[c-nsp] Hiding a Cisco Router from a Traceroute
Church, Chuck
cchurch at netcogov.com
Mon Oct 24 12:46:56 EDT 2005
>That's an argument frequently heard, but nontheless invalid.
>All pMTUd needs is that the ICMP response from the router goes
>back to the user. The other direction, whether the user can
>reach the router, is irrelevant for that purpose.
But, if the router replying with a packet too big ICMP message is using
1918 address space, and on the way back to the end user, it crosses an
ISP doing (as they probably should) 1918 and other bogon source and
destination filtering, that PTB ICMP message with a 1918 source address
would get dropped. I guess if you are going to use 1918 addresses on
your network, then you should use at least a 1500 byte MTU...
Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D
More information about the cisco-nsp
mailing list