路径MTU

数据在以太网中的传输有长度有一个限制，其最大值一般情况下是1500字节。链路层的这个特性叫作MTU，也就是最大传输单元。不同类型的网络会有所不同的。如果IP层有一个数据报要传输，而且数据的长度比链路层的MTU还要大的话，那么IP层就需要进行分片。把数据分成更小的片，这样每一个小的片就小于了MTU，也就可以在以太网中传输。

   但是如果两台主要之间的通信要通过不同的多个网络，那么每个网络的链路层就可能有不同的MTU。这里不同的网络指的是，例如：以太网，令牌环网，FDDI（光纤分布式数据接口）及RS-232串行线路这类的网络 。而这个时候进行数据的通信时，重要的不是两台主机的所在网络的MTU的值，重要 的是两台通信主机路径中的最小MTU，被称作路径MTU，也被写作PMTU。它等于路径上每一跳的MTU之中的最小值。两台主机之间的路径MTU不一定是个常数，它取决于当时所选择的路由。而选路不一定是对称的，也就是从A到B的路径路由和从B到A的路径路由不一定相同，因此路径MTU在两个方向上不一定是一致的。

   在ICMP不可达差错中，这个差错可以用来确定PMTU。假设考虑这样一种情况 。在IP首部使用不分片(DF)比特位动态发现一条路径的PMTU。基本思想就是源主机开始假定一条路径的PMTU是它的（已知的）第一跳的MTU，在这条路径上发送的数据报都设置DF比特位。如果有的数据报太大，不被路径中的某些路由器分片就不能转发，那么路由器将丢弃这些数据报，然后返回一个意思为“需要分片，设置了DF位[7]”的ICMP目的不可达报文。在收到这样一条报文后（以后称它为“数据报太大”报文），源主机减小它假定的这条路径的PMTU。当主机对PMTU的估计值小到它的数据报不需要分片也能转发的时候，PMTU发现过程结束。

    其中还有用Traceroute确定路径MTU，和采用UDP的路径MTU发现两种常用的方法

-----------------------------

Path MTU Discovery

From Wikipedia, the free encyclopedia

  (Redirected from Path MTU discovery)

Jump to: navigation, search

Path MTU Discovery (PMTUD) is a standardized technique in computer networking for determining the maximum transmission unit (MTU) size on the network path between two Internet Protocol (IP) hosts, usually with the goal of avoiding IP fragmentation. PMTUD was originally intended for routers in Internet Protocol Version 4 (IPv4),^[1] however all modern operating systems use it on endpoints. In IPv6 this function has been explicitly delegated to the end points of a communications session.^[2]

For IPv4 packets, Path MTU Discovery works by setting the Don't Fragment (DF) option bit in the IP headers of outgoing packets. Then, any device along the path whose MTU is smaller than the packet will drop it, and send back an Internet Control Message Protocol (ICMP) Fragmentation Needed (Type 3, Code 4) message containing its MTU, allowing the source host to reduce its Path MTU appropriately. The process is repeated until the MTU is small enough to traverse the entire path without fragmentation.

IPv6 routers do not support fragmentation or the Don't Fragment option. For IPv6, Path MTU Discovery works by initially assuming the path MTU is the same as the MTU on the link layer interface through which the traffic is being sent. Then, similar to IPv4, any device along the path whose MTU is smaller than the packet will drop the packet and send back an ICMPv6 Packet Too Big (Type 2) message containing its MTU, allowing the source host to reduce its Path MTU appropriately. The process is repeated until the MTU is small enough to traverse the entire path without fragmentation.^[3]

If the Path MTU changes after the connection is set up and is lower than the previously determined Path MTU, the first large packet will cause an ICMP error and the new, lower Path MTU will be found. Conversely, if PMTUD finds that the path allows a larger MTU than is possible on the lower link, the OS will periodically reprobe to see if the path has changed and now allows larger packets. On both Linux and Windows this timer is set by default to ten minutes.^[4][5]

Contents

• 1 Problems with PMTUD
• 2 See also
• 3 References
• 4 External links

Problems with PMTUD

Many network security devices block all ICMP messages for perceived security benefits,^[6] including the errors that are necessary for the proper operation of PMTUD. This can result in connections that complete the TCP three-way handshake correctly, but then hang when data is transferred. This state is referred to as a black hole connection.^[7]

Some implementations of PMTUD attempt to prevent this problem by inferring that large payload packets have been dropped due to MTU rather than because of link congestion. However, in order for the Transmission Control Protocol (TCP) to operate most efficiently, ICMP Unreachable messages (type 3) should be permitted. A robust method for PMTUD that relies on TCP or another protocol to probe the path with progressively larger packets has been standardized in RFC 4821.^[8]

A workaround used by some routers is to change the maximum segment size (MSS) of all TCP connections passing through links with MTU lower than the Ethernet default of 1500. This is known as MSS clamping.^[9]

See also

• Internet Protocol Suite

References

1. ^ RFC 1191, Path MTU Discovery, J. Mogul, S. Deering (November 1990)
2. ^ RFC 1981, Path MTU Discovery for IP version 6, J. McCann, S. Deering, J. Mogul (August 1996)
3. ^ Davies, Joseph (2012). Understanding IPv6 (3rd ed.). Microsoft Press. pp. 146–147. ISBN 9780735659148.
4. ^ linux source code see line with "mtu_expires" 10 * 60 seconds
5. ^ Davies, Joseph (2012). Understanding IPv6 (3rd ed.). Microsoft Press. p. 147. ISBN 9780735659148.
6. ^ Michael Mullins (2003-10-21). "Prevent hacker probing by blocking ICMP traffic". Retrieved 2013-07-12.
7. ^ RFC 2923, TCP Problems with Path MTU Discovery, K. Lahey (September 2000)
8. ^ RFC 4821, Packetization Layer Path MTU Discovery, M. Mathis, J. Heffner (March 2007)
9. ^ "Circumventing Path MTU Discovery issues with MSS Clamping".

External links

• Internet Engineering Task Force Path MTU Discovery (PMTUD) Working Group