![blackhole macos blackhole macos](https://www.buildtoconnect.com/assets/recordit/faq/uninstall-blackhole1-76f3189255ffdaf6413f18821f8cd017c7fc35ac9fde1482c7c19cc50273b417.png)
So, it sends an ICMP message "Destination Unreachable" (ICMP Type: 3), with the additional information why it is unreachable (ICMP Code: 4), and includes the MTU of the interface that it was not able to send the packet on, alongside with the original IP header and 64 bits of the upper layer protocol (see RFC1191). The size of the packet is too big to transmit it on the link with the smaller MTU - and it can not fragment the packet because the DF bit is set. This segment would traverse the serverside cloud without anything special happening, however, when it is the time for RouterB to send the IP packet towards RouterA - it can't. After processing the request, the server starts to send the HTTP reply, which in the majority of the cases would be bigger than the MSS - which means that at least one full-sized TCP segment with the data will be sent towards the client. This segment is also small, so it makes it to the client with no difficulties, even though the IP DF ('Don not fragment') bit is set.
![blackhole macos blackhole macos](https://www.securemac.com/wp-content/uploads/2013/10/bhrat.jpg)
![blackhole macos blackhole macos](https://free4kwallpapers.com/uploads/originals/2019/04/11/first-ever-image-of-a-black-hole-wallpaper.jpg)
This segment would typically have the PUSH flag set to ensure the data is passed to the HTTP server application immediately, so the server does just that and immediately sends the ACK segment to confirm. Then, the client sends the HTTP request, which, for example, takes 400 bytes (a realistic request size in case there are no cookies). The segments with the SYN flag set would also have the MSS (Maximum Segment Size) option, equal to the sending node's interface MTU minus 40 bytes - so for the common case it will be 1460. The client successfully completes the three way handshake with the server (The client sends SYN segment, the server responds with the SYN-ACK, the client responds with ACK). Our example network assumes there's no transparent HTTP caching performed anywhere. Again, for the simplicity of the discussion, it is assumed that the GET request is small enough to fit into the single segment small enough to traverse from the client to the server without exceeding the MTU constraints on the smaller MTU link. We assume the client host is an HTTP client (web browser), that makes a GET request to the server.
#BLACKHOLE MACOS FULL#
Both of the clouds have links using the "standard" MTU, and provide the full connectivity - and they have some more clients connected, using the links with the same "standard" MTU and having full connectivity. The real-world situation in the most complicated scenarios could involve multiple links with different MTUs and asymmetric traffic path - so the lower-MTU link would only be traversed in a single direction. This diagram represents an example network, with two hosts we call "Client" and "Server" for the purpose of referencing them, as well as two clouds - "serverside cloud" and "clientside cloud", that have between them only a single link with the smaller MTU than all the other links in the network.
![blackhole macos blackhole macos](https://www.pixelstalk.net/wp-content/uploads/2016/08/Black-Hole-Photo-HD.jpg)
This page gives an overview of what exactly happens, and gives some points for consideration for inadvertently causing it.
#BLACKHOLE MACOS CODE#
The effect called "PMTUD black hole" is a failure of the TCP Path MTU Discovery due to ICMP messages "Destination Unreachable, Fragmentation needed" (Type 3, Code 4) not reaching the node that sends the TCP segments that are too large for the link with a smaller MTU within the path.