From owner-freebsd-bugs Tue Dec 11 19:10: 9 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 6CDDA37B419 for ; Tue, 11 Dec 2001 19:10:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id fBC3A1986671; Tue, 11 Dec 2001 19:10:01 -0800 (PST) (envelope-from gnats) Received: from r-hh.iij4u.or.jp (r-hh.iij4u.or.jp [210.130.0.72]) by hub.freebsd.org (Postfix) with ESMTP id 36ADD37B41B for ; Tue, 11 Dec 2001 19:05:01 -0800 (PST) Received: from ruriruri.noe.mcu.or.jp (2.41.138.210.xn.2iij.net [210.138.41.2]) by r-hh.iij4u.or.jp (8.11.6+IIJ/8.11.6) with ESMTP id fBC34xM05328 for ; Wed, 12 Dec 2001 12:05:00 +0900 (JST) Received: from localhost (saorin.noe.mcu.or.jp [192.168.0.251]) by ruriruri.noe.mcu.or.jp (8.11.6/8.11.6) with ESMTP id fBC34xw44373; Wed, 12 Dec 2001 12:04:59 +0900 (JST) (envelope-from moriko@hh.iij4u.or.jp) Message-Id: <20011212.120459.68539451.moriko@saorin.noe.mcu.or.jp> Date: Wed, 12 Dec 2001 12:04:59 +0900 (JST) From: MORI Kouji To: FreeBSD-gnats-submit@freebsd.org Subject: bin/32717: ppp(8) change mss to wrong size Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 32717 >Category: bin >Synopsis: ppp(8) change mss to wrong size >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 11 19:10:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Koji Mori >Release: FreeBSD 4.4-RELEASE i386 >Organization: >Environment: FreeBSD xxx 4.4-RELEASE FreeBSD 4.4-RELEASE #1: Wed Oct 10 22:36:05 JST 2001 moriko@xxx:/xxx/src/sys/XXX i386 >Description: ppp(8) rewrite mss information in tcp packet, and the size is calculated the follow equation. mss = mtu - 20 (ip header) - 20 (tcp header) but, enable rfc1323 (sysctl -w net.inet.tcp.rfc1323=1), tcp header has timestamp in the option field. so, over 20 octets. some cases, the tcp header length is 32 (20+12) octets. in the worst case, tcp header length is 60 octets. (see. rfc 879) same problem may happen for ip header, but maybe ip header option is not used with tcp packet, no problem. >How-To-Repeat: in my case, my FreeBSD talk to web site (www.netbsd.org) via tcp over pppoe (mtu is 1454), then ppp(8) rewrite mss length to 1414 (= 1454 - 20 - 20). web site send tcp packet size of 1456 octets, and the packet is fragmented. because 1456 > 1454 (mtu). next, I disable rfc1323 extention (stsctl -l net.inet.tcp.rfc1323=0), connect to the same host. packet is not fragmented. >Fix: this patch is for ppp(8) src/usr.sbin/ppp/tcpmss.c --- tcpmss.c 2001/07/19 11:39:54 1.1.4.3 +++ tcpmss.c 2001/12/12 00:10:44 @@ -67,7 +67,7 @@ * We are in a liberal position about MSS * (RFC 879, section 7). */ -#define MAXMSS(mtu) (mtu - sizeof(struct ip) - sizeof(struct tcphdr)) +#define MAXMSS(mtu) (mtu - sizeof(struct ip) - sizeof(struct tcphdr) - 12) /*- after patch, I tested. mtu is 1454. 09:38:24.207511 PPPoE [ses 0x1395] IP 62: myhost.4826 > remotehost.80: S 3329176101:3329176101(0) win 16384 (DF) patched ppp(8) send to remotehost. 09:38:24.542333 PPPoE [ses 0x1395] IP 1456: 204.152.186.171.80 > xxx.xxx.xxx.xxx.4826: . 1:1403(1402) ack 192 win 33580 received tcp packet is 1402 octets, and the ip packet length is 1454 (but not printed here, sorry). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message