[c-nsp] IP unnumbered question. Are isp's using this alot?

Mikael Abrahamsson swmike at swm.pp.se
Sun Jun 26 05:14:36 EDT 2005


On Sat, 25 Jun 2005, Ted Mittelstaedt wrote:

> As for MTU path discovery, that is not a major factor anymore
> because so many sites already out there improperly filter ICMP

This is not the proper way of doing things. Either remove PMTUD from the 
standards we use, or make every effort to keep it working. I think most 
would like it to work and thus we keep it, and keeping RFC1918 out of 
infrastructure is a good thing. Unnumbered is better than 1918, if you 
want to protect the infrastructure from prying eyes then try to get your 
vendor to implement unreachables and other ICMP messages being sourced 
from a single anycasted /32 in your network. This will of course make it 
harder for yourself to troubleshoot...

Also, a big reason that PMTUD isn't working is not clueless admins, it's 
also clueless vendors that make loadsharing and NAT devices (and alike) 
that do not take PMTUD into account and even if the admin is very clueful, 
he/she cannot get pmtud working anyway.

-- 
Mikael Abrahamsson    email: swmike at swm.pp.se


More information about the cisco-nsp mailing list