How to verify "ICMP Packet Too Big Messages " aren't being returned
I had a scanner installed and we use these to scan to email using obviously via SMTP. It would not scan an actual scanned document but the the device has an SMTP test that would send a small emails and so it would complete the communication. I was told by the tech that the reason was that the MTU size was an issue. I was also told that the carrier "Wireless 4G LTE" was the root cause of the issue and when using "tunnel path-mtu-discovery" I'm told that " , the carrier isn’t sending the ICMP Packet Too Big Messages back to our router" I have a packet capture during this scanning process, my question is how can I tell that this is the case?
Maybe this is a better way to ask.. in my capture I have colored rules that is showing up in this capture above "(tcp.flags.syn==1) && !(tcp.options.wscale.shift)" So the syn bit is set to 1 .. how does this mean that Windows scaling is not supported? When I took the WS course this was given to me but I don't remember the details
Well, since you got that coloring rule from me:
The coloring rule triggers if either of the TCP peers fails to announce support for Window Scaling in the handshake packets. To use Window Scaling, both systems must support it, so each system must put its Window Scaling shift factor in its first packet, which will be the SYN and the SYN/ACK packets.
The first part: "tcp.flags.syn==1" means that the SYN bit is set, so it is either a SYN or SYN/ACK packet.
The second part "!(tcp.options.wscale.shift)" means that the field that would have the shift factor is not present.
So this is a SYN or SYN/ACK packet and the Window Scaling option is not present.
But as Sindy said in his answer, this wouldn't have anything to do with your situation.