MTU path discovery and IPSec

Valdis.Kletnieks at Valdis.Kletnieks at
Thu Dec 4 23:50:02 UTC 2003

On Thu, 04 Dec 2003 18:03:38 EST, Barney Wolff said:

> That's not how PMTUD works.  If DF is set, you discard the packet and
> report back with ICMP.  If DF is not set, you frag the packet - but
> that's not PMTUD, because no report ever goes back to the sender.

Oh, so we compute ONE number if DF is set, saying what number we think they
should use - but if DF *isn't* set, we use a different number.  Sounds like more
complicated code that's just there so it can sink its teeth into the rump of the
first banana-eating NOC dweller that has to figure out what's wrong....

Unless of course there's a *reason* we want it different? Though it escapes me what
it might be....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list