port-macppc: Re: Networking question MTU on non-local nets

Subject: Re: Networking question MTU on non-local nets
To: None <port-macppc@netbsd.org>
From: Donald Lee <MacPPC@caution.icompute.com>
List: port-macppc
Date: 06/15/2003 09:07:09
At 12:54 PM +0200 6/15/03, Manuel Bouyer wrote:
>On Sat, Jun 14, 2003 at 10:59:28AM -0500, Donald Lee wrote:
>> My reading of the RFCs tells me that the 1.5.2 behavior is broken, though.
>
>It depends. How old is the RFC about non-local packets size ?

I read in the RFCs that MTU for non-local paths should be set to 576.
Re-reading, I see that I was not quite right, but close.....

I'm relying on RFC 1191 and 1122

rfc 1122 says:

         section 3.3.3
	....
	 It is generally desirable to avoid local fragmentation and to
         choose EMTU_S low enough to avoid fragmentation in any gateway
         along the path.  In the absence of actual knowledge of the
         minimum MTU along the path, the IP layer SHOULD use
         EMTU_S <= 576 whenever the destination address is not on a
         connected network, and otherwise use the connected network's
         MTU.

and 1191 (PMTU-D RFC) says:

	introduction
	.....
	The current practice [1] is to use the lesser of 576 and the
	first-hop MTU as the PMTU for any destination that is not connected
	to the same network or subnet as the source.  In many cases, this
	results in the use of smaller datagrams than necessary, because many
	paths have a PMTU greater than 576.

Both of these are old - pre-1991.

My real authority is that NetBSD 1.6.1, the premier OS on the 'net does it
that way. ;->


>> Unless you have PMTU turned on, using an ethernet MTU out "in the internet" is
>> not safe.
>
>It should be. If the router with the low MTU link can send back an ICMP
>unreachable for PMTU to work, it should as well be able to fragment the
>packet (anf fragmenting big packets which don't have the DF bit set *is*
>a requirement).
>
>I guess that with the developement of pppoe for ADSL, more and more
>networks don't comply with this requirement (typically because the
>big -> small MTU switch happens at a non-IP device), so the requirement
>of using a small MTU for non-local addresses is only a workaround for such
>brocken setups.

There is a difference between what you can get away with, and what is
"proper".

Clearly I can get away with sending out 1400+ byte packets to the internet
with impunity.  (for some values of "impunity")
I've been running this way for at least 2 years, with
only a tiny number of complaints.

However, the reason for the smaller MTU on non-local links is to make
things work even if setups _are_ broken.  As we all know, on the
internet, brokenness may not be the rule, but it's by no means the exception.

-dgl-