And also: When the router generates the ICMP by punting the packet to its CPU and such traffic is - legitimately - rate-limited to avoir crashing the router.
When the ICMP is sourced by a private IP on the router for various legitimate reasons (not enough public IPv4 addresses, from within a VRF, or whatever), while packets from private IPs are legitimately filtered when entering the target network. > Le 19 janv. 2018 à 15:05, Mikael Abrahamsson <swm...@swm.pp.se> a écrit : > > On Fri, 19 Jan 2018, Mike Hammett wrote: > >> Other than people improperly blocking ICMP, when does PMTUD not work? Honest >> question, not troll. > > Mismatch of MTU interface settings between interfaces, mismatch of MTU > between L3 devices and intermediate L2 devices, anycast services, ECMP based > services where the ICMP error is delivered to the wrong node. > > So yes, there are plenty reasons that PMTUD doesn't work without anyone doing > it because of ill will or incompetence.
