- Previous message: David Conrad: "Re: Types of packet modifications allowed for networks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Matthew Kaufman (no email)
Date: Mon Jun 02 2008 - 10:35:20 EDT
I was reminded by the "packet modifications" thread that it seems that
dropping (rather than fragmenting) large UDP packets has become quite
the norm, which is unfortunate.
We're working on a (popular software) product that sends UDP datagrams
(with DF cleared), and it is amazing how small they have to be to get
through. Between the Cisco VPN software and the high-end NAT boxes that
have broken hairpin behavior and broken consumer "routers", we're
finding that whereas sizes in the mid 1400-byte range used to be safe,
going much over 1200 bytes is now routinely a problem. Path MTU
discovery (PLPMTUD) shouldn't need to be looking for and finding black
holes when the DF flag is cleared, but that's what we're having to
implement to work on today's Internet.
Operational relevance: 1) This software will be running on your
networks, and your customers will be happier if you don't drop UDP
datagrams that are of reasonable size, 2) Knowing that this is going on
might help you debug problems customers are having with other
applications if you didn't know already how bad it has gotten.
Matthew Kaufman
|
|
|