25 Jul
2013
25 Jul
'13
10:08 a.m.
On 7/25/13 2:59 AM, Marc, LX1DUC wrote:
By defautl GRE provides an Layer3 MTU of 1476 bytes.
How will you cope
with packet fragmentation or in case DF=1 with ICMP type=3 code=4 (The
datagram is too big. Packet fragmentation is required but the 'don't
fragment' (DF) flag is on.) filtering.
Yes, but this is why we have PMTUD. It works fine so long as ICMP is not
blocked. If ICMP is blocked, then some one along the path needs to get some
clue. I've only encountered this on private networks (LAN's, and packet cores
where IT runs it). Generally it's fixed with me screaming "YOU'RE BREAKING
THE INTERNET STUPID!" ;)
Also as it only really efficts TCP, I solve it on my GRE tunnels with
ip tcp adjust-mss 1436 in cisco
set interface $interface ip tcp adjust-mss 1436 in juniper
tcp-mss-adjust 1436 under an SDP config in Alcatel-Lucent
73's
--
Bryan Fields
727-409-1194 - Voice
727-214-2508 - Fax
http://bryanfields.net
25 Jul
25 Jul
10:59 a.m.
New subject: Distributed BGP Announce
Yes, but this is why we have PMTUD. It works fine so
long as ICMP is not
blocked. If ICMP is blocked, then some one along the path needs to get some
clue. I've only encountered this on private networks (LAN's, and
packet cores
where IT runs it). Generally it's fixed with me screaming "YOU'RE BREAKING
THE INTERNET STUPID!" ;)
Yes I'm aware of PMTUD, but I still find big sites blocking ICMP PTB
and some NAT/router boxes seem to block ICMP completely. Often enought
I've found those people think they are doing the right thing, even
after contacting them, usually these are also the people who contact
me about NTP query response packages "attacking" their network. (See
RFC 6305)
Also as it only really efficts TCP, I solve it on my
GRE tunnels with
ip tcp adjust-mss 1436 in cisco
set interface $interface ip tcp adjust-mss 1436 in juniper
tcp-mss-adjust 1436 under an SDP config in Alcatel-Lucent
What is your experience with that setup? Does it always (99.999% :-D)
work? If so, count me in an let's go with it.
73 de Marc, LX1DUC
28 Jul
28 Jul
10:54 p.m.
New subject: Distributed BGP Announce
My experience is with Cisco's "ip tcp adjust-mss xxx". It works 100% in
all cases I've seen. Some very large deployed networks use that
functionality. The only times we have issues is when folks remove that
statement thinking it is redundant to MTU size. (We set both)
73-KY9K/Brian
On 7/25/2013 8:59 AM, Marc, LX1DUC wrote
Also as it
only really efficts TCP, I solve it on my GRE tunnels with
ip tcp adjust-mss 1436 in cisco
set interface $interface ip tcp adjust-mss 1436 in juniper
tcp-mss-adjust 1436 under an SDP config in Alcatel-Lucent
What is your experience with that setup? Does it always (99.999% :-D)
work? If so, count me in an let's go with it.
73 de Marc, LX1DUC
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
http://www.ampr.org/donate.html
4135
days inactive
4139
days old
2 comments
3 participants
participants (3)
-
Brian D Heaton -
Bryan Fields -
Marc, LX1DUC