[NANOG] Microsoft.com PMTUD black hole? (working with Microsoft on issues)

Janet Sullivan netgeek at bgp4.net
Thu May 8 21:35:03 UTC 2008


I thought I'd post a few constructive comments on this thread. (Full 
disclosure:  I am an ex-Microsoft employee.  I do not speak for the 
company, I'm just trying to help out the network community.)

1) Yes, Microsoft blocks ICMP for the most part, which will break Path 
MTU Discovery.  This is a known issue.  If you run into it, its most 
likely because the servers you are trying to talk to in MS-land don't 
have black hole router detection turned on.

2)  Instead of trying to get all the various ACLs and firewalls in 
Microsoft fixed to allow PMTUD, you are more likely to experience joy if 
you can contact the server owners.  Ask if they have black hole router 
detection turned on, and if not, if they can do so.

3) So how do you get in contact with the server owners or MSN's 
networking people?  msnalert at microsoft.com is your best bet.  That's the 
email address monitored by the basic Tier 1 "Service Operations Center". 
  They cut tickets, follow scripts, and do very basic front line work. 
They probably won't be able to fix the problem for you, but they CAN get 
you in touch with the right people.

4) FINDING the right people can be a challenge, even internally. 
Microsoft is a very big company, and its far from centralized.  Be 
specific in what URLs and IPs you are having trouble with, and be 
prepared to bounce around a bit. The people who run microsoft.com's 
servers aren't the same group that does hotmail, etc.  Have patience, 
and try to get ticket numbers for tracking at much as possible.

5) Try to give a realistic estimate of how many users are being impacted 
by the problem.  Your problem will be triaged as it moves through 
various groups, and yes, the response time may not be what you want. 
Your problem is one fire among many, and there aren't enough firefighters.

6) Be nice.  Seriously.  People love to hate Microsoft, and sometimes 
take it out on the poor overworked geeks who are trying to actually make 
things better.  Every vulnerability, BSOD, or Vista delay is not the 
fault of the network or systems engineer you get in touch with.  ;-)









More information about the NANOG mailing list