[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[no subject]

Hello all,

I am having a little trouble understanding the differences between Firewall / Proxy activity on internal / external nets. For example I read recently out of a book I am going through, that one should reconsider blocking all ICMP traffic for reasons related to fragmentation. I was wondering, with my current setup how does this affect packets coming from my external (internet) interface and packets on my internal network, because based on what is written my firewall/router will just drop packets with a too high MTU without warning the host that sent it, but by using nating I should think this should not affect any of my internal hosts communicating with external hosts… On the other hand I guess they mean that this will affect communication on my internal net.. Could someone clear me up on this or direct me to some documents that explain this kind of networking activity a little more in detail?


My second question is which ICMP types should be allowed in to  the external interface if any?





Reply to: