On Thu, 08 Jun 2006 22:04:34 +0100
Rui Paulo <rpaulo@fnop.net> wrote:

> At Thu, 8 Jun 2006 22:58:34 +0200 (CEST),
> Hubert Feyrer wrote:
> > 
> > On Thu, 8 Jun 2006, Rui Paulo wrote:
> > > My guess is that route -mtu doesn't work as it should.
> > 
> > At least 'route get' showed the right MTU...
> 
> Yeah, but in the end it failed to advertise the correct Maximum
> Segment Size in the TCP header.

See RFC1191:

   [...] The MSS option should be 40 octets less than the
   size of the largest datagram the host is able to reassemble (MMS_R,
   as defined in [1]); in many cases, this will be the architectural
   limit of 65495 (65535 - 40) octets.  A host MAY send an MSS value
   derived from the MTU of its connected network (the maximum MTU over
   its connected networks, for a multi-homed host); this should not
   cause problems for PMTU Discovery, and may dissuade a broken peer
   from sending enormous datagrams.

I guess my argument would be that in the age of PTMUD and multiple
interfaces per host, the MSS option is pretty weak, and really shouldn't
be depended on to restrict the MTU of the packets sent.

Ummm, there are plenty of people who disagree (vociferously) with this.

Kevin
kml@patheticgeek.net