[OpenAFS] Re: mtu problem
chas williams - CONTRACTOR
chas@cmf.nrl.navy.mil
Fri, 8 Feb 2013 10:24:55 -0500
On Fri, 08 Feb 2013 09:56:16 -0500
Derek Atkins <warlord@MIT.EDU> wrote:
> I didn't say "all", I said "many". And yes, there are many sites on the
> internet that cannot be accessed reliably from many OSes that do PMTUD,
> particularly if you have some pipe between you and the site that is
> smaller than your endpoint MTU (e.g. an IP tunnel, be it GRE, IPsec,
> etc). I have plenty of first-hand experience with this.
you dont even need something that exotic. two sites running jumbo
frames and the standard internet between them breaks things pretty
reliably.
> The fix I've put in is to have all my hosts behind the tunnel have an
> MTU of 1492 instead of 1500, because otherwise it reliably fails to many
> sites because the ICMP doesn't get back to me.
the original poster said he was seeing packets of 1488 bytes that were
failing. it is a bit puzzling how you would get this since afs
typically not generate a packet and a very tiny fraction of a packet.
it makes me wonder if he has a tagged vlan on his host and a switch
that doesnt support frames bigger than 1500 bytes.