PMTU and Broken Servers

bdragon at bdragon at
Sat May 10 23:17:49 UTC 2003

> This is a new problem to me, but I'm sure people have run into it
> before.  Are the servers really that broken (PMTU enabled, ICMP
> Can't Fragement filtered)?  Does the head end box of DSL services
> generally do something to work around this (ie, clear the DF bit)?
> Am I just being an idiot and missing something obvious?

This is fairly common, since PMTU-D is generally enabled by deafult, and
for better or worse, many folks filter all ICMP, despite the bad effects
that can lead to.

I've had arguments with customers about their having a broken config, but
their unwillingness to believe it because "they haven't changed anything".

The only real workaround is to have a minimum MTU of 1500 across your network
including all encapsulation.

