today I want to write about Path MTU Discovery, which currently is in development and needs some more testing to get implemented into IPFire 2.
In most cases, IP packets will be fragmented during their way from the source to the destination host. Path MTU Discovery uses the DF-Flag (dont fragment) on the IPv4 packet header to prevent from that. If this feature gets enabled, a gateway which has to fragment a packet, because of usage a different MTU size will drop it and return an ICMP packet code 3 – Fragmentation Needed.
The host changes its current MTU size and retransmit the packet as often as required to deliver it to the destination host.
So Path MTU Discovery allows us to automatically get the best MTU size for your VPN connections, which will save resources and speed up your connections.
You can enable and configure it by using the IPFire Web-Userinterface. The feature is available for Roadwarrior connections and for Net-to-Net connections.
Detailed information about how to test this nice feature can be found on the mailing list. Please also post any problems or bugs during the test on it.
Posted by Stefan Schantl on November 14, 2012