On Tuesday 2010-12-14 04:46, ratheesh k wrote: >In udp , there is no mss discovey.So , if we set DF bit in IP packet  and >suppose an intermediate router does have disabled icmp-reply (thru iptables >) and have less MTU than the sender. > >Then , router will drop the packet ,How client know to fragment the udp >packet ? It won't, that's why ICMP should not be blocked. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
