Date: Mon, 26 Dec 2005 17:56:31 +0200 From: Oleg Tarasov <subscriber@osk.com.ua> To: FreeBSD MailList <subscriber@osk.com.ua> Cc: freebsd-net@freebsd.org Subject: Re: Router on 6.0-stable fails to route tcp packets due to NAT?? malfunction Message-ID: <1122736554.20051226175631@osk.com.ua> In-Reply-To: <1687545235.20051226134150@osk.com.ua> References: <1687545235.20051226134150@osk.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Further analysis brought me to a conclusion that the problem is in MTU values. Changing MTU on client machines made everything work fine - but as I know this is not right. If packets are routed between different MTU interfaces they have to be fragmented or something. If fragmentation is impossible due to "dont fragment" bit set an icmp packet "Need Fragmentation" should be sent to packet sender. As I know web and ftp packets dont have "dont fragment" bit set so packet fragmentation should apply normally what doesn't happen. Reading my firewall configuration we can see that any icmp packets can go freely through it so the reason of such malfunction is unknown to me. Also there are rules that allow passing of fragmented packets freely. Anyway the firewall configuration was copied from another production system which also has different MTU's on interfaces. Can anyone tell me what is the problem? -- Best regards, Oleg Tarasov mailto:subscriber@osk.com.ua
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1122736554.20051226175631>