I have no idea where they came up with this "576 internally" nonsense.
Generally whenever one runs into that number it is as a result of
creaky old software that expects to be running over milnet or arpanet.
IPX used 576 forever whenever you had to cross IPX "subnets". The reason
was simple. They were lazy. 576 was the least common denominator between
Ethernet, TR, and _Arcnet_
Large IPX (LIPX) allowed them to do basically what IP calls Path MTU
discovery. Only took them a day short of forever to figure out how to do
Are Microsoft stacks known to be broken in the packet
fragmentation/reassembly department? Or are just acknowledging
deficiencies in their path mtu discovery code by setting the MSS in
the basement? I knew they had problems with window length (this from
my friends with long fat pipes)...
With all the paranoids trying to block all ICMP, not just ICMP_ECHO, doesn't
that essentially break PMTUD. 576 may not be efficient, but its probably
the safest to assume.