[66049] in North American Network Operators' Group
Re: Minimum Internet MTU
daemon@ATHENA.MIT.EDU (Jun-ichiro itojun Hagino)
Mon Dec 22 18:38:55 2003
To: cbrenton@chrisbrenton.org
Cc: nanog@merit.edu
In-Reply-To: Your message of "Mon, 22 Dec 2003 07:49:29 -0500"
<1072097368.2076.336.camel@grendel>
Date: Tue, 23 Dec 2003 08:33:24 +0900 (JST)
From: itojun@itojun.org (Jun-ichiro itojun Hagino)
Errors-To: owner-nanog-outgoing@merit.edu
> I'm working with a few folks on firewall and IDS rules that will flag
> suspicious fragmented traffic. I know the legal minimum of a
> non-terminal fragment is 28 bytes, but given non-terminals should
> reflect the MTU of the topologies along the link, this number is far
> lower than what I expect you should see for legitimate fragmentation in
> the wild.
>
> A few years back I noted some 512-536 MTU links in ASIA. I've been doing
> some testing and can't seem to find them anymore. Is is safe to assume
> that 99.9% of the Internet is running on 1500 MTU or higher these days?
there are many deployment of DSL-based layer 2 providers, which
use L2TP (or whatever) tunnelling as well as PPPoE to associate
end clients to layer 3 ISPs. they enforce MTU like 1450 or lower.
in Japan, NTT east/west (NTT is a previously-government-owned telco)
provide such service and enforce MTU of 1454.
itojun
