[29166] in North American Network Operators' Group
Re: PMTU-D: remember, your load balancer is broken
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Tue Jun 13 23:53:09 2000
From: "Steven M. Bellovin" <smb@research.att.com>
To: Valdis.Kletnieks@vt.edu
Cc: Marc Slemko <marcs@znep.com>, nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Tue, 13 Jun 2000 23:50:55 -0400
Message-Id: <20000614035056.41F5935DC2@smb.research.att.com>
Errors-To: owner-nanog-outgoing@merit.edu
In message <200006140333.e5E3XmL28888@black-ice.cc.vt.edu>, Valdis.Kletnieks@vt
.edu writes:
>
>b) If you're a webserver or something else providing service Out
>There to random users, just nail the MTU at 1500, which will
>work for any Ethernet/PPP/SLIP out there. And if you're load
>balancing to geographically disparate servers, then your users
>are probably Out There, with an MTU almost guaranteed to be 1500.
>
>I assert that the chances of PMTU-D helping are in direct ratio to the
>number of end users who have connections with MTU>1500 - it's almost
>a sure thing that you probably won't have users with an MTU on their
>last-hop that's bigger than their campus backbone and/or Internet
>connection's MTU.
>
>Is anybody seeing any documentable wins by using PMTU-D?
There are two places where it's very important. First, some server
farms are on FDDI rings, so they have a higher MTU. Second -- and this
one is growing in importance -- tunnels, for IPsec, PPTP, etc. --
generally have smaller MTUs. This very reply will travel over a tunnel
with an MTU of, I believe, 1480.
--Steve Bellovin
