Date: Wed, 14 Feb 2007 13:27:05 -0500 From: Stephen Clark <Stephen.Clark@seclark.us> To: Tom Judge <tom@tomjudge.com> Cc: freebsd-net@freebsd.org Subject: Re: pmtud problem Message-ID: <45D35479.8010100@seclark.us> In-Reply-To: <45D2E894.4090404@tomjudge.com> References: <45D1E669.30402@seclark.us> <45D2E894.4090404@tomjudge.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tom Judge wrote: >Stephen Clark wrote: > > >>Hello List, >> >>We have a setup that looks like the following. >> >>pc <-ethernet-> freebsd 4.9 <-pppoe-> internet <-ethernet-> freebsd 6.1 >>on the freebsd box we have a gre tunnel with a mtu of 1420 feeding into a >>gif vpn tunnel with a mtu of 1280 ( I know this dumb but it the default >>value when you create a gif ) >>feeding into a tun0 with a mtu of 1492. >> >>What we see is the packet never makes it to the freebsd 6.1 system. >> >>if the pc sends a packet of 1460 bytes with the DF bit set shouldn't the >>freebsd 4.9 system >>send back an icmp dest unreachable - fragmentation needed and DF bit set? >>$ sysctl -a | grep mtu >>net.inet.tcp.path_mtu_discovery: 1 >> >>Now if I change the mtu of the gre to 1412 everything works. >> >>Any insight would be appreciated. >> >>Thanks, >>Steve >> >> > >Are you using IPSEC on your gif interface? If so there is a bug in 6.1 >where the IPSEC code that is responsible for populating the ICMP packet >fields (Fragmentation needed and the MTU hint) fails to set the MTU hint >in the icmp packet. The problem is fixed in 6.2 and it is a very simple >patch for 6.1. > >Please see the link for the discussion on this problem back in november. > >http://groups.google.ms/group/muc.lists.freebsd.hackers/browse_thread/thread/bff95bd13d700fde/51a27f0d0c42ee92 > >Regards > >Tom J > > > Hi Tom, Thanks I saw that when I was sending from the 6.1 side and was sort of supprised there was no mtu hint size. I'll get the patch and apply it. The real place I am seeing the problem is on the other side. Regards, Steve -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D35479.8010100>