From owner-freebsd-net@FreeBSD.ORG Fri Dec 9 09:48:29 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F0B6416A41F for ; Fri, 9 Dec 2005 09:48:29 +0000 (GMT) (envelope-from atanas.yankov@gmail.com) Received: from xproxy.gmail.com (xproxy.gmail.com [66.249.82.192]) by mx1.FreeBSD.org (Postfix) with ESMTP id C030C43D58 for ; Fri, 9 Dec 2005 09:48:23 +0000 (GMT) (envelope-from atanas.yankov@gmail.com) Received: by xproxy.gmail.com with SMTP id s14so580699wxc for ; Fri, 09 Dec 2005 01:48:09 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=kAhlyrVPAhmu0EaRfl4RMvBrWyFJxcIYO8d2yuN6T6PRIUZl7P+6FUK+4x4CQSUnKgNSmudMmJp+SfQ2Oz1oqL4tLebUv+mgMwZNWJElkHKAmm4DnKmbJIwfIPc9L30F3Ie8NLjf5LnMnnCCL0br3MQMGJ1kW8W5kFDC5+bMuOY= Received: by 10.70.37.1 with SMTP id k1mr4367543wxk; Fri, 09 Dec 2005 01:48:08 -0800 (PST) Received: by 10.70.42.3 with HTTP; Fri, 9 Dec 2005 01:48:08 -0800 (PST) Message-ID: <314d88f90512090148m143b0f83u8dbc0c28e3ab9b4c@mail.gmail.com> Date: Fri, 9 Dec 2005 11:48:08 +0200 From: atanas atanas To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Dummynet and fragments X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Dec 2005 09:48:30 -0000 As i see nobody here answer to me and to other guys i make my own ivestigation of the problem with dummynet and why it's produce broken fragments in 5.x 6.x RELEASES in my debug's i found what couse the problem ;))) , here is my debugs all made on outgoing interaface after they live pipe's My Desktop PC ---- >>> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 18997:1480@0+) (ttl 64, len 1500) 192.168.135.213 > 195.69.108.254: icmp (frag 18997:528@1480) (ttl 64, len 548) 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19000:1480@0+) (ttl 64, len 1500) 192.168.135.213 > 195.69.108.254: icmp (frag 19000:528@1480) (ttl 64, len 548) 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19004:1480@0+) (ttl 64, len 1500) 192.168.135.213 > 195.69.108.254: icmp (frag 19004:528@1480) (ttl 64, len 548) 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19008:1480@0+) (ttl 64, len 1500) 192.168.135.213 > 195.69.108.254: icmp (frag 19008:528@1480) (ttl 64, len 548) Router-FreeBSD RELEASE-4.11-p13 with pipe's for incoming and outgoing traffic 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 18997:1480@0+) 192.168.135.213 > 195.69.108.254: icmp (frag 18997:528@1480) 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19000:1480@0+) 192.168.135.213 > 195.69.108.254: icmp (frag 19000:528@1480) 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19004:1480@0+) 192.168.135.213 > 195.69.108.254: icmp (frag 19004:528@1480) 192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19008:1480@0+) 192.168.135.213 > 195.69.108.254: icmp (frag 19008:528@1480) Router-FreeBSD RELEASE-5.4-p8 with pipe's for incoming and outgoing traffic IP (tos 0x0, ttl 62, id 26431, offset 0, flags [+], length: 1500) 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 0 IP (tos 0x0, ttl 62, id 26433, offset 1480, flags [none], length: 548) 192.168.135.213 > 195.69.108.254: icmp IP (tos 0x0, ttl 62, id 36602, offset 0, flags [+], length: 1500) 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 256 IP (tos 0x0, ttl 62, id 36603, offset 1480, flags [none], length: 548) 192.168.135.213 > 195.69.108.254: icmp IP (tos 0x0, ttl 62, id 46610, offset 0, flags [+], length: 1500) 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 512 IP (tos 0x0, ttl 62, id 46611, offset 1480, flags [none], length: 548) 192.168.135.213 > 195.69.108.254: icmp IP (tos 0x0, ttl 62, id 57038, offset 0, flags [+], length: 1500) 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 768 IP (tos 0x0, ttl 62, id 57039, offset 1480, flags [none], length: 548) 192.168.135.213 > 195.69.108.254: icmp the second router 5.x first change id off fragments then broke sequence and destination host can't reasseble all packet this is the reason why ping -s 2000 x.y.z.1 won't work traceroute x.y.z.1 2000 tcptraceroute x.y.z.1 80 2000 too but it's a simple tools for troubleshooting , the baddest in this case is that it's harm real traffic vpn-s , and others ---> Here is a fix of this problem --- ip_output.c Fri Dec 2 13:35:16 2005 +++ ip_output-fix.c Thu Dec 8 17:39:28 2005 @@ -173,7 +173,6 @@ if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) =3D=3D 0) { ip->ip_v =3D IPVERSION; ip->ip_hl =3D hlen >> 2; - ip->ip_id =3D ip_newid(); ipstat.ips_localout++; } else { hlen =3D ip->ip_hl << 2; br, CCNP Atanas Yankov Network Administrator AngelSoft Ltd.