Hi. Thanks for your response. > >> I'm not either. Perhaps David Woodhouse can weigh in on why he decided >> to drop the connection when Juniper packets exceed the MTU (this was >> added back in a47d69d3544e8d067c08aeb82e770daf8f635348). > > Because it was (supposedly!) a 'can never happen' condition. > > If they're actually going to send larger packets then ? as long as we > make bloody sure we're not going to overflow our allocations ? I > suspect we're better off actually receiving them. If they made them > through, why drop? And if we *are* going to drop, shouldn't we be > sending ICMP back? It looks like I totally overlooked 'buffers may be to small' issue. I'll work on next version of this patch to address this. -- Martynov Nikolay. Email: mar.kolya at gmail.com
