Re: IP fragmentation problem in the 2.0 kernels ?

Keith Owens (
Wed, 10 Sep 1997 14:36:49 +1000

On Tue, 9 Sep 1997 17:24:17 -0600 (MDT),
Teunis Peters <> wrote:
>Ergo - all webservers behind firewalls (to make webservers more secure)
>are a violation of RFC 1191 [snip]

Only if they try to do path MTU discovery *and* block the ICMP packets.
They either do not set the DF flag or they set it and handle the ICMP
response. People who set up servers to do path MTU discovery but block
ICMP only have themselves to blame.