On Sunday 01 Sep 2013 18:54:45 Grant wrote: > >> OK, does PMTUD lower the outgoing packet size on my system due to the > >> hotel router's lower MTU or does the hotel router itself fragment my > >> 1500 byte packets in order to send them out? Just curious. > > > > If you are sending out packets with the DF bit set no fragmentation will > > take place - the packet is dropped and an appropriate message is > > returned to sender. Otherwise the router will fragment them and send > > them on to the recipient address. > > Shouldn't PMTUD change my MTU based on the hotel router's lower MTU?
Yes, it should. At the start of the connection the sender sends DF in the header to find out what is the MRU that the network nodes will support. Then sends packets of the appropriate size so that they get through with no fragmentation. This is the optimal scenario. Now, imagine another scenario where some router/firewall/server does not send back the correct ICMP packet with its required MRU, or even worse it sends back a 1500 (full ethernet) size with DF set, or also drops fragments ... This reminds me of MSN IM which was a particularly bad implementation back when. The sender may eventually try a smaller packet, after initially increasing the time it waits for a response, and you could well get something through 30 seconds later, or even give up and time out. If you are using Shorewall at your remote server I would expect it to behave properly and return the correct ICMP packet when it receives a DF. However, I am not familiar with the Shorewall properties and settings, so if you suspect this as the cause of your problem it would be better if you look into it properly. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
