From owner-freebsd-net@FreeBSD.ORG Mon Mar 31 03:28:03 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACE6037B401 for ; Mon, 31 Mar 2003 03:28:03 -0800 (PST) Received: from mail.procreditbank.com (mail.procreditbank.com [212.95.179.198]) by mx1.FreeBSD.org (Postfix) with SMTP id B356443FBD for ; Mon, 31 Mar 2003 03:28:01 -0800 (PST) (envelope-from i.tanusheff@procreditbank.com) Received: (qmail 66563 invoked from network); 31 Mar 2003 11:27:59 -0000 Received: from unknown (HELO itaush) (172.16.248.250) by proxy.procreditbank.bg with SMTP; 31 Mar 2003 11:27:59 -0000 From: "Ivailo Tanusheff" To: Date: Mon, 31 Mar 2003 14:27:58 +0300 Organization: ProCredit Bank Message-ID: <060e01c2f778$9528a400$faf810ac@sof.procreditbank.bg> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 In-Reply-To: <20030331102658.GA66056@mail.1system.ru> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal cc: FreeBSD Net Subject: RE: Need to frag (DF) :) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: I.Tanusheff@procreditbank.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2003 11:28:05 -0000 Hi, I think you should lower the mtu value of the ng0 interface. This is because of the packet overhead. If you are using Windows XP, than you should enable multilink or you can't bypass this. Ivailo Tanusheff -----Original Message----- From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd-net@freebsd.org] On Behalf Of Dennis S. Davidoff Sent: Monday, March 31, 2003 1:27 PM To: freebsd-net Subject: Need to frag (DF) :) Hi all. After successful authorization and setting tunnel by mpd I've got a problem with packet fragmentation. rl0: flags=8843 mtu 1500 net 172.16.1.2 netmask 0xffffff00 broadcast 172.16.1.255 ether 00:02:44:2e:35:da media: Ethernet autoselect (100baseTX ) status: active rl1: flags=8843 mtu 1500 inet 172.16.0.1 netmask 0xffffff00 broadcast 172.16.0.255 ether 00:10:dc:06:e8:91 media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet 127.0.0.1 netmask 0xff000000 ng0: flags=88d1 mtu 1392 inet 10.0.0.1 --> 10.0.0.2 netmask 0xffffffff As you can see, mtu is 1392. So any attempt to open big content from site or download a big file will fail. tcpdump shows: 14:13:09.876867 172.16.1.2 > 217.106.231.104: icmp: 192.168.0.168 unreachable - need to frag (mtu 1392) (DF) ...and so on. Also I'll trying to test my gateway like that: C:\Documents and Settings\null>ping -f -l 1500 172.16.0.1 Pinging 172.16.0.1 with 1500 bytes of data: Packet needs to be fragmented but DF set. Packet needs to be fragmented but DF set. Ping statistics for 172.16.0.1: Packets: Sent = 2, Received = 0, Lost = 2 (100% loss), Control-C Someone from obsd tells me that in obsd pf it could be solved by the rule: scrub in all no-df fragment reassemble ...which defragments all packets and removes DF flag (i guess) P.S. On my gateway I have an ipfw rule that allows any icmp type. Thanks for any advices. -- Sincerely, Dennis _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"