From owner-freebsd-net@freebsd.org  Sat Feb 20 11:40:21 2021
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 47276543393
 for <freebsd-net@mailman.nyi.freebsd.org>;
 Sat, 20 Feb 2021 11:40:21 +0000 (UTC)
 (envelope-from Michael.Tuexen@lurchi.franken.de)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 4DjRMT06WLz3KN5
 for <freebsd-net@freebsd.org>; Sat, 20 Feb 2021 11:40:21 +0000 (UTC)
 (envelope-from Michael.Tuexen@lurchi.franken.de)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 03E6354331F; Sat, 20 Feb 2021 11:40:21 +0000 (UTC)
Delivered-To: net@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 03B0D54341B
 for <net@mailman.nyi.freebsd.org>; Sat, 20 Feb 2021 11:40:21 +0000 (UTC)
 (envelope-from Michael.Tuexen@lurchi.franken.de)
Received: from drew.franken.de (mail-n.franken.de [193.175.24.27])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.franken.de",
 Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DjRMS633hz3KX4
 for <net@FreeBSD.org>; Sat, 20 Feb 2021 11:40:20 +0000 (UTC)
 (envelope-from Michael.Tuexen@lurchi.franken.de)
Received: from [IPv6:2a02:8109:1140:c3d:24:e8:6fea:b904] (unknown
 [IPv6:2a02:8109:1140:c3d:24:e8:6fea:b904])
 (Authenticated sender: lurchi)
 by drew.franken.de (Postfix) with ESMTPSA id F303E7220B813;
 Sat, 20 Feb 2021 12:40:15 +0100 (CET)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
Subject: Re: IPv6 Fragmentation
From: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
In-Reply-To: <A01F640F-E412-474C-A34C-19B7219BD84D@sermon-archive.info>
Date: Sat, 20 Feb 2021 12:40:12 +0100
Cc: "net@freebsd.org" <net@FreeBSD.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <D8F27F01-3D6A-4F5F-A7C2-3342842BDE24@lurchi.franken.de>
References: <CB0FB5AB-5A37-4C40-A103-3E0D97CEA6B9@sermon-archive.info>
 <472A2B49-9BEC-4335-B6FB-AC4DAA0F0310@lurchi.franken.de>
 <A01F640F-E412-474C-A34C-19B7219BD84D@sermon-archive.info>
To: Doug Hardie <bc979@lafn.org>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00
 autolearn=disabled version=3.4.1
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail-n.franken.de
X-Rspamd-Queue-Id: 4DjRMS633hz3KX4
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Feb 2021 11:40:21 -0000

> On 20. Feb 2021, at 05:32, Doug Hardie <bc979@lafn.org> wrote:
>=20
>> On 19 February 2021, at 01:48, Michael Tuexen =
<michael.tuexen@lurchi.franken.de> wrote:
>>=20
>>> On 19. Feb 2021, at 03:29, Doug Hardie <bc979@lafn.org> wrote:
>>>=20
>>> I don't know if this is a feature or a bug.  On FreeBSD 9, the =
following ping worked:
>>>=20
>>> ping6 -s 5000 -b 6000 fe80::213:72ff:fec3:180f%dc0
>> I don't have a dc0 interface, but using re0 at one side and bge at =
the other, I get
>> with FreeBSD CURRENT:
>> tuexen@cirrus:~ % ping6 -s 5000 -b 6000 fe80::2e09:4dff:fe00:c00%re0
>> PING6(5048=3D40+8+5000 bytes) fe80::aaa1:59ff:fe0c:da92%re0 --> =
fe80::2e09:4dff:fe00:c00%re0
>> 5008 bytes from fe80::2e09:4dff:fe00:c00%re0, icmp_seq=3D0 hlim=3D255 =
time=3D0.393 ms
>> 5008 bytes from fe80::2e09:4dff:fe00:c00%re0, icmp_seq=3D1 hlim=3D255 =
time=3D0.419 ms
>> 5008 bytes from fe80::2e09:4dff:fe00:c00%re0, icmp_seq=3D2 hlim=3D255 =
time=3D0.354 ms
>> 5008 bytes from fe80::2e09:4dff:fe00:c00%re0, icmp_seq=3D3 hlim=3D255 =
time=3D0.446 ms
>> 5008 bytes from fe80::2e09:4dff:fe00:c00%re0, icmp_seq=3D4 hlim=3D255 =
time=3D0.421 ms
>> 5008 bytes from fe80::2e09:4dff:fe00:c00%re0, icmp_seq=3D5 hlim=3D255 =
time=3D0.372 ms
>> ^C
>> --- fe80::2e09:4dff:fe00:c00%re0 ping6 statistics ---
>> 6 packets transmitted, 6 packets received, 0.0% packet loss
>> round-trip min/avg/max/std-dev =3D 0.354/0.401/0.446/0.031 ms
>>=20
>> Best regards
>> Michael
>>>=20
>>> It had to be stopped, but it returned the number of ping responses =
received along with statistics.
>>>=20
>>> With FreeBSD 12.2 and 13.0-BETA2, it returns 100% packet loss.  =
tcpdump shows that it properly fragments the data, sends it, the other =
end receives it and sends back the ACKs.  The ACKs are received, but =
somehow ping doesn't find out that the packets were received.
>>>=20
>>> Without the -s and -b arguments, it works and you get 100% packets =
received.
>=20
> I found the problem.  pf does not handle IPv6 packets that are =
fragmented the obvious way.  I suspect it is because icmp header is only =
in the first fragment.  I had to reassemble fragments in pf in order to =
make the large pings work.
Glad you found the problem. Thanks for letting us know.

Best regards
Michael
>=20
> -- Doug
>=20
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"