From owner-freebsd-bugs@FreeBSD.ORG Fri Jan 6 20:00:26 2006 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0F4B16A41F for ; Fri, 6 Jan 2006 20:00:26 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 62F5043D46 for ; Fri, 6 Jan 2006 20:00:26 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k06K0PkI016279 for ; Fri, 6 Jan 2006 20:00:25 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k06K0Pnf016278; Fri, 6 Jan 2006 20:00:25 GMT (envelope-from gnats) Date: Fri, 6 Jan 2006 20:00:25 GMT Message-Id: <200601062000.k06K0Pnf016278@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Nate Nielsen Cc: Subject: Re: kern/91412: Problem with PMTU Discovery / DF / IPSEC / GIF Tunnels X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nate Nielsen List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jan 2006 20:00:26 -0000 The following reply was made to PR kern/91412; it has been noted by GNATS. From: Nate Nielsen To: bug-followup@freebsd.org Cc: Subject: Re: kern/91412: Problem with PMTU Discovery / DF / IPSEC / GIF Tunnels Date: Fri, 6 Jan 2006 20:13:52 +0000 (GMT) This is a multi-part message in MIME format. --------------070507060309070107090700 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit --------------070507060309070107090700 Content-Type: application/x-gzip; name="pmtu-gif-ipsec-config.tar.gz" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="pmtu-gif-ipsec-config.tar.gz" H4sICCX8u0MAA2ZyLjE0MTUyLjAucG10dS1naWYtaXBzZWMtY29uZmlnLnRhcgDtltuOmzAQ hrktT2H5HoPNaaUol7ndVupVpUqRAQNWwLDYdLVvXw67DVGrkN2o2R7miyLMMPkdxfNPpq1N 7xQyd2SrReqkjcpl4XZNb0TncHeKkjFqvR1vIAqC8Urj0FteJ4KAWtTzwyiOwziOrOGpH0QW 8q7Y82J6bXiHkKUFV+fy1p7/peRVr8uNrdvseWXzLEPUI4zcEfqyYEjoFrHh3JCzQ0nVPOZS l06apAjzJM1EXpSU+cFwhHd4s5RgR61nCXaRxPiNRhmPTC/XW6xkGyDnE5IKTeU5Crum40q3 TWdctxMPvezE5gKJocxXNOz3PqDfTHve/93V5rfW/R/G/tH/wej/KAoZ+P8W2AU34pE/7YXi SSW2+MvuM7bLRhvF6+HW9EqJyqmkOjicGKENqZqUV9hOq0aJbC/VUCk5T4Xe4qGOPGzLfK6i /Xi7xVIJMzaBmFA6d5RpxdAQr7k+IBaG5OXtoa/2BzQzb/1zL1rsUKn0dIeQUJcFpxn0mDEJ TQn2QTzVvN3iXpPsW9PxA7a1LrPT30ELldVcVj+i9x/vd8OHH3peFPw0dzLQr0K5HAOuMOni 7xT/IZ3lrP+Td/C/H87+p+D/W/Aa/yfX+58tOsHr/H8cJM75P1r3PwP/L1jx/63n/8hj/jT/ ++D/mwDz//89/wMAAAAAAAAAAAAAAAAAAAAA8O/xHfPkVqoAKAAA --------------070507060309070107090700 Content-Type: text/x-patch; name="pmtu-gif-ipsec.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="pmtu-gif-ipsec.patch" --- sys/netinet/ip_input.c.orig Wed Jan 4 10:18:01 2006 +++ sys/netinet/ip_input.c Wed Jan 4 10:39:35 2006 @@ -1918,29 +1918,29 @@ ip_forward(struct mbuf *m, int srcrt) } } #ifdef IPSEC key_freesp(sp); #else /* FAST_IPSEC */ KEY_FREESP(&sp); #endif - ipstat.ips_cantfrag++; - break; - } else + } #endif /*IPSEC || FAST_IPSEC*/ - /* - * When doing source routing 'ia' can be NULL. Fall back - * to the minimum guaranteed routeable packet size and use - * the same hack as IPSEC to setup a dummyifp for icmp. - */ - if (ia == NULL) - mtu = IP_MSS; - else - mtu = ia->ia_ifp->if_mtu; + if (!mtu) { + /* + * When doing source routing 'ia' can be NULL. Fall back + * to the minimum guaranteed routeable packet size and use + * the same hack as IPSEC to setup a dummyifp for icmp. + */ + if (ia == NULL) + mtu = IP_MSS; + else + mtu = ia->ia_ifp->if_mtu; + } #if defined(IPSEC) || defined(FAST_IPSEC) } #endif /*IPSEC || FAST_IPSEC*/ ipstat.ips_cantfrag++; break; case ENOBUFS: /* --------------070507060309070107090700--