home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.protocols.tcp-ip      TCP and IP network protocols.      14,669 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 14,033 of 14,669   
   Rick Jones to rahul.dev.agg@gmail.com   
   Re: icmp echo to a host with smaller mtu   
   14 Jun 13 17:44:55   
   
   From: rick.jones2@hp.com   
      
   rahul.dev.agg@gmail.com wrote:   
   > One more question:   
      
   > For directly connected hosts, what should be the PMTU ? Should the   
   > sender always assign pmtu = interface mtu of sender?   
      
   > Or, should it send an ICMP echo starting with its interface mtu. If   
   > it gets the reply, assign pmtu = interface mtu. Else, decrease the   
   > icmp echo size and try again till it gets the reply and use that   
   > value as pmtu ?   
      
   Given I start from the premise of "Every station in a given broadcast   
   domain MUST have the same MTU (framesize)" sending the ICMP Echo   
   Request is (should be) unnecessary.  And I wouldn't suggest it.   
      
   While the conditions are not identical, there was an amplification   
   attack possible against some TCP stacks (one of which used to be near   
   and dear to my paycheck) which did something similar with non-local   
   destinations.  When speaking with the remote destination, they would   
   send an ICMP Echo Request with the DF bit set in the IP header, while   
   the rest of the traffic being sent to the destination was sent with   
   the DF bit cleared.  The idea was to try to see if there was effective   
   PathMTU discovery possible along the path to the remote. Only once   
   there was an ICMP Echo Reply recieved would the DF bit start being set   
   on the "real" traffic.  A rather clever thing to do, save for one   
   thing...   
      
   Trouble was, someone sending say TCP SYNchronize segments with a   
   spoofed source IP address would get the receiving stack to send a full   
   local MTU-sized ICMP Echo request to the spoofed source IP along with   
   the TCP SYN|ACK.   
      
   rick jones   
   --   
   The computing industry isn't as much a game of "Follow The Leader" as   
   it is one of "Ring Around the Rosy" or perhaps "Duck Duck Goose."   
                                                       - Rick Jones   
   these opinions are mine, all mine; HP might not want them anyway... :)   
   feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca