Subject: Re: Patch for timiting TCP MSS (i.e. for new PPPoE)
To: Rick Byers <rb-netbsd@BigScaryChildren.net>
From: Steven M. Bellovin <firstname.lastname@example.org>
Date: 12/02/2001 18:12:01
In message <Pine.NEB.4.33.0112021419560.1820-100000@Apenheul.BigScaryChildren.n
et>, Rick Byers writes:
>In order to work around buggy networks suffering from the PMTU blackhole
>problem (see RFC 2923), I've written up a quick patch which adds a sysctl
>to limit the advertised TCP MSS (I this this is preferable to lowering
>the interface MTU). Ideally, this could be configured per interface or
>per route, or even auto-detected on a host-by-host basis - but all of
>those options require much more work.
But the problem is that a per-connection fix requires changing every
application. I don't think that that scales.
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com