?
Solved

MTU configuration on Windows 2000 Server

Posted on 2010-03-26
4
Medium Priority
?
427 Views
Last Modified: 2013-12-05
I have a problem concerning a third party trying to FTP to one of our servers. If they try and FTP a small amount of information it succeeds without any problems, but if they transfer kargers amounts of information the process stalls and eventually times out. After some investigation I believe that it is something to do with the packet size bing transmitted by the server as I have done a Wireshark capture that shows an ICMP packet is being set back from the router stating that Fragmentation is needed.

I have applied some registry changes on the receiving server which have disabled PMTU and I have also set the MTU on the interface to 1500. In addition to this I have been thinking about adding Black Hole Detection, but I am unsure as to whether I need this or not.

Could anyone advise what Black Hole detection actually does?
0
Comment
Question by:MartynLawson
  • 2
  • 2
4 Comments
 
LVL 21

Expert Comment

by:Rick_O_Shay
ID: 28699403
The ICMP about fragmentation is saying that a packet with the do not fragment bit set is hitting a device in the network where the packet needs to be fragmented to continue. What ever application is setting the don't fragment should be changed to allow any networking devices to fragment as required.
0
 
LVL 1

Author Comment

by:MartynLawson
ID: 29077877
The application that is trying to send the information is the ISS FTP site, but I have also tried Bulletproof FTP and Filezilla and they all have the same issue. Like I said above I have set the MTU on the interface to 1500 and I have disabled the PMTU, but alot of the sites mention Black Hole routers, but I am not sure of whether I need this setting to be active
0
 
LVL 21

Accepted Solution

by:
Rick_O_Shay earned 2000 total points
ID: 29089274
You don't want to lock the MTU at 1500 as that is too big for something in the path. You would need to go smaller. Try somehting like 1420.

You can test for what is the max segment size being allowed by using the ping -f -l as documented in: http://support.microsoft.com/kb/159211

The Windows TCP is supposed to adjust its max segment size when it gets the ICMP back.
Black hole detection is used when a router doesn't send the ICMP to try to find the max size for the path and then adjust to it.  It is called a balck hole because it just drops the packet and doesn't tell anyone about it.

PMTU discovery is also used to help determine what is the max size that should be used.
0
 
LVL 1

Author Closing Comment

by:MartynLawson
ID: 31707522
I found that the MTU should be 1400 and it appears to work fine now.

Thanks for your help, it is greatly appreciated
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question