North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [NANOG] Microsoft.com PMTUD black hole?

  • From: Iljitsch van Beijnum
  • Date: Thu May 08 05:27:59 2008

On 8 mei 2008, at 9:53, Joel Jaeggli wrote:

> Oddly enough there is a draft on the subject of icmp filtering
> recomendations is making the rounds.

> http://tools.ietf.org/wg/opsec/draft-gont-opsec-icmp-filtering-00.txt

> The opsec working group ([email protected]) and the authors would
> appreciate feedback from operators on the subject.

Speaking as someone who isn't interested in reading an explanation of  
what happens when the message is filtered for every ICMP message known  
to man, I find this a completely useless document: I can't find the  
recommendations. Either they're there but impossible to find by  
looking at the table of contents or searching for "recommend", or  
they're not there in which case the title is EXTREMELY misleading.

Also:

2.1.1.5.4. Operational/interoperability impact if blocked Filtering  
this error message breaks the Path-MTU Discovery mechansim described  
in [RFC1191].

This is completely insufficient because it doesn't mention that 99% of  
all TCP traffic on today's internet uses PMTUD and filtering these  
messages leads to broken connectivity towards destinations that have  
an MTU lower than the source (lower than 1500 in practice).

Please spell check and five levels of numbering is considered bad style.

_______________________________________________
NANOG mailing list
[email protected]
http://mailman.nanog.org/mailman/listinfo/nanog