From owner-freebsd-stable@FreeBSD.ORG Thu Jul 28 19:34:51 2011 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 379A5106564A for ; Thu, 28 Jul 2011 19:34:51 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from asmtpout028.mac.com (asmtpout028.mac.com [17.148.16.103]) by mx1.freebsd.org (Postfix) with ESMTP id 20E3F8FC17 for ; Thu, 28 Jul 2011 19:34:50 +0000 (UTC) MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; CHARSET=US-ASCII Received: from cswiger1.apple.com ([17.209.4.71]) by asmtp028.mac.com (Oracle Communications Messaging Exchange Server 7u4-20.01 64bit (built Nov 21 2010)) with ESMTPSA id <0LP20080M6DATP80@asmtp028.mac.com> for freebsd-stable@freebsd.org; Thu, 28 Jul 2011 12:34:23 -0700 (PDT) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.4.6813,1.0.211,0.0.0000 definitions=2011-07-28_05:2011-07-28, 2011-07-28, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=1 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=6.0.2-1012030000 definitions=main-1107280169 From: Chuck Swiger In-reply-to: <4E31B1ED.1030701@earthlink.net> Date: Thu, 28 Jul 2011 12:34:22 -0700 Message-id: <4654E38A-B5EB-4020-BA17-B016F77FDB25@mac.com> References: <4E31B1ED.1030701@earthlink.net> To: sclark46@earthlink.net X-Mailer: Apple Mail (2.1084) Cc: FreeBSD Stable Subject: Re: UDP Packet reassembly X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jul 2011 19:34:51 -0000 On Jul 28, 2011, at 12:01 PM, Stephen Clark wrote: > Could someone enlighten me as to when FreeBSD 6.3 does UDP packet reassembly? Packet reassembly is done at the IP layer, not the UDP layer. Normally, reassembly is performed on the destination host, but routers or firewalls along the path conceivably might also reassemble packets. > I am having a problem where I am getting a fragmented udp packet (2 pieces) everthing is > fine if I get the first frag first. but if the second frag comes first then both fragments get dropped. > > I am using ipfilter and a bimap to redirect these packets to a host inside of the FreeBSD box, > so I suspicion it is ipfilter causing the drops. > > I know, I know 6.3 is ancient history, but any insight would be appreciated. It's probably the firewall dropping the traffic, yes-- running tcpdump on the firewall versus the destination host would confirm this. Something like "keep frags" on your pass rules would help if it is ipfilter... Regards, -- -Chuck