Dave Preece wrote:
>
> > > Just learning about this: I can see the advantages but does
> > anything use it?
> >
> > Sure, TCP uses it.
> >
> > TCP (at least in FreeBSD) sets the "don't frag" bit on all
> > its outgoing
> > packets.
>
> Good lord, so it does. Mental note, packet sniff before post
> > > Just learning about this: I can see the advantages but does
> > anything use it?
> >
> > Sure, TCP uses it.
> >
> So... thinking about what this means for firewalls and natd. If we block all
> incoming ICMP's across the firewall
The moral of the story is don't block *ALL* incoming ICMP's
And fbsd will respond to other's queries depending on interface mtus only
be careful if you are running natd. This copies the interface mtu on
startup but does not learn the new value if it is reduced either manually
or automatically. It can therefore respond with a to a query with a
value
On Thu, Jun 08, 2000 at 07:21:57PM +1200, Dave Preece wrote:
> So... thinking about what this means for firewalls and natd. If we block all
> incoming ICMP's across the firewall, it is quite possible that a server
> behind the firewall could completely fail to send packets to a client on a
>
> > Just learning about this: I can see the advantages but does
> anything use it?
>
> Sure, TCP uses it.
>
> TCP (at least in FreeBSD) sets the "don't frag" bit on all
> its outgoing
> packets.
Good lord, so it does. Mental note, packet sniff before posting in future.
So... thinking about
On Thu, Jun 08, 2000 at 18:03:45 +1200, Dave Preece wrote:
> Just learning about this: I can see the advantages but does anything use it?
Sure, TCP uses it.
TCP (at least in FreeBSD) sets the "don't frag" bit on all its outgoing
packets.
If the packet gets to a router with an outgoing MTU that
6 matches
Mail list logo
