zlacker

[parent] [thread] 0 comments
1. eqvino+(OP)[view] [source] 2026-01-14 05:09:16
If anything, that's why you discard ICMP port unreachable, which I assume you meant.

If you're blanket dropping all ICMP errors, you're breaking PMTUD. There's a special place reserved in hell for that.

(And if you're firewalling your ICMP, why aren't you firewalling TCP?)

[go to top]