PMTU Discovery Security Concerns

Jason A. Donenfeld Jason at
Sun Apr 15 18:13:12 CEST 2018

On Sun, Apr 15, 2018 at 6:06 PM, Tim Sedlmeyer <tim at> wrote:
> PMTUD on the Internet is often broken and increasingly becoming more
> broken, so in my opinion introducing any level of potential security
> concern to support it would be unwise.

I was wondering if there's actually an appropriate use case for PMTUD
within networks that are well behaved. For example, within various
intranets, or between physical sites within a campus. Perhaps these
aren't relevant, since they're centrally managed anyway, and so we
should just give up with PMTUD all together?

> If MTU issues are regularly presenting a significant issue to
> successful deployment of wireguard than in the short term I would
> suggest doing what many ipsec implementations do, give up some
> performance in order to increase the likelihood of successful
> transmission by assigning a default MTU significantly small enough to
> avoid issues in the vast majority of circumstances. For instance by
> default the OS X ipsec vpn implementation assigns an MTU of 1280, the
> minimum IPv6 datagram size, to the tunnel by default. Cisco assigns an
> MTU of 1300 by default.

Not a bad idea for end user clients. Ugly, but maybe nobody would be
too perturbed. wg-quick(8) has an MTU= parameter, after all, which
could be set to 1280.

> In the long term some form of packetization layer path mtu discovery
> probably should be added to the wireguard protocol itself. Perhaps by
> padding the first message of the handshake to utilize it as a mtu
> discovery probe.

I was thinking about implementing something like this on top of
WireGuard -- a basic ping probe tool that walks through each peer and
tries to ping one of its allowed IPs within the tunnel. Maybe this
would take care of most peoples' use cases. It is explicit, however,
rather than the nice on-demand automatic aspect of traditional PMTUD.

But anyway, all of this falls into the category of, "let's just not do
PTMUD." I'm still not convinced it's impossible to do securely, mostly
because I haven't heard anybody explicitly say, "we thought about this
for 25 years and it can't be done."

More information about the WireGuard mailing list