From owner-freebsd-current@FreeBSD.ORG Mon Apr 25 17:04:06 2005 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E8AA16A4CE for ; Mon, 25 Apr 2005 17:04:06 +0000 (GMT) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id C335443D5C for ; Mon, 25 Apr 2005 17:04:05 +0000 (GMT) (envelope-from andre@freebsd.org) Received: (qmail 11194 invoked from network); 25 Apr 2005 17:05:11 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 25 Apr 2005 17:05:11 -0000 Message-ID: <426D2307.97D15253@freebsd.org> Date: Mon, 25 Apr 2005 19:04:07 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Matthew Sullivan References: <426426AE.2060406@uq.edu.au><42663EA1.3020409@uq.edu.au> <20050424150211.GA87520@walton.maths.tcd.ie> <426BC78A.3E56D99B@freebsd.org> <426C1600.106@uq.edu.au> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: David Malone cc: freebsd-current@freebsd.org Subject: Re: DF (Don't frag) issues X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Apr 2005 17:04:06 -0000 Matthew Sullivan wrote: > > As David suggested my config is shown here: > > http://lists.freebsd.org/pipermail/freebsd-current/2005-April/048980.html Ok, I see. Do you still have this setup at your disposal? I need to know the suggested MTU value in the ICMP packet. Best you look at it with ethereal. This will help a lot to get ahold of the bug. > After talking with people I see 2 issues..... > > 1/ The bug is being triggered when the incoming 'need frag' ICMP message > doesn't have a suggested value. If it comes from a FreeBSD box is certainly does have a suggested value but tcpdump does not show it. We need to know what it put in there to be able to figure out what is going wrong. > This ICMP message is being generated by 'stealth.sorbs.net' which is a > FreeBSD 5.3 p9 server running FAST_IPSEC (no crypto card yet - waiting > for delivery), and otherwise pretty standard kernel. As for fast forwarding: > > net.inet.ip.fastforwarding: 0 That's fine. > 2/ The bug itself is also a problem, as it cannot be guarenteed that the > host returning the ICMP 'need frag' will fill in a suggested mtu, so > that also needs to be looked at (but I guess you know that already ;-)) I'm testing a fix right now. Unfortunatly the whole situation is a lot more complex than thought at first. While stepping through the code I found some other incorrect assumptions. -- Andre