On Thu, Jan 26, 2006 at 11:53:03PM +0100, Manuel Bouyer wrote:
> On Thu, Jan 26, 2006 at 02:54:19PM -0500, der Mouse wrote:
> > >> The real problem is on the other end: hosts which try to do PMTU-D,
> > >> but are behind boxes (usually misconfigured firewalls) which drop
> > >> the ICMPs necessary for PMTU-D to function.
> > > Not only, some PPPoE setup just won't send the ICMP unreachable
> > > message, because the equipement at which the MTU is lowered doesn't
> > > appear at the IP level.
> > 
> > You mean things like ATM?  But that won't listen to the DF bit, either,
> > will it?  So there's no issue (except the loss rate increase provoked
> > by fragmentation).
> > 
> > Or you mean there are setups which silently drop too-large packets
> > without any notification to anyone?  I have trouble calling those
> 
> The issue here is that the equipement can neither fragment nor return a ICMP
> error message, because it's not an IP equipement. The packet is just dropped.

Isn't then the problem in the IP equipment that sends too large packets
through such non-IP equipment (what nom-IP equipment exactly? An Ethernet
to ATM bridge?)? Shouldn't the IP equipement at the end of such link
simply lower the MTU?

Pavel Cahyna