From owner-freebsd-net@FreeBSD.ORG Fri Oct 7 15:56:36 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6541B106564A for ; Fri, 7 Oct 2011 15:56:36 +0000 (UTC) (envelope-from rysto32@gmail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 0013C8FC08 for ; Fri, 7 Oct 2011 15:56:35 +0000 (UTC) Received: by wwe3 with SMTP id 3so5792641wwe.31 for ; Fri, 07 Oct 2011 08:56:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=rAzegvysnLAfgapRxNTst7wyGIWbfH8lZFv2e2y59Xk=; b=cSgBot4FIG0C2O9cLpYMKgGaChVc0a98WkaTZkxv3Ia//y5iFYc7NmcWGGQVbE5s5X szNsYVhuaURyUZPYWSYHC/FkpTlrg1gyO58KK9PrW7huhYEyQSr+uGUiBHE0CNKiifxu pFMFemJ31OQq5BjFZYq/+4pf3mKqaGarThl1o= MIME-Version: 1.0 Received: by 10.216.132.210 with SMTP id o60mr959148wei.92.1318002883619; Fri, 07 Oct 2011 08:54:43 -0700 (PDT) Received: by 10.180.96.104 with HTTP; Fri, 7 Oct 2011 08:54:43 -0700 (PDT) Date: Fri, 7 Oct 2011 11:54:43 -0400 Message-ID: From: Ryan Stone To: freebsd-net Content-Type: text/plain; charset=ISO-8859-1 Subject: [PATCH] Don't have ICMP Echo Replies copy fragmentation flags from Echo Request X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2011 15:56:36 -0000 Currently when FreeBSD responds to a ICMP Echo Request, it takes the original mbuf, rewrites a couple of fields (like the src/dst IP and the ICMP type), and then sends that mbuf back. As things are currently implemented, the Don't Fragment bit is kept in the ICMP replay. This can cause problems for large ICMP Echo Requests if the MTU on the return route is less than the MTU on the incoming route and the DF bit is set(Linux's ping command sets it by default). Is it intended that the DF bit from the Request be copied into the Reply? If not, this patch fixes the issue for me: --- ip_icmp.c 2011-10-06 14:54:14.000000000 -0400 +++ ip_icmp.c 2011-10-06 15:12:27.000000000 -0400 @@ -767,6 +767,7 @@ #endif ip->ip_src = t; ip->ip_ttl = V_ip_defttl; + ip->ip_off = 0; if (optlen > 0) { register u_char *cp;