Wireshark-users: Re: [Wireshark-users] SMB problems when ICMP is blocked?

From: Andrew Hood <ajhood@xxxxxxxxx>
Date: Mon, 08 Mar 2010 08:06:23 +1100
Jens Link wrote:
> Andrew Hood <ajhood@xxxxxxxxx> writes:
> <rant>
>>Solved on Windows by forcing the MTU to 1492. This is a global setting
>>for all interfaces.
> Manually changing the MTU might lead to other problems. An how low to you
> want to the MTU? There might be tunnels, etc. involved which might lower
> the MTU even further.

Given the environment that is unlikely, but if it happens the MTU will
change again. Anyone for gigabit ethernet running 576 byte MTUs? I don't
like doing it this way but the paranoid run the security department and
will not listen to the voice of reason.

Add the facts that there are multiple service owners in the network path
(who will blame each other) and a customer to satisfy, a working
solution beats an unwinable fight any day.

>>Doing it the right way and having security allow the MTU exceeded? Not a
>>hope in hades. Paranoia rules.
> Only Idi^w clueless people drop ICMP completely. It breaks TCP. Yes you
> can fix around this problems but doing so will most probably cause other
> problems.  
> I hope these people will also block ICMPv6 completely as well. This way 
> they'll have no connectivity at thus will cause no problems for the rest
> of the world.

You are preaching to the choir Jens. Once upon a time someone told
security a fable about all ICMP being the tool of evil hackers. They
believed it. IPv6 won't affect this network unless IPv4 is deleted by M$
from all versions of the Windows stack.

There's no point in being grown up if you can't be childish sometimes.
                -- Dr. Who