>>> [setting route MTUs]
>> Which still means you have to do it for each and every machine
>> behind a pppoe router.  It's hard to cope from our understanding of
>> standards conformance, but we *realy* need a MSS clamping option for
>> routers!
> I'll second that.  Setting MTU on routes isn't enough,

To start with, it's the wrong thing.

Setting your MTU affects the largest segment _you'll_ send, and for
that, you might as well set a route MTU on the router and let your
endpoints do PMTU-D.

What the MSS option affects is the largest segment _your peer_ sends,
and in the usual "won't-frag disease" case (RFC2923 section 2.1), this
is the one that matters.

The MSS option really should be taken from the MRU, and the only excuse
for using the MTU instead is that the MTU usually equals the MRU.
(Indeed, the only case I know of where they aren't always equal is PPP,
and there, they almost always are in practice.)

I still don't like it.  Even as I can see the utility of it to some
folks, I believe that adding kludges to work around other people's
brokenness is almost invariably a Bad Thing, since it removes their
incentive to fix their brokennesses.  And that's what MSS clamping is,
a kludge to work around peers that try to do PMTU-D but never receive
(or ignore) the need-frag ICMPs that underly it.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B