[76804] in North American Network Operators' Group
Re: Smallest Transit MTU
daemon@ATHENA.MIT.EDU (Jerry Pasker)
Wed Dec 29 18:47:42 2004
In-Reply-To: <D1A1C370-59E4-11D9-BFE9-000A95CD987A@muada.com>
Date: Wed, 29 Dec 2004 17:42:28 -0600
To: nanog@merit.edu
From: Jerry Pasker <info@n-connect.net>
Errors-To: owner-nanog-outgoing@merit.edu
>
>Regardless of this, it's probably a good idea to obsolete the
>original meaning of the DF bit.
So my next question is: Is it safe for the entire internet to ignore
the DF bit entirely? Sounds like it would save plenty of router
manufactures, plenty of time/effort.
Apparently Cisco's official recommendation for solving the problem
for packets destined to any network with an MTU less than 1500 bytes
due to ICMP "Fragmentation Needed But DF Set" packets not making it
back to the original pMTUd server (for whatever reason......) is to
clear the DF bits with policy routing, and fragment anyway.
"Let's break the internet some more to fix something that someone
else* broke! Fun!"
*as in: an idiot ICMP blocking firewall admin who thinks that "ICMP"
means ping.
Maybe they think they can use pMTUd to make up the speed lost from
the possible increase in congestion/dropped packets caused by the
lack of ICMP source-quench messages reaching their server.
I hate to think how many people-hours were wasted on the
implementation of anything to do with the DF flag, routers kicking
back ICMPs when encountering smaller networks, everything pMTUd, the
router code to flip DF bits, and the implementation of all of it to
arrive back at the way life was pre-pMTUd+bad firewall.
/rant.
-Jerry
