Date: Mon, 05 Dec 2005 14:41:16 +0000 From: Spadge <spadge@fromley.net> To: Alvaro Saurin <saurin@dcs.gla.ac.uk> Cc: freebsd-net@freebsd.org Subject: Re: Dummynet and fragments Message-ID: <4394518C.1030104@fromley.net> In-Reply-To: <79336124-B4D5-43A3-88D2-9FE0D4A4D120@dcs.gla.ac.uk> References: <79336124-B4D5-43A3-88D2-9FE0D4A4D120@dcs.gla.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Alvaro Saurin wrote: > The problem comes here: if I 'ping' between these two machines, > everything is fine, but if I 'ping' with a packet size of, ie, 2000, no > packets arrive at the receiver. Does it have to do with fragmented > packets? Do I have to include any other rule for dealing with fragments? 65100 0 0 deny log logamount 5000 ip from any to any frag Does this not effectively kill all frags? Are your unreceived packets showing up in the log? And if not, are you sure that it's BSD4 that's losing them, and not ubuntu3? Here's how my firewall handles frags: # Allow IP fragments to pass through /sbin/ipfw add pass all from any to any frag You may also want to set up something similar to handle ICMP. I've not used dummynet pipes in ages, I wonder if setting a larger queue would help with my disconnect problems, or whether I really do just need to give up and reinstall the entire OS. -- Spadge "Intoccabile" www.fromley.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4394518C.1030104>