[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
MTU to CDN's
On Thu, Jan 18, 2018 at 7:14 PM, Jared Mauch <jared at puck.nether.net> wrote:
> lets say i can
> send you a 9K packet. If you receive that frame, and realize you need
> to fragment, then itâ??s your routers job to slice 9000 into 5 x 1500.
In practice, no, because the packet you sent had the "don't fragment"
bit set. That means my router is not allowed to fragment the packet.
Instead, I must send the originating host an ICMP destination
unreachable packet stating that the largest packet I can send further
is 1500 bytes.
You might receive my ICMP message. You might not. After all, I am not
the host you were looking for.
P.S. This makes Linux servers happy:
iptables -t mangle --insert POSTROUTING --proto tcp \
--tcp-flags SYN,RST,FIN SYN --match tcpmss --mss 1241:65535 \
--jump TCPMSS --set-mss 1240
William Herrin ................ herrin at dirtside.com bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>