On Mon, Dec 16, 2019 at 10:37:12PM -0500, Celejar wrote: > Hi, > > I have a Debian Sid system with generally working networking. Recently, > I experienced some strange connectivity problems with a particular > network connection [...] > PING 1.1.1.1 (1.1.1.1) 1492(1520) bytes of data. > ping: local error: message too long, mtu=1500 I don't know the error message by heart, but here, it seems the message size is too big for your local MTU... > With nnnn = 1472, I get, at least sometimes: > > >From 192.168.43.245 icmp_seq=2 Frag needed and DF set (mtu = 1472) This is definitely an ICMP message you receive from some upstream > followed by (for various values of nnnn): > > ping: local error: message too long, mtu=1472 > > until I drop below 1444, at which point I once again get no reply, > until nnnn <= 1412, at which point I once again get normal ping replies. Someone upstream is dropping the packets, perhaps sending an ICMP back (possibly "fragmentation needed"), perhaps someone else is dropping that ICMP (your firewall, perhaps?) > For comparison purposes, on a normal, properly behaving network > connection, I get normal ping replies for nnnn <= 1472, and "message > too long" for nnnn > 1472. > > Am I understanding this correctly, that there's some kind of PMTUD / > ICMP blackhole problem here? This would be my interpretation too. > If so, what can I do about it? My > understanding is that I can either set the MTU lower on the client, or > do MSS clamping. Any suggestions? Is this something Mint / T-Mobile, or > someone upstream, is just messing up? Since you're not getting the ICMPs back, your only choice seems to be to reduce your MTU, manually yes. Cheers -- t
Attachment:
signature.asc
Description: Digital signature