On Sat, Sep 02, 2000 at 04:12:04PM +0200, Elmer Joandi wrote:
> There is another big problem like that...
> tunnels actually do not work on todays real internet...
> MTU 1500 is so much a standard that it starts killing tunnels.
> MTU < 1500 is not a working solution today thanks to (mostly
> linux based ? ) broken firewalls
It is due to knee-jerk ICMP blocking settings at firewalls/routers.
From personal experience I can say that even cisco router training
includes example of: "block ALL of ICMP", which of course makes
TCP PMTU discovery non-functional.
(That was 3 years ago when PMTU discovery was a new thing, but still..)
Another issue are still existing SLIP links with mismatching
link MTUs at each side.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:13 EST