Date: Fri, 7 Mar 2008 09:33:09 +0500 From: "Sergey" <_lion_2000@mail.ru> To: <freebsd-net@freebsd.org> Subject: RE: Path MTU Problem Message-ID: <001e01c8800c$587059a0$37c9010a@Net.ARDS.Corp> In-Reply-To: <001101c8800a$596d4220$37c9010a@Net.ARDS.Corp> References: <000001c87f43$c8075800$37c9010a@Net.ARDS.Corp><20080306161818.GD15130@verio.net> <001101c8800a$596d4220$37c9010a@Net.ARDS.Corp>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > here comes icmp frag packets. strange what sometimes
> > tcpdump complains
> > > about tcp header in icmp packet and sometimes not
After looking more closely, if found something strange:
here is part of tcp header of first large packet:
10:32:04.610317 IP (tos 0x8, ttl 64, id 1208, offset 0, flags [DF], proto:
TCP (6), length: 1420) 10.23.0.241.22 > 10.35.1.3.60122: . 2064:3432(1368)
ack 1666 win 32832 <nop,nop,timestamp 38279810 48942931>
0x0000: 4508 058c 04b8 4000 4006 1a7f 0a17 00f1 E.....@.@.......
0x0010: 0a23 0103 0016 eada 5c06 97bb 6284 63e5 .#......\...b.c.
take note of numbers after
port numbers:------------------------^^^^^^^^^
And now look at bytes in ICMP packet:
10:32:04.612895 IP (tos 0x0, ttl 254, id 15170, offset 0, flags [none],
proto: ICMP (1), length: 56) 10.23.5.3 > 10.23.0.241: ICMP 10.35.1.3
unreachable - need to frag (mtu 1280), length 36
IP (tos 0x8, ttl 61, id 1208, offset 0, flags [DF], proto: TCP (6),
length: 1420) 10.23.0.241.22 > 10.35.1.3.60122: tcp 1396 [bad hdr length 4
- too short, < 20]
0x0000: 4500 0038 3b42 0000 fe01 6761 0a17 0503 E..8;B....ga....
0x0010: 0a17 00f1 0304 479f 0000 0500 4508 058c ......G.....E...
0x0020: 04b8 4000 3d06 1d7f 0a17 00f1 0a23 0103 ..@.=........#..
0x0030: 0016 eada c207 0364 .......d
here:----------------------^^^^^^^^^
Can they be different? Are they taken into account when doing PathMTU ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001e01c8800c$587059a0$37c9010a>