[c-nsp] What MTU for Bellsouth BBG / BRAS <-> LNS l2TP tunnel?

Gert Doering gert at greenie.muc.de
Fri Oct 29 17:43:30 EDT 2004


Hi,

On Fri, Oct 29, 2004 at 12:41:28PM -0500, Brian Feeny wrote:
> But sites like Amazon still do not work!  I am thinking amazon is  
> blocking the ICMP
> replies from the "cant fragment" messages.  If they are then this is  
> insane.  Why set
> DF in the first place if your not going to listen to what gets sent  
> back?

Because these people are just plain ignorant and stupid.

> Does anyone else know for sure if Amazon/Ebay actually listen to PMTUd  
> messages?

The "other" trick to work around this is MSS clamping.  Your router
will mangle outgoing TCP packets from your customers, and reduce the
"maximum segment size" that the receiver advertises to the sender.

interface virtual-template N
   ip tcp adjust-mss 1200

(or something else sufficiently below the interface MTU)

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de


More information about the cisco-nsp mailing list