[65597] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: MTU path discovery and IPSec

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Dec 3 11:25:24 2003

From: "Steven M. Bellovin" <smb@research.att.com>
To: jgraun@comcast.net
Cc: nanog@merit.edu
In-Reply-To: Your message of "Wed, 03 Dec 2003 16:05:39 GMT."
             <120320031605.8838.1dea@comcast.net> 
Date: Wed, 03 Dec 2003 11:19:20 -0500
Errors-To: owner-nanog-outgoing@merit.edu


In message <120320031605.8838.1dea@comcast.net>, jgraun@comcast.net writes:
>
>Two questions:
>
>1) I assume MTU path discovery has to been in enabled on each router in the pa
>th in order for it work correctly?!

No -- it only has to be enabled on routers with smaller outbound MTUs 
than inbound.  A router for which all links have a 1500-byte MTU 
doesn't need path MTU discovery; it will never need to fragment 
anything.

		--Steve Bellovin, http://www.research.att.com/~smb


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[65597] in North American Network Operators' Group

Re: MTU path discovery and IPSec

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)Wed Dec 3 11:25:24 2003

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Dec 3 11:25:24 2003