[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Broken PMTUD / ICMP blackhole?

On Tue, 17 Dec 2019 12:53:21 -0600
John Hasler <jhasler@newsguy.com> wrote:

> tomas writes:
> > I don't know the error message by heart, but here, it seems
> > the message size is too big for your local MTU...
> 
> Celejar writes:
> > Yes, I think this is pretty clear. The local wifi interface has the
> > standard MTU of 1500, so it rejects packets larger than that.
> 
> > With nnnn = 1472, I get, at least sometimes: 
> > From 192.168.43.245 icmp_seq=2 Frag needed and DF set (mtu = 1472)
> 
> tomas writes:
> > This is definitely an ICMP message you receive from some upstream
> 
> Celejar writes:
> > Yes, except that I don't see this message consistently. I assume that's
> > some sort of upstream flakiness.
> 
> It has to do with TLS.  Recent changes in the protocol have had the
> result that it sometimes sends packets too large for the standard MTUs.
> These packets cannot be fragmented, so you get intermittent problems
> that seem like they must be at the other end.  I've had to reduce my MTU
> to 1300.

I understand (sort of) why TLS is triggering the problem, but it's
fundamentally a PMTUD problem: on my normal network connection, with
the MTU left at the normal 1500, I have no problems. It's only while on
this particular connection via cell phone tether that I see problems.

Celejar
Reply to: