Thanks for the hints Florian, but still there are open questions: Florian Attenberger [Thu, Apr 07, 2005 at 07:33:09PM +0200]: > [...] > # [From the kernel help: > # > # This option adds a `TCPMSS' target, which allows you to alter the > # MSS value of TCP SYN packets, to control the maximum size for that > # connection (usually limiting it to your outgoing interface's MTU > # minus 40).
The MTU is 1460 or 1492 in tested cases. This means on ppp0, TCPMSS should be 1420 or maximum of 1452. Why do I see 1460 on the interface? > # This is used to overcome criminally braindead ISPs or servers which > # block ICMP Fragmentation Needed packets. That's clear to me, there are sites out there, debatting that problem. But: - Should not _my_ Linux-router tell _my_ client that the mtu choosen is too big? - On the tested connections _all_ icmp types were allowed (disabled iptables) - As far as I can see, the routers between the two hosts don't drop the generated icmp-packets The first of the questions was the reason I choosed this ML, because I was wondering why my client does not get the DF-Bit-set, but frag-needed icmp-message from the linux-router. Or did I unterstand the technique wrong? Greetings, Nico -- Keep it simple & stupid, use what's available. Please use pgp encryption: 8D0E 27A4 is my id. http://nico.schotteli.us | http://linux.schottelius.org
pgpne4MqVk060.pgp
Description: PGP signature
