Date: Mon, 29 Nov 2004 23:09:54 +0200 From: Claudiu Dragalia-Paraipan <dr.clau@gmail.com> To: current@freebsd.org Subject: Re: ssh & select() problem on 5.3 Message-ID: <41AB9022.5030901@gmail.com> In-Reply-To: <20041129185152.GF804@cirb503493.alcatel.com.au> References: <Pine.NEB.3.96L.1041128141510.94120D-100000@fledge.watson.org> <41AA0043.5070109@gmail.com> <20041129185152.GF804@cirb503493.alcatel.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigFAD6BFDC713378300120853E Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Peter Jeremy wrote: > On Sun, 2004-Nov-28 18:43:47 +0200, Claudiu Dragalia-Paraipan wrote: > >>Since the problem occurs only when I connect to the firewall or to a >>server behind it, I started to suspect a hardware failure. Could a >>network card cause such problems ? > > > A couple of people have mentioned path-MTU problems. I've also bumped > into this problem when playing with VLANs where one end of the VLAN > trunk doesn't support long frames - an oversize packet will get ignored > by the receiver without any error being returned. > It seems that packets of size more then 1478 are dropped somewhere, but not on the FreeBSD Firewall. The problem seems to be that it never receives a ICMP "fragmentation needed but DF set". Unfortunately I have control only over the firewall and what's behind it. Next after the firewall (towards internet) there are a switch and a Cisco router. I asked about the settings of this two, and it seems that the switch is used for VLANs, and the Cisco for making a tunnel over fiber channel with the next hop. I have too few information about this at the moment, but I am almost certain that the problems are occuring because of the Cisco router. I did a traceroute from the firewall to outside, and big packets always stop on Cisco router. A traceroute from outside to the firewall always stops at the hop exactly before the cisco router I am talking about, which I suppose is the other end of this tunnel. -- Claudiu Dragalina-Paraipan dr.clau@gmail.com --------------enigFAD6BFDC713378300120853E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBq5Aqm0FWxb+swkQRAoi9AKCIL8aYR5UcEIVvjRk+nBDAnjf7tgCdEUdr GC2k26dN32dHKhG+igINyWg= =E0Qm -----END PGP SIGNATURE----- --------------enigFAD6BFDC713378300120853E--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41AB9022.5030901>