(Previously mentioned: cyberlizard: ICMP and Path MTU)
I’ve been helping out diagnose a weird problem with a shared DSL connection. Briefly, I thought it was a problem with the network’s DSL modem; turns out however, after mulling it over and doing an ifconfig eth0 mtu 512
, that the problem was with Path MTU.
As Charles Miller points out, if you block the ICMP “Destination Unreachable (Datagram Too Big)” message, you will end up with wonky connections. In this case, most sites were accessible. However, anything involving sending a large packet upstream would silently just die— file uploads, HTTP POST activity, heck even an HTTP GET involving a large cookie string and a lot of headers plus a long request URL (think of accessing your Yahoo!Mail Inbox. It looked to me like the DSL provider in question was blocking the ICMP packets. The local gateway box wasn’t doing anything in particular.
Also, from the looks of it, said DSL provider is a bit clueless. Most of their clients are apparently Windows users. Since Windows XP seems to set the MTU to 20 bytes less than the default Ethernet MTU of 1500, they weren’t getting this problem. Which, IMHO, still means their network is misconfigured— the gateway box was switched over to Linux recently, which made the problem appear.
Okay, maybe finger-pointing won’t solve the problem. However, from where I sit, the provider isn’t following the standard. Which means they’re broken.
Which means that they’ll soon be getting a lot of complaints when users start switching away from Windows.
Previously: YAM/Q: Which Firefly Character Are You?