From owner-freebsd-hackers  Wed Dec  2 01:06:06 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id BAA27153
          for freebsd-hackers-outgoing; Wed, 2 Dec 1998 01:06:06 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from labinfo.iet.unipi.it (labinfo.iet.unipi.it [131.114.9.5])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id BAA27052
          for <hackers@FreeBSD.ORG>; Wed, 2 Dec 1998 01:05:17 -0800 (PST)
          (envelope-from luigi@labinfo.iet.unipi.it)
Received: from localhost (luigi@localhost) by labinfo.iet.unipi.it (8.6.5/8.6.5) id HAA01716; Wed, 2 Dec 1998 07:55:17 +0100
From: Luigi Rizzo <luigi@labinfo.iet.unipi.it>
Message-Id: <199812020655.HAA01716@labinfo.iet.unipi.it>
Subject: Re: TCP bug
To: nate@mt.sri.com (Nate Williams)
Date: Wed, 2 Dec 1998 07:55:17 +0100 (MET)
Cc: nate@mt.sri.com, hackers@FreeBSD.ORG
In-Reply-To: <199812011834.LAA00343@mt.sri.com> from "Nate Williams" at Dec 1, 98 11:34:04 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > just to understand, what is the problem related to ?
> 
> The problem is related to the fact that I can't contact certain WWW
> machines from the 'internal ethernet' boxes.
> 
> > TCP as you say in the Subject, or IP (routing), or firewall ?
> > Have you tried what happens by opening the firewall ?
> 
> Yep, no difference.  It appears my router box is not passing packets
> through to the boxes on the internal ethernet.  I stuck the firewall on
> that box just to see if the TCP stack was getting the incoming packets,

does a tcpdump on _both_ interfaces show anything interesting -- like
pkts coming in and then not going out ? Do they have something strange
(like some odd length, invalid checksums, IP options, etc.) which makes
the router act strangely ? Is there a correct return route
on the router box ?

> > > Any clues?  A number of FreeBSD boxes in my net have this problem, so it
> > > would be nice to get this resolved.  Note, I have Route-discovery ICMP
> > 
> > btw: do the offending packets carry IP/TCP options by chance ? Just to
> > have an idea what to look at in the code.
> 
> I have turned off TTCP if that's what you mean.  The box in question

no, i meant if the remote machine you are trying to contact is sending
you "unsolicited" IP options which make the router fail. Or, e.g.,
they send pkts larger than the MTU of the receiver/outgoing interface
and with a "DF" flag set so the router has to dump the packet.

	cheers
	luigi

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message