From owner-freebsd-questions@FreeBSD.ORG Fri Feb 25 10:28:36 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3A6231065675 for ; Fri, 25 Feb 2011 10:28:36 +0000 (UTC) (envelope-from nvass@gmx.com) Received: from mailout-eu.gmx.com (mailout-eu.gmx.com [213.165.64.42]) by mx1.freebsd.org (Postfix) with SMTP id 9B0928FC0A for ; Fri, 25 Feb 2011 10:28:35 +0000 (UTC) Received: (qmail invoked by alias); 25 Feb 2011 10:28:33 -0000 Received: from adsl-248.91.140.49.tellas.gr (EHLO [192.168.73.192]) [91.140.49.248] by mail.gmx.com (mp-eu001) with SMTP; 25 Feb 2011 11:28:33 +0100 X-Authenticated: #46156728 X-Provags-ID: V01U2FsdGVkX1/tsahwJDHtgY9WtKMFMSBwK81rf0BGV7nPJGxKZn 0COPPmyumcgfFn Message-ID: <4D678446.3080204@gmx.com> Date: Fri, 25 Feb 2011 12:28:22 +0200 From: Nikos Vassiliadis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: c0re References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: FreeBSD Subject: Re: Strange behavior of MTU on loopback interfaces. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Feb 2011 10:28:36 -0000 On 2/25/2011 9:29 AM, c0re wrote: > Hello all! > > I'm testing setting lower MTU on loopback interfaces to avoid some MTU > problems with IPSEC in a path of traffic. > > ifconfig lo1 create > ifconfig lo1 mtu 1300 > ifconfig lo1 5.5.5.5/32 > > # ifconfig lo1 > lo1: flags=8049 metric 0 mtu 1300 > inet 5.5.5.5 netmask 0xffffffff > > #ifconfig em0 > em0: flags=8843 metric 0 mtu 1500 > options=9b > ether 12:ac:29:7c:fa:39 > inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255 > media: Ethernet autoselect (1000baseTX) > status: active > > > And I set only one "Listen 5.5.5.5:80" in http.conf in apache 2.2 > > # sockstat -4 | grep 80 > www httpd 96843 3 tcp4 5.5.5.5:80 *:* > www httpd 96838 3 tcp4 5.5.5.5:80 *:* > www httpd 96837 3 tcp4 5.5.5.5:80 *:* > www httpd 96836 3 tcp4 5.5.5.5:80 *:* > www httpd 96835 3 tcp4 5.5.5.5:80 *:* > www httpd 96834 3 tcp4 5.5.5.5:80 *:* > root httpd 96833 3 tcp4 5.5.5.5:80 *:* > > I run tcpdump -ni em0 port 80. And made telnet 5.5.5.5 80 from other > host and saw something wrong. > > 10:26:01.640866 IP 10.0.0.2.57553> 5.5.5.5.80: S > 1049284626:1049284626(0) win 65535 > 10:26:01.640902 IP 5.5.5.5.80> 10.0.0.2.57553: S > 2144222949:2144222949(0) ack 1049284627 win 65535 1460,sackOK,eol> > 10:26:01.642632 IP 10.0.0.2.57553> 5.5.5.5.80: . ack 1 win 65535 > > 5.5.5.5:80 said that it has got tcp mss 1460. Why? I was waiting for > something like 1260. It uses the MTU of the outgoing path, which is 1500. You change the MTU for specific paths, using route and the mtu modifier. Like this: > lab# ifconfig em0 > em0: flags=8843 metric 0 mtu 1500 > options=9b > ether 08:00:27:17:c3:de > inet 192.168.73.193 netmask 0xffffff00 broadcast 192.168.73.255 > media: Ethernet autoselect (1000baseT ) > status: active > lab# route change 192.168.73.0 -mtu 1100 > change net 192.168.73.0 > lab# route -n get 192.168.73.0 > route to: 192.168.73.0 > destination: 192.168.73.0 > mask: 255.255.255.0 > interface: em0 > flags: > recvpipe sendpipe ssthresh rtt,msec mtu weight expire > 0 0 0 0 1100 1 0 > lab# All packets going to 192.168.73.0/24 will use IP packet sizes up to 1100. IMHO it's better to leave the physical interface's MTU unchanged and use the routing subsystem to define the maximum IP packet size per path. HTH, Nikos