[Guy Harris <gharris@xxxxxxxxx>]

Daniel Wang wrote:

> When I turned on ethereal, it only captured the successful ICMP echo 
> request/reply packets. There was no trace of the attempt using the 
> oversize packets. Why is that?

Perhaps because no such attempt was made.

> Obviously the router generated the error 
> because it couldn’t fragment the packets.

It's not obvious that the errors are from the router.  I tried

	ping {my ISP's Web server} -l 1600 -f

on a Windows XP "machine" (Virtual PC on my Mac), and it printed "Packet 
needs to be fragmented but DF set." messages.  It's unlikely that those 
packets ever made it onto the Ethernet, as 1600 is bigger than the 
Ethernet MTU; running Ethereal on the Mac didn't reveal any pings, but 
pinging with "-l 1200" did.

It's not *guaranteed* that the errors come from the Windows networking 
stack not even bothering to send the packet, given that it probably has 
no idea that there's MPLS on the router (I assume that's what you mean 
by "mulitilayer switching") reducing the MTU due to MPLS overhead, but 
that's at least worth checking.  What's the MTU on the interface the 
pings are going on.