From owner-freebsd-stable@FreeBSD.ORG Thu Jul 12 21:39:52 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8EEAF16A473 for ; Thu, 12 Jul 2007 21:39:52 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from mail-out3.apple.com (mail-out3.apple.com [17.254.13.22]) by mx1.freebsd.org (Postfix) with ESMTP id 7804A13C45D for ; Thu, 12 Jul 2007 21:39:52 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from relay7.apple.com (relay7.apple.com [17.128.113.37]) by mail-out3.apple.com (Postfix) with ESMTP id 2EA94B94053; Thu, 12 Jul 2007 14:39:52 -0700 (PDT) Received: from relay7.apple.com (unknown [127.0.0.1]) by relay7.apple.com (Symantec Mail Security) with ESMTP id 197DB3005F; Thu, 12 Jul 2007 14:39:52 -0700 (PDT) X-AuditID: 11807125-a4c6bbb0000007df-b0-46969fa7441f Received: from [17.214.13.96] (int-si-a.apple.com [17.128.113.41]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay7.apple.com (Apple SCV relay) with ESMTP id EE6EC30044; Thu, 12 Jul 2007 14:39:51 -0700 (PDT) In-Reply-To: <46969129.60409@seclark.us> References: <469624D1.20108@seclark.us> <4696823B.9020107@seclark.us> <46969129.60409@seclark.us> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <3C09F7E4-C15A-4B9E-94A3-C4997C73C0BD@mac.com> Content-Transfer-Encoding: 7bit From: Chuck Swiger Date: Thu, 12 Jul 2007 14:39:52 -0700 To: Stephen.Clark@seclark.us X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== Cc: freebsd-stable@freebsd.org Subject: Re: pmtud + ipnat RELENG_6_2 appears to be broken X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jul 2007 21:39:52 -0000 On Jul 12, 2007, at 1:38 PM, Stephen Clark wrote: >> The MTU is actually defined in reference to a network segment such >> as an "ethernet collision domain", and applies to all machines >> sending traffic to that segment. If the MTU is really 1280, >> nobody else should be sending larger packets, and the drivers >> will drop any larger packets they receive and generate the >> appropriate ICMP error.... > > First thanks for responding but thats the problem, > this did't generate an icmp when the packet was dropped. > > kernel: rl0: discard oversize frame (ether type 800 flags 3 len > 1514 > max > 1294) > > This message did not result in any icmp packet. > > I was running tcpdump looking for them. Taking a quick look at ether_input() in src/sys/net/if_ethersubr.c suggests that you are right-- if the incoming packet exceeds the MTU being set, the input errors count for that interface is incremented, but no ICMP_UNREACH_NEEDFRAG is generated even if DF flag is set. You might file a PR and see whether you can get Andre or one of the other networking gurus interested in fixing this. Or maybe I'll give it a try myself if I can get some free time.... :-) -- -Chuck