MTU path discovery and IPSec

• Previous message (by thread): MTU path discovery and IPSec
• Next message (by thread): MTU path discovery and IPSec
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A subtle correction...

A router where all MTUs are the same will never have to fragement
anything.  A router where all MTUs are >=1500 will probably not
need to fragment anything.  However, it is possible to attach
a host via GIG-E or other media which supports jumbo frames
(Frame relay, for example) and need to fragment to support a
1500 octet MTU.  Currently, this would be a rare occurrence, but,
it is possible in some circumstances.  Eventually, if this assumption
were to circulate widely, it could have similar consequences to many
other errant assumptions on the internet.

Owen


--On Wednesday, December 3, 2003 11:19 AM -0500 "Steven M. Bellovin" 
<smb at research.att.com> wrote:

>
> In message <120320031605.8838.1dea at comcast.net>, jgraun at comcast.net
> writes:
>>
>> Two questions:
>>
>> 1) I assume MTU path discovery has to been in enabled on each router in
>> the pa th in order for it work correctly?!
>
> No -- it only has to be enabled on routers with smaller outbound MTUs
> than inbound.  A router for which all links have a 1500-byte MTU
> doesn't need path MTU discovery; it will never need to fragment
> anything.
>
> 		--Steve Bellovin, http://www.research.att.com/~smb
>
>



-- 
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20031203/77be91c3/attachment.sig>

• Previous message (by thread): MTU path discovery and IPSec
• Next message (by thread): MTU path discovery and IPSec
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]