Re: How to analyze a ppp connection

Thu, 20 Jan 2000 10:37:25 -0800 


For a good article on MTU/MRU and PMTU try these sites
http://www.infinisource.com/techfiles/maxmtu.html            (these two give
the basics)
http://www.infinisource.com/techfiles/maxmtu-2.html         (these two give the
basics)
http://www.infinisource.com/techfiles/other_os.html           (this one has
details about what to do for linux)

My presonal opinion is that ICMP and MTU/MRU settings are completely unrelated.
ICMP messages, delivered in IP packets, are used for out-of-band messages
related to network operation or mis-operation. Why firewalls restrict
ICMP traffic is because most hacking tools nowadays utilize the error messages
to detect devices and OS's connected to a network. Of course, since ICMP uses
IP, ICMP packet delivery is unreliable, so hosts can't count on receiving ICMP
packets for any network problem.


Mithun

Clifford Kite wrote:

> On Wed, 19 Jan 2000, Sarel J. Botha wrote:
>
> |On Tue, Jan 18, 2000 at 12:25:25PM -0600, Clifford Kite wrote:
> |> On Tue, 18 Jan 2000, Mithun Bhattacharya wrote:
> |>
> |> able to receive 1500 and mtu is not a negotiated LCP option.  I'd use mtu
> |> 576 and mru 576, which are likely to cause the least trouble.
> |
> |Actually mtu and mru settings of 576 cause a bit of trouble sometimes too.
> |Particularly with some Online Banking sites which block ALL icmp traffic.
> |See, MTU and MRU negotiation are done using icmp, so if icmp can't pass the
> |only mtu and mru that'll work is the default: 1500.
>
> I don't follow that reasoning, but admit I'm not very knowledgeable about
> PMTU negotiation, which seems to be what you are writing about.  I would
> expect that those MTU and MRU are maximum values and any packet smaller
> would be acceptable.  My thought was that 576 was a generally accepted
> default for Ethernet before PMTU was implemented, and some sites may still
> not implement PMTU negotiation so the 576 would help with them.
>
> |The symptom: ALL connections time out.
>
> I'd expect that if the packet size was larger but when it's not smaller.
>
> ??
>
> ---
> Clifford Kite                                               Not a guru. (tm)
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
> the body of a message to [EMAIL PROTECTED]




-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]

Reply via email to