--On Friday, December 24, 2004 01:27:35 +1100 "Peter J. Cherny" <[EMAIL PROTECTED]> wrote:
Time for a reality check, this is a BAD IDEA !
Having been the victim of a number of TearDrop style attacks, if either of the two first frags doesn't have the IP hdr in it, I'd trash the packets, and maybe only ever accept two anyway.
All this kefuffle is about tunneled IP MTU issues from VPNs and DSL, it's very rarely about ATM or GigE 8K+ frames, so two packets should be enough to carry a 1500 byte ethernet payload.
Ummm... you're confused. Go back and read this thread again. This is about large fragmented UDP packets from an NFS server, and has nothing at all to do with MTU mangling.
-- Carson
