[Techtalk] 2nd networking question

Maria Blackmore mariab at cats.meow.at
Fri Aug 30 16:49:07 EST 2002

On Fri, 30 Aug 2002, BUNTER MATTHEW wrote:

> Yeah I understand that I can ping with 1474 but not 1475 as the
> argument and I know that this goes over the 1500 mark. But is this the
> MTU setting which is limiting this?


This is most likely the case, yes.

Do you use PPPoE or PPPoA at all?
These reduce the MTU on the network, thus meaning it has to be set lower
on your machine.

In general, if you do not set the MTU lower, this won't cause many
problems, since every time you send a packet that is too big to pass over
the PPPoE tunnel an ICMP packet will be sent back to your machine telling
it that it must fragment the packet.  All this will do is reduce the
performance slightly.

However in some cases these packet too big messages won't be sent, and the
packet that is too large will be silently dropped.  To complicate things
further there are many sites on the internet at large who block these
ICMP_MUST_FRAGMENT packets.  So when they send a 1500 byte packet towards
you, the other end of the tunnel sends back the message that it's too big,
which is discarded, and the other site never knows it sent a packet that
was too big and sits there waiting

The moral of this story is think twice before blocking any ICMP, it exists
for a reason.  The harmful effects of blocking it far outweigh (imho) the
benefits that may be gained by preventing its use to stop its abuse.



More information about the Techtalk mailing list