Subject: Re: IP DF problems (again)
To: Jukka Marin <>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: current-users
Date: 02/01/1998 04:26:44
On Sun, 1 Feb 1998 14:05:12 +0200, Jukka Marin writes:


>Is there a way to tell the NetBSD 1.2 router to fragment the packets so
>they would get through?  I have mailed to the postmaster of the sender
>system, but if every single m$ driven machine in the world has this problem,
>I will spend the rest of my life trying to convince them to get their TCP/IP
>fixed... :-(
>It should be illegal to connect broken systems to the net!

Amen to that.

But if the packets have DF set, then surely it's a Bug to fragment
them.  I think that'd break PMTU discovery, wouldnt it?

>From your dump it looks like NetBSD 1.2 isnt including the nexthop MTU
in its ICMP_UNREACH_NEEDFRAG reply.  Maybe the misbehaving host would
be less broken if NetBSD sent back a NEEDFREAG response with the
nexthop MTU for PMTU discovery?  

If not, you might be stuck with increasing your PPP MTU to 1500 bytes;
I think that's less broken than fragmenting the DF packet.  Maybe we
should consider keeping two MTUs per interface: the real MTU for
badly-behaved hosts, and the MTU we'd have if it wasnt for bugs like
this, and that we advertise via routing, PMTU, etc....