo/nanog
|