MTU to CDN's

[bill at herrin.us (William Herrin)]

On Thu, Jan 18, 2018 at 7:14 PM, Jared Mauch <jared at puck.nether.net> wrote:
> lets say i can
> send you a 9K packet.  If you receive that frame, and realize you need
> to fragment, then itâ??s your routers job to slice 9000 into 5 x 1500.

In practice, no, because the packet you sent had the "don't fragment"
bit set. That means my router is not allowed to fragment the packet.
Instead, I must send the originating host an ICMP destination
unreachable packet stating that the largest packet I can send further
is 1500 bytes.

You might receive my ICMP message. You might not. After all, I am not
the host you were looking for.

Good luck.

Regards,
Bill Herrin


P.S. This makes Linux servers happy:

iptables -t mangle --insert POSTROUTING --proto tcp \
        --tcp-flags SYN,RST,FIN SYN --match tcpmss --mss 1241:65535 \
        --jump TCPMSS --set-mss 1240



-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>