On 10/08/2015 04:05 PM, Peter Lebbing wrote:
...
>
> That's a major part of the problem: the people who block all ICMP packets are
> usually not the ones affected by the issue. They never notice, and it's other
> people who get the issues when connecting to them.
>
>
g as soon as a system tries to send a big packet.
That's a major part of the problem: the people who block all ICMP packets are
usually not the ones affected by the issue. They never notice, and it's other
people who get the issues when connecting to them.
Just blocking echo-request (or
On 10/08/2015 03:45 PM, Peter Lebbing wrote:
> I hope you mean specifically dropping all ICMP echo-request packets, not all
>
I could've been more specific, but yes. ICMPv4 echo requests. AFAIK
anyway. I haven't had a single issue with any of the traffic I route
through it, so I&
On 08/10/15 21:26, Antony Prince wrote:
> I host a server in this pool and it is set to drop all IPv4 ICMP packets
I hope you mean specifically dropping all ICMP echo-request packets, not all
ICMP packets. Because some ICMP packets are *essential* for proper functioning
of your inter
On 15/08/14 22:33, Robert J. Hansen wrote:
> You'll notice I'm not disagreeing with you on anything. :)
Hehe :).
I do regret the swearing in the last paragraph though. That wasn't
necessary.
My apologies to anyone who didn't appreciate that.
Peter.
--
I use the GNU Privacy Guard (GnuPG) in c
On Fri, Aug 15, 2014 at 12:54:29PM -0400, Robert J. Hansen wrote:
> >Blocking ICMP is not a network misconfiguration at all.
>
> Whether it's a misconfiguration depends entirely on whether the
> administrator intends this behavior.
I meant "Blocking ICMP" is a delib
I agree with everything Doug wrote except this. I may be insisting on
usual semantics...
Yow, did I actually write that? Time to go drink coffee directly from
the pot.
s/usual/unusual/
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lis
Okay. So an administrator willingly creates a PMTU blackhole?...
You'll notice I'm not disagreeing with you on anything. :)
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Hard to debug if you don't know
about PMTU blackholes!
The iptables man page calls it this (TCP MSS clamping target):
> This target is used to overcome criminally braindead ISPs or
> servers which block "ICMP Fragmentation Needed" or "ICMPv6 Packet
> Too Big"
Blocking all ICMP has always been a misconfiguration.
I agree with everything Doug wrote except this. I may be insisting on
usual semantics for "misconfiguration," though. I am generally of the
opinion that when someone deliberately configures something in a foolish
way, well
On Aug 15, 2014, at 8:46 AM, Aaron Toponce wrote:
> On Thu, Aug 14, 2014 at 05:13:08PM +0100, OmegaPhil wrote:
>> Fair point, although that would be a network misconfiguration as
>> ping/ICMP is required for network troubleshooting, packet fragmentation
>> stuff etc (for
Blocking ICMP is not a network misconfiguration at all.
Whether it's a misconfiguration depends entirely on whether the
administrator intends this behavior.
It *is*, however, non-RFC-compliant. Not that I think this matters much.
___
Gnupg-
On Thu, Aug 14, 2014 at 05:13:08PM +0100, OmegaPhil wrote:
> Fair point, although that would be a network misconfiguration as
> ping/ICMP is required for network troubleshooting, packet fragmentation
> stuff etc (for reference I'm testing from a dedicated line that I control).
Bl
13 matches
Mail list logo
