[AusNOG] PMTUD was -> RE: GRE Tunnel MTU suggestions
Mark Andrews
marka at isc.org
Thu Jul 3 09:38:27 EST 2014
In message <53B479A7.20203 at libertysys.com.au>, Paul Gear writes:
> On 07/02/2014 09:55 AM, Alex Samad - Yieldbroker wrote:
> > ...
> > {snip}
> >> PMTUD is better to use, MSS adjusting is a TCP specific hack. Don't switch it
> >> on unless you need to because PMTUD is broken.
> >
> > How broken is PMTUD now, I remember back in the day diagnosing a lot of DSL conne
> ction that failed because of this.
>
> After my experiences earlier in the year [1], I came to the conclusion
> that PMTUD is always broken, and turned on TCP MSS clamping on all our
> edge routers.
PMTUD stays broken because people turn on TCP MSS clamping. TCP MSS clamping
is a gross hack that I wish was never invented. Firewalls are over used and
rarely configured correctly.
There is no need to block icmp. There is no need to block fragments.
> Paul
>
> [1] http://lists.ausnog.net/pipermail/ausnog/2014-February/022606.html
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the AusNOG
mailing list