Is it more beneficial to clear the DF bit at the router and allow fragmentation of an IP datagram or not to clear it and let PMTUD do what it does best? I have asked this question to my fellow network pros and everyone seem to have mixed thoughts. One said, "Clearing the DF bit fixed a lot of issues I had with applications sending data packets with the DF bit set which get dropped by the router causing the host to re-transmit the packet with lower MTU setting."
Other said, "PMTUD saves my day every day."
I want to know what are your thoughts and how do you implement this on your network?
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
The major pros and cons are, if your router needs to fragment, it make take a noticeable performance hit but PMTUD ICMP packets are sometimes blocked. Normally I lean toward adhering to standards, i.e. if the packet indicates DF, then don't fragment the packet but try to inform the source.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...