From: Spiro Trikaliotis (ml-cbmhackers_at_trikaliotis.net)
Date: 2005-04-18 11:18:03
Hello Ruud,
* On Mon, Apr 18, 2005 at 10:26:26AM +0200 Baltissen, GJPAA (Ruud) wrote:
> And that's why nowadays more and more routers start to ban ICMP. Most
> firewalls don't accept it anymore at all.
Unfortunately, many firewalls ban ICMP completely, and this is totally
bs. Some ICMP packages are fundamental for the working of the IP
protocol.
Take, for example gmx.de. If you are working behind a (SOHO) router on
an ADSL line which uses PPPOE, you cannot reliably access gmx.de (if you
do not do not enable "mtu-clamping"), because gmx.de blocks all relevant
ICMP packages, not allowing the client and the gmx server to find an
appropriate MTU. This is very bad and shows that the network admins at
gmx do not have a clue about the glue of the internet.
Unfortunately, it is not only GMX which behaves this way.
Fortunately, most (SOHO) routers implement mtu clamping nowadays.
Anyway, the end-user has problems and has to solve them, although the
server admins do not have a clue. Happy new world. ;-)
Regards,
Spiro.
--
Spiro R. Trikaliotis
http://www.trikaliotis.net/
http://cbm4win.sf.net/
Message was sent through the cbm-hackers mailing list
Archive generated by hypermail pre-2.1.8.