Date: Mon, 5 Dec 2016 11:59:16 -0500 From: Ryan Stone <rysto32@gmail.com> To: Chris Ross <cross+freebsd@distal.com> Cc: freebsd-net <freebsd-net@freebsd.org>, freebsd-pf@freebsd.org Subject: Re: Problems with FreeBSD (amd64 stable/11) router Message-ID: <CAFMmRNz-p1804o5fs6g1vbATm5KSRg5fteKgAzg_va3t%2B38%2Bcg@mail.gmail.com> In-Reply-To: <619F01C2-5A20-4E25-AB0B-4064B598239D@distal.com> References: <619F01C2-5A20-4E25-AB0B-4064B598239D@distal.com>
index | next in thread | previous in thread | raw e-mail
What's the MTU on the bce and vlan interfaces? Does the bce interface show VLAN_MTU option set (in ifconfig)? On Mon, Dec 5, 2016 at 10:00 AM, Chris Ross <cross+freebsd@distal.com> wrote: > > Hello all. I recently replaced my router with a FreeBSD/11 box > (stable/11 r308579). I am running a lagg device across two bce’s, and > 802.1q vlan interfaces atop lagg0. I’m using pf to NAT/filter out through > a single outside IP address. > > I’m having the following problem. Some devices appear to be having > trouble passing traffic. Of course, I first assumed I was doing something > wrong with my pf filters, but I believe now that’s not the problem. One > client machine (a TiVo Roamio) that produces a failure reliably, so I’ve > been using it for testing, is showing that during a TCP session, which > starts up fine, in the middle of a POST operation to an outside server, > there are 1500 byte packets. These packets have the DF bit in the IP > header, and then never show up on the external interface (vlan0). Smaller > packets in the same TCP stream do. But, I’m also not seeing the ICMP from > the router back to the client telling it that it cannot send the packet. > > I have tried all sorts of changes to my pf rules, including now allowing > all ICMP unconditionally on all interfaces (pass out log quick inet proto > icmp all). I have packet traces during the failed communication across > pflog0, vlan0 (external network) and vlan7 (internal network). I’d be > happy to answer any questions, or provide the traces off-list. > > Does anyone have any idea what I’ve missed? Thank you very much for your > help. > > - Chris > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFMmRNz-p1804o5fs6g1vbATm5KSRg5fteKgAzg_va3t%2B38%2Bcg>