On Thu, 11 Dec 2003 10:56:01 +0200, Shachar Shemesh said: > fragment at the place you mention. Most TCP/IP connections employ PMTU > discovery, and then split the stream at layer 4, rather then perform > Layer 3 assembly. I wish it were so. In fact, although many vendors ship with PMTU Discovery enabled, it very often gets turned off due to the extraordinary number of totally clueless sites that do one or more of: 1) Disable all ICMP, so the ICMP Frag Needed packets don't make it back, thus hosing the connection entirely (send too large packet, frag needed, ICMP dropped, timeout, retransmit, lather, rinse, repeat). 2) Number their point-to-points out of RFC1918 space, so the ICMP Frag Needed gets swallowed by some border router that's doing reasonable ingress/egress filtering. Most sites, if they have enough clue to realize the 576-byte default isn't all that hot, will simply nail the MSS to 1472 or so and pray for the best. Yes, that's not reliable either, but it works better than PTMUD does in the real world.
Attachment:
pgp00026.pgp
Description: PGP signature