From owner-freebsd-net@FreeBSD.ORG Mon May 25 23:24:04 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1499410656C8 for ; Mon, 25 May 2009 23:24:04 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from mon.jinmei.org (mon.jinmei.org [IPv6:2001:4f8:3:36::162]) by mx1.freebsd.org (Postfix) with ESMTP id 042698FC14 for ; Mon, 25 May 2009 23:24:04 +0000 (UTC) (envelope-from Jinmei_Tatuya@isc.org) Received: from jmb.jinmei.org (unknown [IPv6:2001:4f8:3:bb:217:f2ff:fee0:a91f]) by mon.jinmei.org (Postfix) with ESMTPA id A4E8033C2E; Mon, 25 May 2009 16:24:03 -0700 (PDT) Date: Mon, 25 May 2009 16:24:03 -0700 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: "Kevin Oberman" In-Reply-To: <20090514214235.B09701CC12@ptavv.es.net> References: <20090514214235.B09701CC12@ptavv.es.net> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/22.1 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: freebsd-net@freebsd.org Subject: Re: IPv6 fragmentation weirdness X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2009 23:24:04 -0000 At Thu, 14 May 2009 14:42:35 -0700, "Kevin Oberman" wrote: > I then captured the ICMP and discovered that the kernel was fragmenting > all of them! Worse, the fragment was sent out before the ICMP! What the > heck is going on! Thread synchronization? > > When I captured the packets (via tcpdump -s0 -w file host ftp.funet.fi), the > first things captured is an IPv6 fragment of 72 bytes. 3 microseconds > later, I get the ICMP6 packet of 1294 bytes. This pattern is consistent > over repeated packets. This was with -s 1234 for a total ICMPv6 size of > 1282. > > First, why is the kernel fragmenting this at all as it fits in the > interface MTU? Do you mean why ping6 has the kernel fragment echo requests at 1280 bytes by default (i.e., when invoked without -m)? If so, that's because if a large echo request triggers path MTU discovery, some initial requests won't be replied (recall that IPv6 routers never fragment packets by themselves; they always drop too-large packet with returning an ICMPv6 error). > Second, why the heck is the fragment going out first? This should be OK, > but I suspect many firewalls (which are often not happy with fragments) > are not likely to pass a fragment which precedes the initial frame. Do you mean, for example, the kernel sends out a fragment with a non-0 offset before the 0-offset one? I can't believe this. If I tried % ping6 -s 1300 www.isc.org from a FreeBSD 6.3 host, I saw this: 08:22:04.821171 IP6 2001:200:0:8002:203:47ff:fea5:3085 > 2001:4f8:0:2::d: frag (0|1232) ICMP6, echo request, seq 0, length 1232 08:22:04.821181 IP6 2001:200:0:8002:203:47ff:fea5:3085 > 2001:4f8:0:2::d: frag (1232|76) (captured on the sending host). --- JINMEI, Tatuya Internet Systems Consortium, Inc.