>> My question:
>> 
>> My reading of the RFCs and of Richard Stevens tells me that the packets
>> destined for the "nonlocal" network should default to a max MTU of 512 (536).
>> 1.6.1 seems to do this, but 1.5.2 does not.
>> 
>> Can anyone can tell me if this is a bug, or something I need to do something
>> about.  Is there a sysctl setting I can set to make this work "correctly".
>
>I think it is something that got added between 1.5 and 1.6

My reading of the RFCs tells me that the 1.5.2 behavior is broken, though.

Unless you have PMTU turned on, using an ethernet MTU out "in the internet" is
not safe.  Same with using the MSS of the SYN.  Either of these is likely to
be larger than the smallest MTU on the routers in the path.
If you hit a small packet router (i.e. PPPoE, VPN, etc) the fragmented
or oversized packets effectively get silently dropped.  This behavior has to be
MI, and it's hard to believe that no one has run into this.

????

Bear in mind that my web server has been running this way on NetBSD since
1998, and I have had almost no complaints, but with a "public" web server,
complainers don't call you.

I ended up tracking this down because one of my customers finally had enough
complaints (this one was from Japan) that he pushed me to figure it out.

>> 
>> I have also learned that MTU path discovery is an option, but this is not
>> on by default, and I am a little afraid of it.  Are there any good reasons
>> not to enable this on a web server - a fairly busy one?
>
>I have it enabled on all my servers, and I didn't notice problems.

Thanks.  I've turned it on, too.

I'm going to watch the server, though, and make sure the extra route tracking
req'd by PMTU doesn't overwhelm something, somewhere... ;->

-dgl-