From owner-freebsd-net@FreeBSD.ORG Sun Mar 30 18:00:24 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 02F3F2FB; Sun, 30 Mar 2014 18:00:24 +0000 (UTC) Received: from mail-qg0-x22d.google.com (mail-qg0-x22d.google.com [IPv6:2607:f8b0:400d:c04::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A88C08C9; Sun, 30 Mar 2014 18:00:23 +0000 (UTC) Received: by mail-qg0-f45.google.com with SMTP id j5so6310961qga.4 for ; Sun, 30 Mar 2014 11:00:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=+ybd/i9MDrDL05qhHUoR3s1+Wks2k541cV6rSICaF9g=; b=RwmEwbUvwuQ2LGE/m98p5bJMchNa5NMaHX4Ddah3eIRKkvWYmq+eRyo2IZwecxwuzM HlTZt6/vjzGfj8MuTUp58huCbP8tui8RAJSs6oWDOZdlzxTwLBlHeuYADmA0tNHvaHw2 RURLmjo2ApTLD393ypu/hFABAcO81BoDp9ZbvzrezChj2WSylNrIzlxBYC52nZHKxqkq Iwvin8E4pTsWZKmqo0f8IYNzklK4CI6cpVOzEltX/5fZyFlNvL8x4E6XgVMGiz0smxVp A0cqz75TIaOEe0Q5zgxhOcNDqPZPAOgKXGbtIg3qtkPr7Sm4mhYIsH0uTZI7YJdVodnN TzOQ== MIME-Version: 1.0 X-Received: by 10.224.60.71 with SMTP id o7mr22728934qah.38.1396202422823; Sun, 30 Mar 2014 11:00:22 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.50.143 with HTTP; Sun, 30 Mar 2014 11:00:22 -0700 (PDT) In-Reply-To: <533856A2.7030401@grosbein.net> References: <533856A2.7030401@grosbein.net> Date: Sun, 30 Mar 2014 11:00:22 -0700 X-Google-Sender-Auth: fVsQMfzBeT5pr-LGieayuyVwQf8 Message-ID: Subject: Re: icmp_error() fails to clear "fragmented" flag From: Adrian Chadd To: Eugene Grosbein Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-net , "Alexander V. Chernikov" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2014 18:00:24 -0000 Can you file a PR with exactly this? :-P Thanks! -a On 30 March 2014 10:38, Eugene Grosbein wrote: > Hi! > > Suppose, you have FreeBSD host A behind FreeBSD router R and run > "traceroute -I outerhost 1501" command from A. You will see only "stars" > for first hop. That's because router R erroneously sends ICMP "time exceeded" packets > with "more fragments" flag in the IP header when original packet was fragmented. > This flag is copied from original header. > > I've just tested the following patch, it fixes the problem: > http://www.grosbein.net/freebsd/patches/ip_icmp.c.diff > > --- sys/netinet/ip_icmp.c.orig 2013-10-21 21:07:06.000000000 +0700 > +++ sys/netinet/ip_icmp.c 2014-03-31 00:06:48.000000000 +0700 > @@ -332,6 +332,7 @@ stdreply: icmpelen = max(8, min(V_icmp_q > * reply should bypass as well. > */ > m->m_flags |= n->m_flags & M_SKIP_FIREWALL; > + m->m_flags &= ~(M_FRAG | M_FIRSTFRAG | M_LASTFRAG); > m->m_data -= sizeof(struct ip); > m->m_len += sizeof(struct ip); > m->m_pkthdr.len = m->m_len; > @@ -343,6 +344,7 @@ stdreply: icmpelen = max(8, min(V_icmp_q > nip->ip_hl = 5; > nip->ip_p = IPPROTO_ICMP; > nip->ip_tos = 0; > + nip->ip_off = 0; > icmp_reflect(m); > > freeit: > > > (I've discovered this while debugging real-world issue concerning > problems with UDP fragmented traffic while using L2TP tunnel.) > > Please review/commit. > > Eugene Grosbein > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"