Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 30 Mar 2014 11:00:22 -0700
From:      Adrian Chadd <adrian@freebsd.org>
To:        Eugene Grosbein <eugen@grosbein.net>
Cc:        freebsd-net <freebsd-net@freebsd.org>, "Alexander V. Chernikov" <melifaro@freebsd.org>
Subject:   Re: icmp_error() fails to clear "fragmented" flag
Message-ID:  <CAJ-VmonAGF0b%2BH%2BrDn=HCoBKwJ3C6iirpDbaQBwn3hfh9RXC2Q@mail.gmail.com>
In-Reply-To: <533856A2.7030401@grosbein.net>
References:  <533856A2.7030401@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Can you file a PR with exactly this? :-P

Thanks!


-a


On 30 March 2014 10:38, Eugene Grosbein <eugen@grosbein.net> wrote:
> Hi!
>
> Suppose, you have FreeBSD host A behind FreeBSD router R and run
> "traceroute -I outerhost 1501" command from A. You will see only "stars"
> for first hop. That's because router R erroneously sends ICMP "time exceeded" packets
> with "more fragments" flag in the IP header when original packet was fragmented.
> This flag is copied from original header.
>
> I've just tested the following patch, it fixes the problem:
> http://www.grosbein.net/freebsd/patches/ip_icmp.c.diff
>
> --- sys/netinet/ip_icmp.c.orig  2013-10-21 21:07:06.000000000 +0700
> +++ sys/netinet/ip_icmp.c       2014-03-31 00:06:48.000000000 +0700
> @@ -332,6 +332,7 @@ stdreply:   icmpelen = max(8, min(V_icmp_q
>          * reply should bypass as well.
>          */
>         m->m_flags |= n->m_flags & M_SKIP_FIREWALL;
> +       m->m_flags &= ~(M_FRAG | M_FIRSTFRAG | M_LASTFRAG);
>         m->m_data -= sizeof(struct ip);
>         m->m_len += sizeof(struct ip);
>         m->m_pkthdr.len = m->m_len;
> @@ -343,6 +344,7 @@ stdreply:   icmpelen = max(8, min(V_icmp_q
>         nip->ip_hl = 5;
>         nip->ip_p = IPPROTO_ICMP;
>         nip->ip_tos = 0;
> +       nip->ip_off = 0;
>         icmp_reflect(m);
>
>  freeit:
>
>
> (I've discovered this while debugging real-world issue concerning
> problems with UDP fragmented traffic while using L2TP tunnel.)
>
> Please review/commit.
>
> Eugene Grosbein
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-VmonAGF0b%2BH%2BrDn=HCoBKwJ3C6iirpDbaQBwn3hfh9RXC2Q>