MTU path discovery and IPSec
owen at delong.com
Wed Dec 3 16:37:40 UTC 2003
A subtle correction...
A router where all MTUs are the same will never have to fragement
anything. A router where all MTUs are >=1500 will probably not
need to fragment anything. However, it is possible to attach
a host via GIG-E or other media which supports jumbo frames
(Frame relay, for example) and need to fragment to support a
1500 octet MTU. Currently, this would be a rare occurrence, but,
it is possible in some circumstances. Eventually, if this assumption
were to circulate widely, it could have similar consequences to many
other errant assumptions on the internet.
--On Wednesday, December 3, 2003 11:19 AM -0500 "Steven M. Bellovin"
<smb at research.att.com> wrote:
> In message <120320031605.8838.1dea at comcast.net>, jgraun at comcast.net
>> Two questions:
>> 1) I assume MTU path discovery has to been in enabled on each router in
>> the pa th in order for it work correctly?!
> No -- it only has to be enabled on routers with smaller outbound MTUs
> than inbound. A router for which all links have a 1500-byte MTU
> doesn't need path MTU discovery; it will never need to fragment
> --Steve Bellovin, http://www.research.att.com/~smb
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 186 bytes
Desc: not available
More information about the NANOG