Bug 63

passt/pasta uses a very large MTU on the virtual link to the guest or namespace.  Therefore  the path MTU from the guest to remote hosts will typically be less than the link MTU.

For TCP, this doesn't really matter because passt will "repack" the stream data into appropriately sized segments in both directions.  However a client program could use path MTU discovery to ascertain a maximum size for UDP packets to use for some protocol.  However path MTU discovery is not possible through passt, since we don't propagate the ICMP Would Fragment or ICMPv6 Too Big messages from outside.  This will probably work with IPv4, since passt's host kernel will fragment large UDP packets, but it may lead to degraded performance and reliability.  With IPv6 it may be a bigger problem, since it doesn't generally allow fragmentation.

I believe we could allow path MTU discovery through passt as follows:
  * For UDP packets received from the tap side with the don't fragment bit, use the IP_MTU_DISCOVER sockopt to forward that to the external target.
  * Use the IP_RECVERR/IPV6_RECVERR sockopt on outside facing UDP sockets to receive would fragment / too big errors and synthesize ICMP/ICMPv6 packets on the tap interface to propagate them to the guest.