moved to tech-net.

> > Then how do you correct a situation where MTU is too small and some remote
> > site is doing PMTU discovery _and_ blocking ICMP packets?  Yes, the problem
> > should be fixed at the remote site, but what if you NEED to use that site
> > and they do NOT fix the problem?
>
>The correct solution is to fix the broken firewall.
>
>But, failing that, the endpoints should do something called "Black Hole
>Discovery", which detects ICMP black-holes and works around the braindamage
>in some way.

	in this situation, i guess blackhole discovery has to be implemented
	at the remote webserver, not my client side.
	(or is it possible for my http client to run tricks?)

	web server in remote
	  |
	broken firewall that filters all icmp	|
	  |					| large packet with DF=1 stuck
	router					v here
	  | path with smaller MTU
	router
	  |
	my client

itojun