Finding Black Hole Routers

Quick Tips for checking a common Terminal Services/Remote Desktop Internet connection problem

Black hole routers may dump packets above a certain size when you are trying to traverse a path to a server. Here's a method for looking for a black hole router, and figuring out the size of the "bottleneck".

1. Try a normal ping of the server; this sends a "minimal" packet of 32 bytes.
    
2. If the remote system drops all ping requests (possible for some secured systems), do a traceroute, and start your ping with the next-to-last system. Make sure you have a "plain" ping working.
    
3. Now try pinging with fixed-size packets that are set to not fragment. Normally the largest size possible is 1472 bytes. This is done like this:
   ping -l -n
   For example, to ping 169.3.65.254 with a packetsize of 1472, do this:
   
   ping -l 1472 -n 169.3.65.254
    
4. If the largest packet is rejected, determine size by bisection; drop to about 736; if that works, try about 1100 or so, until you find about the largest size that will work.
    
5. If this does indeed work, you have two possible resolutions.  One is to try finding the black hole and getting the administrators of the system to fix it.  This requires doing a traceroute to the Terminal Server and then checking the intervening systems for fragmentation as we did here.  More realistically, you may want to set the Terminal Server to use packets small enough to get through.
   Note that you should not use the Microsoft Windows 2000 TCP/IP Protocols and Services Technical Reference to set the MTU key location - it's wrong.  Instead, see the appropriate article before and look up "MTU" in it.
   
   TCP/IP and NBT Configuration Parameters for Windows 2000 or Windows NT
   TCP/IP and NBT Configuration Parameters for Windows XP