From owner-freebsd-net@freebsd.org Sun Jul 2 14:03:44 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9A409DA66FC for ; Sun, 2 Jul 2017 14:03:44 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: from mx2.mailbox.org (mx2.mailbox.org [80.241.60.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.mailbox.org", Issuer "SwissSign Server Silver CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 59207681B8 for ; Sun, 2 Jul 2017 14:03:44 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id 8AAA046B75 for ; Sun, 2 Jul 2017 16:03:40 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailbox.org; h= content-type:content-type:mime-version:references:in-reply-to :subject:subject:from:from:message-id:date:date:received; s= mail20150812; t=1499004218; bh=Qo2vhbUMQPLietJjwCFDZ9Qi7nB3XNlR7 rhtcKMHdxQ=; b=l3Bhnj9njqt2LqoohHcXmEVZPBCa/9hKA50xEP/WKCtRDixnI 1CGEvRXlOGDly9xNLOys3z3o0I9oIDP+F6729GRaaLXHKtOs0m3MazwE5LKcDS6U Jn8U+hYa9mzECRu0vF4YI1aj/D1leXPyEe3AfpBa/PG9/a///O8XWvYiS+VFsK9+ +aN+UC1eJzhzwnBrDbtbmLSiwIW+4Hz57rMleHjrQirC9ECmUGlg9WVAEsijMr+G j0l7IipJO4HnQpohWADNLPBmzm7zNAXSOurzkIO+Hh6CezQ0GNWpx8zvuZA9VMQT JhIOA7GQWpD9IzwDHZVokhTOyWBSTdcGdmspA== X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp1.mailbox.org ([80.241.60.240]) by hefe.heinlein-support.de (hefe.heinlein-support.de [91.198.250.172]) (amavisd-new, port 10030) with ESMTP id PK49NfswYBX6 for ; Sun, 2 Jul 2017 16:03:38 +0200 (CEST) Date: Sun, 02 Jul 2017 16:03:37 +0200 Message-ID: <87bmp3x7eu.wl-herbert@mailbox.org> From: "Herbert J. Skuhra" To: freebsd-net@FreeBSD.org Subject: Re: [Bug 220351] Path MTU discovery works only after resetting an internal interface MTU (mpd5, ng_nat, ipfw) In-Reply-To: <87r2xzaw30.wl-herbert@mailbox.org> References: <87r2xzaw30.wl-herbert@mailbox.org> MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Jul 2017 14:03:44 -0000 Herbert J Skuhra skrev: > > bugzilla-noreply skrev: >> >> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220351 >> Eugene Grosbein changed: >> >> What |Removed |Added >> ---------------------------------------------------------------------------- >> Assignee|freebsd-net@FreeBSD.org |eugen@freebsd.org >> Status|New |Open >> CC| |eugen@freebsd.org >> >> --- Comment #2 from Eugene Grosbein --- >> (In reply to Martin Birgmeier from comment #1) >> >> Lowering interface MTU of internal machine also lowers its default route 'mtu' >> attribute, see output of the command 'route -n get default'. >> >> Raising interface MTU back does NOT restore 'mtu' attribute of the default >> route, so the kernel still uses 1492 as maximum IP packet size for packets >> going via this route. >> >> Correct solution for your problem is 'set iface enable tcpmssfix' command in >> the mpd.conf, see /usr/local/etc/mpd5/mpd.conf.sample for example. This way you >> can keep default MTU=1500 for internal hosts and have no MTU-related network >> problems. >> >> Please test and report back. > > I think I have a similar problem, but with IPv6 and pf! :-( > > - Problem to load e.g. https://www.heise.de on the first try > - Can not connect to Skype for Business over IPv6 (unfortunately I > sometimes need it for job) Skype for Business (S4B) on Mac OS X 10.12.6 (Beta5) is actually trying to connect over IPv4. The connection fails until I lower MTU to 1440. After resetting MTU to 1500 and restarting S4B it connects fine for a while ('route -n get' default shows 1500). I use 'set iface enable tcpmssfix' in mpd5.conf and I've tried: - set iface mtu and set link mtu/mru/mrru in mpd5.conf - set scrub ... max-mss in pf.conf -- Herbert