First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

PMTU Discovery capture

  • retag add tags

I am trying to capture PMTU Disovery using ping on a Windows client as below

ping <ip addrerss> -f -l 1480

The above command will return "Packet needs to be fragmented but DF set" (as I expected). However in the Wireshark trace I can not see this packet, I would expect to see a destination host unreachable ICMP packet

When I do a ping without the fragemented packet, I can see the ICMP capture in Wireshark.

Am I correct in thinking a firewall/router etc is dropping the ICMP packet hence not in the trace file

AL's avatar
3
AL
asked 2023-01-20 20:50:43 +0000
Jaap's avatar
13.7k
Jaap
updated 2023-01-21 08:21:10 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

The network stack is running into a MTU limitation right at the very first interface, the one you try to send out of. Therefore the packet doesn't even leave the interface and therefore cannot be captured.

Jaap's avatar
13.7k
Jaap
answered 2023-01-21 08:34:07 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer