From owner-freebsd-questions@FreeBSD.ORG Fri Feb 25 10:45:56 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4A8401065675 for ; Fri, 25 Feb 2011 10:45:56 +0000 (UTC) (envelope-from nr1c0re@gmail.com) Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com [209.85.210.54]) by mx1.freebsd.org (Postfix) with ESMTP id 1EB6D8FC1C for ; Fri, 25 Feb 2011 10:45:55 +0000 (UTC) Received: by pzk32 with SMTP id 32so281450pzk.13 for ; Fri, 25 Feb 2011 02:45:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=PrQFmLxSsD9+EGvRBp5SIpaBaUmcLcuFrHW1+wuKeMg=; b=ayA+WuAyvZCGOr7mcra/Fu/xGlGln+Z4R0YYQiQPu7M/P5H8IgWJxMmCdhX9df8e7e lXQXCijCxiFVUq/vQOWs3rPxGA9aMoVO9ChHYES0HKU6hgITQeTyEbpJze3B7YxxL8kE HuUznThmzqTlSvZKe27Ls7sCTFmqflTjhXIj0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=EHoKBRfHtb1dg4RbsVfW/185hJhHUiMbusl1TqhpccDK00wfEwM+/jWcY/TnlBJzLg hHMywLKDBJ2eypKbQN9ftNbOniMS/j2phJaYxRW2lJf+5Y1pM7SBrzpQazYSf9jF19JF 7o5NhXiGgUXziz3JadhYzDdEwjPp/YSx1QbI4= MIME-Version: 1.0 Received: by 10.142.157.2 with SMTP id f2mr1557943wfe.302.1298630755624; Fri, 25 Feb 2011 02:45:55 -0800 (PST) Received: by 10.142.50.16 with HTTP; Fri, 25 Feb 2011 02:45:55 -0800 (PST) In-Reply-To: <4D678446.3080204@gmx.com> References: <4D678446.3080204@gmx.com> Date: Fri, 25 Feb 2011 13:45:55 +0300 Message-ID: From: c0re To: Nikos Vassiliadis Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: FreeBSD Subject: Re: Strange behavior of MTU on loopback interfaces. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Feb 2011 10:45:56 -0000 2011/2/25 Nikos Vassiliadis : > On 2/25/2011 9:29 AM, c0re wrote: >> >> Hello all! >> >> I'm testing setting lower MTU on loopback interfaces to avoid some MTU >> problems with IPSEC in a path of traffic. >> >> ifconfig lo1 create >> ifconfig lo1 mtu 1300 >> ifconfig lo1 5.5.5.5/32 >> >> # ifconfig lo1 >> lo1: flags=3D8049 =A0metric 0 mtu 1300 >> =A0 =A0 =A0 =A0 inet 5.5.5.5 netmask 0xffffffff >> >> #ifconfig em0 >> em0: flags=3D8843 =A0metric 0 mt= u 1500 >> =A0 =A0 =A0 =A0 options=3D9b >> =A0 =A0 =A0 =A0 ether 12:ac:29:7c:fa:39 >> =A0 =A0 =A0 =A0 inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255 >> =A0 =A0 =A0 =A0 media: Ethernet autoselect (1000baseTX) >> =A0 =A0 =A0 =A0 status: active >> >> >> And I set only one "Listen 5.5.5.5:80" in http.conf in apache 2.2 >> >> # sockstat -4 | grep 80 >> www =A0 =A0 =A0httpd =A0 =A0 =A096843 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096838 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096837 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096836 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096835 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> www =A0 =A0 =A0httpd =A0 =A0 =A096834 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 = =A0 =A0 =A0 =A0*:* >> root =A0 =A0 httpd =A0 =A0 =A096833 3 =A0tcp4 =A0 5.5.5.5:80 =A0 =A0 =A0= =A0 =A0 =A0*:* >> >> I run tcpdump -ni em0 port 80. And made telnet 5.5.5.5 80 from other >> host and saw something wrong. >> >> 10:26:01.640866 IP 10.0.0.2.57553> =A05.5.5.5.80: S >> 1049284626:1049284626(0) win 65535 >> 10:26:01.640902 IP 5.5.5.5.80> =A010.0.0.2.57553: S >> 2144222949:2144222949(0) ack 1049284627 win 65535> 1460,sackOK,eol> >> 10:26:01.642632 IP 10.0.0.2.57553> =A05.5.5.5.80: . ack 1 win 65535 >> >> 5.5.5.5:80 said that it has got tcp mss 1460. Why? I was waiting for >> something like 1260. > > It uses the MTU of the outgoing path, which is 1500. > You change the MTU for specific paths, using route and the mtu modifier. > Like this: > >> lab# ifconfig em0 >> em0: flags=3D8843 metric 0 mtu 1= 500 >> =A0 =A0 =A0 =A0options=3D9b >> =A0 =A0 =A0 =A0ether 08:00:27:17:c3:de >> =A0 =A0 =A0 =A0inet 192.168.73.193 netmask 0xffffff00 broadcast 192.168.= 73.255 >> =A0 =A0 =A0 =A0media: Ethernet autoselect (1000baseT ) >> =A0 =A0 =A0 =A0status: active >> lab# route change 192.168.73.0 -mtu 1100 >> change net 192.168.73.0 >> lab# route -n get 192.168.73.0 >> =A0 route to: 192.168.73.0 >> destination: 192.168.73.0 >> =A0 =A0 =A0 mask: 255.255.255.0 >> =A0interface: em0 >> =A0 =A0 =A0flags: >> =A0recvpipe =A0sendpipe =A0ssthresh =A0rtt,msec =A0 =A0mtu =A0 =A0 =A0 = =A0weight =A0 =A0expire >> =A0 =A0 =A0 0 =A0 =A0 =A0 =A0 0 =A0 =A0 =A0 =A0 0 =A0 =A0 =A0 =A0 0 =A0 = =A0 =A01100 =A0 =A0 =A0 =A0 1 =A0 =A0 =A0 =A0 0 >> lab# > > All packets going to 192.168.73.0/24 will use IP packet sizes up to > 1100. IMHO it's better to leave the physical interface's MTU unchanged > and use the routing subsystem to define the maximum IP packet size per > path. > > HTH, Nikos > Works like a charm! # route change 0.0.0.0 -mtu 1300 change net 0.0.0.0 # tcpdump -ni em0 host 5.5.5.5 13:42:58.996721 IP 10.0.0.2.51933 > 5.5.5.5.80: S 626695541:626695541(0) win 64512 13:42:58.996760 IP 5.5.5.5.80 > 10.0.0.2.51933: S 289198669:289198669(0) ack 626695542 win 65535 13:42:58.999455 IP 10.0.0.2.51933 > 5.5.5.5.80: . ack 1 win 64512 Thank you very much!