Jason R. Thorpe wrote:

| NetBSD does not yet detect ICMP Black Holes.  These Black Holes occur
| when network administrators are allowed to configure firewalls without
| adult supervision.

I have generally succumbed to the temptation to turn it on anyway,
and and hope there's nobody I really want to send data to who is 
stuck behind a misconfigured filtering router (and other things).

I have also occasionally succumbed to the temptation of sending
out ethernet sized MTUs by default, and just dealing with 
the risks of fragmentation when there is a fabric in the path
which does not handle packets that large.  Such fabrics should
go the way of the dinosaur Real Soon Now (ideally 5 years ago).

However, that said, it is safest for NetBSD to ship with MTU path
discovery turned off until blackhole detection is working correctly,
so that people running servers etc. don't have to fiddle with sysctls
when coping with sometimes substantial numbers of clients which are
behind broken boxes.

On the other and I do not think it is unreasonable to cause actually broken
boxes actually to appear to be broken, which is what happens when
a blackhole is not detected and worked-around.   Someone might 
even get around to fixing misconfigured packet filters when things break.

I admit that I am a fanatic when it comes to networking efficiency
and stability though, and other people have different, and more 
conservative, opinions (which may even be valid sometimes). -:)

	Sean.