In message <87zo4u8t97.fsf@cb293842-b.rmdws1.il.home.com>Hal Snyder writes
>Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us> writes:
>> 
>> "FW", configurated in violation of RFC2979, blocks all ICMP packets,
>> including ICMP "fragmentation needed" messages, so WS never knows to
>> shrink its MTU to CL.

Nitpick: RFC-2979 is an informational RFC, so "in violation of" isn't
exactly well-defined. It is a simple statement of fact that there are
many such boxes in today's Internet, they aren't going away, (the
population of such boxes may be growing faster than its fixed) and it
behooves us to play well even in the presence of such boxes.

Either we do robust PMTU discovery, or we cannot reply on PMTU working
reliably - because it just doesn't in the Internet, as it stands today.


>What Bill says. Here's another picture. "R" is a generic IPv4 router
>(e.g. Zebra/NetBSD) connecting one enterprise site to another over a
>private link. The "NB" routers are BGP peers to each other and to
>external ISP's.
>
>Same problem. No PPPoE, just GIF wrapper for iBGP.

>              
>____         ____  ___     ___  ____               ____      ____
>|CL|----E----|NB|--|R|-WAN-|R|--|NB|---Internet----|FW|------|WS|
>----         ----  ---     ---  ----               ----      ----
>               \...  iBGP/gif .../


Isn't Thor's point that, if NB == NetBSD box, this only happens
when the NetBSD NB boxes also have ipnat enabled?