Ask Your Question

PMTU Discovery capture

asked 2023-01-20 20:50:43 +0000

AL gravatar image

updated 2023-01-21 08:21:10 +0000

Jaap gravatar image

I am trying to capture PMTU Disovery using ping on a Windows client as below

ping <ip addrerss> -f -l 1480

The above command will return "Packet needs to be fragmented but DF set" (as I expected). However in the Wireshark trace I can not see this packet, I would expect to see a destination host unreachable ICMP packet

When I do a ping without the fragemented packet, I can see the ICMP capture in Wireshark.

Am I correct in thinking a firewall/router etc is dropping the ICMP packet hence not in the trace file

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2023-01-21 08:34:07 +0000

Jaap gravatar image

The network stack is running into a MTU limitation right at the very first interface, the one you try to send out of. Therefore the packet doesn't even leave the interface and therefore cannot be captured.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2023-01-20 20:50:43 +0000

Seen: 486 times

Last updated: Jan 21 '23