From owner-freebsd-bugs@freebsd.org  Tue Feb 16 09:36:57 2016
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5F552AA92BB
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Tue, 16 Feb 2016 09:36:57 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 43CDC1BFE
 for <freebsd-bugs@FreeBSD.org>; Tue, 16 Feb 2016 09:36:57 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u1G9avb4029491
 for <freebsd-bugs@FreeBSD.org>; Tue, 16 Feb 2016 09:36:57 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-bugs@FreeBSD.org
Subject: [Bug 207208] ping has a problem with fragmented replies
Date: Tue, 16 Feb 2016 09:36:57 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: 10.2-RELEASE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: jasper@siepkes.nl
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-207208-8-ONfSodTutG@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-207208-8@https.bugs.freebsd.org/bugzilla/>
References: <bug-207208-8@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2016 09:36:57 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D207208

--- Comment #3 from Jasper Siepkes <jasper@siepkes.nl> ---
Thanks for the prompt response Maxim.

I did some checks:

# sysctl net.inet.ip.maxfragsperpacket net.inet.ip.maxfragpackets
net.inet.ip.maxfragsperpacket: 16
net.inet.ip.maxfragpackets: 8192

Those are the defaults I believe. Also double checked any modifications to =
ICMP
and IP related stuff in loader.conf or sysctl.conf.=20

----8<-----------------------
# netstat -sp ip
ip:
        5136257 total packets received
        0 bad header checksums
        0 with size smaller than minimum
        0 with data size < data length
        0 with ip length > max ip packet size
        0 with header length < data size
        0 with data length < header length
        0 with bad options
        0 with incorrect version number
        0 fragments received
        0 fragments dropped (dup or out of space)
        0 fragments dropped after timeout
        0 packets reassembled ok
        254049 packets for this host
        12 packets for unknown/unsupported protocol
        0 packets forwarded (0 packets fast forwarded)
        0 packets not forwardable
        0 packets received for unknown multicast group
        0 redirects sent
        702407 packets sent from this host
        0 packets sent with fabricated ip header
        0 output packets dropped due to no bufs, etc.
        0 output packets discarded due to no route
        31 output datagrams fragmented
        62 fragments created
        22 datagrams that can't be fragmented
        0 tunneling packets that can't find gif
        0 datagrams with bad address in header
# netstat -sp icmp
icmp:
        0 calls to icmp_error
        0 errors not generated in response to an icmp message
        0 messages with bad code fields
        0 messages less than the minimum length
        0 messages with bad checksum
        0 messages with bad length
        0 multicast echo requests ignored
        0 multicast timestamp requests ignored
        Input histogram:
                echo reply: 1
                destination unreachable: 7282
                time exceeded: 1
        0 message responses generated
        0 invalid return addresses
        0 no return routes
        ICMP address mask responses are disabled
----8<-----------------------

I ran the tests again so the single 'echo reply' received is the normal size
and the "time exceeded" is the one with the larger payload.

The host I used is behind NAT (PAT) so that could indeed be a problem. Howe=
ver
I just now also did the test on another host which isn't behind NAT (pinged
another host in its network segment) and he also had the problem.

I will install a vanilla VM today and do some tests to see if this really i=
s an
issue or I messed up somewhere else in the config.

--=20
You are receiving this mail because:
You are the assignee for the bug.=