On Wed, 24 Jul 2002, Craig Whitmore wrote:
I've found lots of places which say blocking the icmp stuff for PTMU stuff is wrong (causing this issue). Where did the people who do block it get the idea from to actually do this and "break things" for their clients. Maybe they should be a warning up on their web page saying "People who have Fragmented TCP/IP packets will not be able to access this site properly because we are too lazy to fix our firewalls" (well its what it sounds like on the news article)
Firewall issues apart, I believe the problem is that the banks in question have networks with smaller than 1,500 byte MTUs, but not advertising the fact, so it's not a question of "people having fragmented packets" as such. As for the reason, well... "ICMP? Wot dat crap? We don't need no steenken ICMP here." ;-) It's just too complicated for mere mortals, this whole TCP/IP thing. There should be a simpler variant, like, errr... My/IP or something, that doesn't have all those nasty hairy and dangling techie bits what causes all the bother eh? -- Juha Saarinen - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog