Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU

From: Iljitsch van Beijnum (no email)
Date: Sun Jan 09 2005 - 16:51:45 EST

Next message: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"

Previous message: Nick Feamster: "Re: Tracking spoofed routes?"
In reply to: Sabri Berisha: "Re: Smallest Transit MTU"
Next in thread: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Iljitsch van Beijnum: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Suresh Ramasubramanian: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Iljitsch van Beijnum: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Iljitsch van Beijnum: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: David Schwartz: "RE: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On 5-jan-05, at 17:39, Sabri Berisha wrote:

>> Are there any common examples of the DF bit being set on non-TCP
>> packets?

[...]

> Here you go. A root-nameserver setting the DF-bit on its replies :)

This is very bad.

With a 296 byte MTU I don't get answers from
(a|b|h|j).root-servers.net, *.gtld-servers.net, tld2.ultradns.net and
some lesser-known ccTLD servers.

I would have thought this impossible, but seeing is believing...

Fortunately, this problem won't present itself with regular smaller
MTUs, the MTU has to be smaller than around 500 bytes. I haven't tested
whether these servers also suffer from the "regular" PMTUD problem
where the ICMP messages are ignored, but I'm assuming they don't, so
doing all of this over TCP should still work.

Next message: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"

Previous message: Nick Feamster: "Re: Tracking spoofed routes?"
In reply to: Sabri Berisha: "Re: Smallest Transit MTU"
Next in thread: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Iljitsch van Beijnum: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Suresh Ramasubramanian: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Mark Andrews: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Iljitsch van Beijnum: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: Iljitsch van Beijnum: "Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Maybe reply: David Schwartz: "RE: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Invaluement Anti-Spam DNSBLs