Subject: Re: PMTUD blackhole detection
To: None <firstname.lastname@example.org>
From: Michael Richardson <email@example.com>
Date: 05/07/2001 09:48:21
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "itojun" == itojun <firstname.lastname@example.org> writes:
itojun> we may be able to go through tcb table and mark all the tcp
itojun> connections between the same address pair as "PMTUD broken".
itojun> however, i don't really like this since PMTUD breakage detection
itojun> is way too unreliable. if we have a reliable way to detect PMTUD
itojun> breakge, "mark all connection" approach looks fine for me.
If it has false positives (there is a blackhole), then we waste bandwidth.
If it has false negatives, then we have dead connections.
I know which one that I prefer :-)
If the rate of false positives is very high, then some may argue that this
is equivalent to turning off PMTU, but I'd rather have it on.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] email@example.com http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Comment: Processed by Mailcrypt 3.5.5, an Emacs/PGP interface
-----END PGP SIGNATURE-----