From owner-freebsd-net@FreeBSD.ORG Fri Jul 13 12:59:48 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 916C816A405 for ; Fri, 13 Jul 2007 12:59:48 +0000 (UTC) (envelope-from Stephen.Clark@seclark.us) Received: from smtpout05.prod.mesa1.secureserver.net (smtpout05-04.prod.mesa1.secureserver.net [64.202.165.221]) by mx1.freebsd.org (Postfix) with SMTP id 5A69313C4DE for ; Fri, 13 Jul 2007 12:59:48 +0000 (UTC) (envelope-from Stephen.Clark@seclark.us) Received: (qmail 22818 invoked from network); 13 Jul 2007 12:59:46 -0000 Received: from unknown (24.144.77.243) by smtpout05-04.prod.mesa1.secureserver.net (64.202.165.221) with ESMTP; 13 Jul 2007 12:59:46 -0000 Message-ID: <46977741.8090301@seclark.us> Date: Fri, 13 Jul 2007 08:59:45 -0400 From: Stephen Clark User-Agent: Mozilla/5.0 (X11; U; Linux 2.2.16-22smp i686; en-US; m18) Gecko/20010110 Netscape6/6.5 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Sten Daniel Soersdal References: <46967C5C.5040505@seclark.us> <469772DA.1000700@gmail.com> In-Reply-To: <469772DA.1000700@gmail.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: 6.2 mtu now limits size of incomming packet X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Stephen.Clark@seclark.us List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jul 2007 12:59:48 -0000 Sten Daniel Soersdal wrote: >Stephen Clark wrote: > > >>Hello, >> >>Did something change in 6.2? If my mtu size on rl0 is 1280 it won't >>accept a larger incomming packet. >> >>kernel: rl0: discard oversize frame (ether type 800 flags 3 len 1514 > max >>1294) >> >> > >That is what to be expected. >Incoming interface must have mtu set to the same mtu as all other hosts >on the same L2 network. If mtu is set to the same as all other hosts, >then it is impossible to receive a frame that is too large (assuming >everything works). > > > >>I don't think it worked this way in the past. >> >>Won't this affect pmtud? >> >> > >Incoming interface must have its mtu set to large enough to receive the >frame. Outgoing interface, on the other hand, can be lower. > >For pmtud to work you need to be able to receive packets on an interface >with sufficiently set mtu, but the exitting interface can have a lower >mtu configured. Thus the router can accept the incoming packet but may >drop and notify on a frame that is too large to exit the outgoing >interface (assuming DF is set). > > > >>man page for ifconfig says mtu limits size of "transmission" not reception. >> >> "mtu n Set the maximum transmission unit of the interface to n, >>default >> is interface specific." >> >> > >Perhaps the man author considered reception to be implied? > >In any case, enforcing this on incoming packets is correct behavior. > > > But shouldn't an icmp be generated back to the system sending the packet that is being dropped? This is not happening. So the connection stalls. client mtu 1500 <-> |rl0 mtu 1500 FreeBSD Router rl1 mtu 1280| <-> some host on internet client sends syn saying i can do mss=1460 host sends syn saying i can do mss=1460 host tries to send packet of 1460 it get silently dropped. connection stalls. -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson)