ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ECN and now Path MTU discovery

2002-07-24 18:23:29
from [Franck Martin] [Permanent Link] 
http://www.sendmail.org/tips/pathmtu.html

As we are talking about ECN and the funny handling of the IP suite by some
admins and vendors, here another one for your reference. I had this problem
4 years ago, when my default MTU was 576 on my slow unreliable link... Found
out that about 5%(pifomatics) hosts out there were broken. For instance you
can solve it by enabling on MS servers "Black Hole router discovery".

RFC1812 is good, but say a little bit too complicated for the standard
administrator. There should be a document explaining how firewall should
behave for the most common protocols.

I used to block port TCP:53(domain) because I thought it was only required
for domain transfer (master to slave). But I have learnt recently that DNS
may fall back to TCP when the data is too big for UDP. How many DNS out
there are blocking TCP:53. My guess a lot!

An RFC for firewall behavior would be nice, isn't it? Protocol by
protocol...

Franck Martin
Network and Database Development Officer
SOPAC South Pacific Applied Geoscience Commission
Fiji
E-mail: franck(_at_)sopac(_dot_)org <mailto:franck(_at_)sopac(_dot_)org> 
Web site: http://www.sopac.org/
<http://www.sopac.org/> Support FMaps: http://fmaps.sourceforge.net/
<http://fmaps.sourceforge.net/> 
Certificate: https://www.sopac.org/ssl/ 

This e-mail is intended for its addresses only. Do not forward this e-mail
without approval. The views expressed in this e-mail may not be necessarily
the views of SOPAC.



-----Original Message-----
From: Einar Stefferud [mailto:stef(_at_)nma(_dot_)com]
Sent: Wednesday, 26 June 2002 12:59 
To: Lloyd Wood
Cc: Keith Moore; Mike Burns; ietf
Subject: Re: Global PKI on DNS?


That is not trust that you see withering away.

It is called value;-)...\Stef

At 11:05 PM +0100 6/25/02, Lloyd Wood wrote:

On Tue, 25 Jun 2002, Keith Moore wrote:

 > I don't think the dollar analogy is very useful.  The kind of trust
 > we place in money is a very specific kind of trust, and the risk
 > we take in trusting money is generally limited to the denomination
 > of the note or coin.

Inflation shows how much nobody trusts money. It's a trust that
withers away over time.

L.

<http://www.ee.surrey.ac.uk/Personal/L.Wood/><L(_dot_)Wood(_at_)surrey(_dot_)ac(_dot_)uk>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • ECN and now Path MTU discovery, Franck Martin <=
Previous by Date:  Re: NSRG presentation & mailing list address, J. Noel Chiappa
Next by Date:  SHA1 source code!!, chintan sheth
Previous by Thread:  NSRG presentation & mailing list address, Eliot Lear
Next by Thread:  SHA1 source code!!, chintan sheth
Indexes:  [Date] [Thread] [Top] [All Lists]