On Thu, 20 Jan 2000, Sarel J. Botha wrote:
|On Wed, Jan 19, 2000 at 07:32:18AM -0600, Clifford Kite wrote:
|> I don't follow that reasoning, but admit I'm not very knowledgeable about
|> PMTU negotiation, which seems to be what you are writing about. I would
|
|Me neither, but when I forced an MTU of 576 onto all users of the local
|ISP they suddenly couldn't access one particular Banking site anymore, so
|was forced to figure out what was going on.
|
|> expect that those MTU and MRU are maximum values and any packet smaller
|> would be acceptable. My thought was that 576 was a generally accepted
|> default for Ethernet before PMTU was implemented, and some sites may still
|> not implement PMTU negotiation so the 576 would help with them.
|
|I think 1500 is a nice default for Ethernet. 576 is nice for slow dialups
|though. (All my HMO of course :)
|
|> |The symptom: ALL connections time out.
|>
|> I'd expect that if the packet size was larger but when it's not smaller.
|
|Yes, that's right.
OK, it looks like that I was thinking one-directionally, from the PPP user
to the site but not from the site to the PPP user. If the site sends 1500
byte packets to the PPP user with the DF bit set then the packets are
silently dropped when they encounter the 576 ISP MTU to the PPP user, and
since the site isn't using ICMP it cannot use PMTU Discovery to reduce the
packet size.
If I'm wrong in thinking that it is this that causes trouble with the
online banking sites then please correct me. Otherwise the rule for the
PPP user is "don't set the MRU", use the 1500 byte PPP default. I can't
see any problem for a PPP user that changes the MTU to 576, can you?
---
Clifford Kite Not a guru. (tm)
-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]
