Date: Fri, 25 Feb 2011 13:45:55 +0300 From: c0re <nr1c0re@gmail.com> To: Nikos Vassiliadis <nvass@gmx.com> Cc: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Strange behavior of MTU on loopback interfaces. Message-ID: <AANLkTikx3swVZRqQw3a0pkeQdvck=gFtw9TkG=hZGvA=@mail.gmail.com> In-Reply-To: <4D678446.3080204@gmx.com> References: <AANLkTi=HBE_D-RYNcdTYWXzr7w4z=%2BQ-JUiOBpQVYLhP@mail.gmail.com> <4D678446.3080204@gmx.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2011/2/25 Nikos Vassiliadis <nvass@gmx.com>: > On 2/25/2011 9:29 AM, c0re wrote: >> >> Hello all! >> >> I'm testing setting lower MTU on loopback interfaces to avoid some MTU >> problems with IPSEC in a path of traffic. >> >> ifconfig lo1 create >> ifconfig lo1 mtu 1300 >> ifconfig lo1 5.5.5.5/32 >> >> # ifconfig lo1 >> lo1: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> =A0metric 0 mtu 1300 >> =A0 =A0 =A0 =A0 inet 5.5.5.5 netmask 0xffffffff >> >> #ifconfig em0 >> em0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> =A0metric 0 mt= u 1500 >> =A0 =A0 =A0 =A0 options=3D9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_= HWCSUM> >> =A0 =A0 =A0 =A0 ether 12:ac:29:7c:fa:39 >> =A0 =A0 =A0 =A0 inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255 >> =A0 =A0 =A0 =A0 media: Ethernet autoselect (1000baseTX<full-duplex>) >> =A0 =A0 =A0 =A0 status: active >> >> >> And I set only one "Listen 5.5.5.5:80" in http.conf in apache 2.2 >> >> # sockstat -4 | grep 80 >> www =A0 =A0 =A0httpd =A0 =A0 =A096843 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096838 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096837 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096836 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096835 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096834 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> root =A0 =A0 httpd =A0 =A0 =A096833 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 =A0= =A0 =A0 =A0*:* >> >> I run tcpdump -ni em0 port 80. And made telnet 5.5.5.5 80 from other >> host and saw something wrong. >> >> 10:26:01.640866 IP 10.0.0.2.57553> =A05.5.5.5.80: S >> 1049284626:1049284626(0) win 65535<mss 1460,sackOK,eol> >> 10:26:01.640902 IP 5.5.5.5.80> =A010.0.0.2.57553: S >> 2144222949:2144222949(0) ack 1049284627 win 65535<mss >> 1460,sackOK,eol> >> 10:26:01.642632 IP 10.0.0.2.57553> =A05.5.5.5.80: . ack 1 win 65535 >> >> 5.5.5.5:80 said that it has got tcp mss 1460. Why? I was waiting for >> something like 1260. > > It uses the MTU of the outgoing path, which is 1500. > You change the MTU for specific paths, using route and the mtu modifier. > Like this: > >> lab# ifconfig em0 >> em0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1= 500 >> =A0 =A0 =A0 =A0options=3D9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_H= WCSUM> >> =A0 =A0 =A0 =A0ether 08:00:27:17:c3:de >> =A0 =A0 =A0 =A0inet 192.168.73.193 netmask 0xffffff00 broadcast 192.168.= 73.255 >> =A0 =A0 =A0 =A0media: Ethernet autoselect (1000baseT <full-duplex>) >> =A0 =A0 =A0 =A0status: active >> lab# route change 192.168.73.0 -mtu 1100 >> change net 192.168.73.0 >> lab# route -n get 192.168.73.0 >> =A0 route to: 192.168.73.0 >> destination: 192.168.73.0 >> =A0 =A0 =A0 mask: 255.255.255.0 >> =A0interface: em0 >> =A0 =A0 =A0flags: <UP,DONE,STATIC> >> =A0recvpipe =A0sendpipe =A0ssthresh =A0rtt,msec =A0 =A0mtu =A0 =A0 =A0 = =A0weight =A0 =A0expire >> =A0 =A0 =A0 0 =A0 =A0 =A0 =A0 0 =A0 =A0 =A0 =A0 0 =A0 =A0 =A0 =A0 0 =A0 = =A0 =A01100 =A0 =A0 =A0 =A0 1 =A0 =A0 =A0 =A0 0 >> lab# > > All packets going to 192.168.73.0/24 will use IP packet sizes up to > 1100. IMHO it's better to leave the physical interface's MTU unchanged > and use the routing subsystem to define the maximum IP packet size per > path. > > HTH, Nikos > Works like a charm! # route change 0.0.0.0 -mtu 1300 change net 0.0.0.0 # tcpdump -ni em0 host 5.5.5.5 13:42:58.996721 IP 10.0.0.2.51933 > 5.5.5.5.80: S 626695541:626695541(0) win 64512 <mss 1460,nop,nop,sackOK> 13:42:58.996760 IP 5.5.5.5.80 > 10.0.0.2.51933: S 289198669:289198669(0) ack 626695542 win 65535 <mss 1260,sackOK,eol> 13:42:58.999455 IP 10.0.0.2.51933 > 5.5.5.5.80: . ack 1 win 64512 Thank you very much!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTikx3swVZRqQw3a0pkeQdvck=gFtw9TkG=hZGvA=>