Date: Fri, 4 Mar 2016 08:33:03 +0100 From: Kristof Provost <kp@FreeBSD.org> To: Melissa Pilgrim <list_freebsd@bluerosetech.com> Cc: freebsd-pf@freebsd.org Subject: Re: IPv6 fragments in 10.2 Message-ID: <9F4AE691-7D6C-4FC4-9FCA-AA16F9AE9263@FreeBSD.org> In-Reply-To: <56D8F9E1.9060808@bluerosetech.com> References: <56D8F9E1.9060808@bluerosetech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 04 Mar 2016, at 03:58, Melissa Pilgrim = <list_freebsd@bluerosetech.com> wrote: >=20 > Now that pf in 10.2 supports IPv6 fragments, how do you configure pf = to allow them? I'm still seeing UDP PMTU breakage specifically with = FreeBSD and pf related to the packet filter not passing fragments. The = basic "fragment reassemble" scrub rule doesn't seem to be sufficient. = The man page was not updated with the commit, and I'm not having any = luck with web searches. The =E2=80=98scrub all fragment reassemble=E2=80=99 rule should be = sufficient. Can you post your pf.conf and a network capture demonstrating the = problem? Thanks, Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9F4AE691-7D6C-4FC4-9FCA-AA16F9AE9263>