.\" -*-nroff-*- .\" .\" Documentation for pathmtu .\" .\" (c) 2008 Straylight/Edgeware. .\" . .\"----- Licensing notice --------------------------------------------------- .\" .\" This file is part of Trivial IP Encryption (TrIPE). .\" .\" TrIPE is free software; you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by .\" the Free Software Foundation; either version 2 of the License, or .\" (at your option) any later version. .\" .\" TrIPE is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with TrIPE; if not, write to the Free Software Foundation, .\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. . .\"-------------------------------------------------------------------------- .so ../common/defs.man \" @@@PRE@@@ . .\"-------------------------------------------------------------------------- .TH pathmtu 1 "29 December 2008" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" . .\"-------------------------------------------------------------------------- .SH "NAME" . pathmtu \- discover path MTU to a given host . .\"-------------------------------------------------------------------------- .SH "SYNOPSIS" . .B pathmtu .RB [ \-H .IR header ] .RB [ \-m .IR method ] .br \c .RB [ \-r .IR retransmit ] .RB [ \-g .IR factor ] .RB [ \-t .IR timeout ] .br \c .I host .RI [ port ] . .\"-------------------------------------------------------------------------- .SH "DESCRIPTION" . The .B pathmtu program discovers the size of the largest IP packet which can be sent to a given .I host (specified as a dotted-quad IP address or host name) without being fragmented. This is useful information, particularly when setting up VPN tunnel interfaces. .PP The program works by sending UDP packets and finding out whether they get fragmented. The packets are sent to a specified .I port (specified as a number or service name) on the destination host. The destination does not need to be listening on the given port \(en indeed, it doesn't matter if the port is firewalled. The default port is 7 (echo), chosen because if it is active, we'll get an answer. .PP The .B pathmtu program attempts to find a correct answer even if ICMP fragmentation-required packets are suppressed. It distinguishes between the remote host dropping packets and an intermediate router failing to report fragmentation-needed errors by sending a minimum-size packet and seeing whether it gets any response to that. .PP The .B pathmtu program (currently) contains two different methods for MTU probing. One uses the Linux-specific .B IP_MTU and .B IP_MTU_DISCOVER socket options; this works fine even as an unprivileged user. The other uses raw sockets, so it's fairly portable, but .B pathmtu must be installed setuid-root to work. (It attempts to create its raw sockets as its first action \(en before processing the command line \(en and drops privileges immediately afterwards, so the attack surface is very tiny.) The raw sockets method is very slightly more robust: specifically, it's much less likely to get confused by delayed errors. .PP Command-line options are as follows. .TP .B "\-h, \-\-help" Writes a brief description of the command-line options available to standard output and exits with status 0. .TP .B "\-v, \-\-version" Writes tripe's version number to standard output and exits with status 0. .TP .B "\-u, \-\-usage" Writes a brief usage summary to standard output and exits with status 0. .TP .BI "\-g, \-\-growth=" factor Sets the retransmit interval growth factor. Each time a packet is retransmitted, .B pathmtu increases the amount of time it waits before retransmitting again by this .IR factor . The default growth factor is 3. .TP .BI "\-m, \-\-method=" name Select the MTU probing method. The available methods are shown by .BR \-\-help . The .B linux method is Linux-specific and might be confused by delayed errors under some circumstances, but it's usable by unprivileged users; the .B raw method is portable but requires .B pathmtu to be installed setuid-root. .TP .BI "\-r, \-\-retransmit=" interval Sets the initial retransmit interval, in seconds. If no reply is received to a probe within the interval, then a second packet is sent, and the retransmit interval increased by the growth factor (see .BR \-g ). The default initial retransmit interval is 0.333 seconds. .TP .BI "\-t, \-\-timeout=" timeout Sets the time to wait for a reply, in seconds. If no reply or error is received within the timeout, it is assumed that no reply will be forthcoming. If we've ever received a reply from the remote host in the past, then .B pathmtu assumes that a timeout indicates that the packet was too large, but the ICMP fragmentation-required error was suppressed as a result of administrative incompetence by someone responsible for an intermediate router. Otherwise, .B pathmtu sends a small packet to settle the question of where packets are being dropped: if it doesn't receive a response to this packet either, then it assumes that the timeout means that the remote host .I did receive the packet. The default timeout is 8 seconds. .TP .BI "\-H, \-\-header=" header Sets the packet header, in hexadecimal. If you set an explicit port number, it may be worth setting the packet header too, so as not to alarm anything which might be listening on that port. A sequence number (in order to disambiguate replies) and some pseudorandom data are appended to the header. The default header is empty. . .\"-------------------------------------------------------------------------- .SH "BUGS" . The whole business of probing path MTUs is rather unpleasant. . .\"-------------------------------------------------------------------------- .SH "AUTHOR" . Mark Wooding, . .\"----- That's all, folks --------------------------------------------------