From owner-freebsd-stable@FreeBSD.ORG  Thu Jul 12 19:34:23 2007
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 5058116A4AC
	for <freebsd-stable@freebsd.org>; Thu, 12 Jul 2007 19:34:23 +0000 (UTC)
	(envelope-from Stephen.Clark@seclark.us)
Received: from smtpauth01.prod.mesa1.secureserver.net
	(smtpauth01.prod.mesa1.secureserver.net [64.202.165.181])
	by mx1.freebsd.org (Postfix) with SMTP id 43B5613C4C2
	for <freebsd-stable@freebsd.org>; Thu, 12 Jul 2007 19:34:21 +0000 (UTC)
	(envelope-from Stephen.Clark@seclark.us)
Received: (qmail 2777 invoked from network); 12 Jul 2007 19:34:20 -0000
Received: from unknown (24.144.77.243)
	by smtpauth01.prod.mesa1.secureserver.net (64.202.165.181) with ESMTP;
	12 Jul 2007 19:34:20 -0000
Message-ID: <4696823B.9020107@seclark.us>
Date: Thu, 12 Jul 2007 15:34:19 -0400
From: Stephen Clark <Stephen.Clark@seclark.us>
User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.16-22smp i686; en-US;
	m18) Gecko/20010110 Netscape6/6.5
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Stephen.Clark@seclark.us
References: <469624D1.20108@seclark.us>
In-Reply-To: <469624D1.20108@seclark.us>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-stable@freebsd.org
Subject: Re: pmtud + ipnat RELENG_6_2 appears to be broken
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Stephen.Clark@seclark.us
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jul 2007 19:34:23 -0000

Stephen Clark wrote:

>Hi List,
>
>When using ipnat, part of ipfilter 4.1.13, I don't see any
>icmp packets being returned saying:
>Host Unreachable, frag needed and DF set.
>type 3, code 4
>
>It does work if I am not using ipnat.
>
>Any ideas?
>
>Thanks,
>Steve
>
>  
>
Sorry for the noise - this seems to be OK. But the problem I am seeing 
relates to:

Did something change in 6.2? If my mtu size on rl0 is 1280 it won't
accept a larger incoming packet.

kernel: rl0: discard oversize frame (ether type 800 flags 3 len 1514 > max
 1294)

I don't think it worked this way in the past.

Won't this affect pmtud?

man page for ifconfig says mtu limits size of "transmission" not reception.

     "mtu n   Set the maximum transmission unit of the interface to n, 
default
             is interface specific."

-- 

"They that give up essential liberty to obtain temporary safety, 
deserve neither liberty nor safety."  (Ben Franklin)

"The course of history shows that as a government grows, liberty 
decreases."  (Thomas Jefferson)