Date: Tue, 19 Apr 2005 07:29:18 +1000 From: Matthew Sullivan <matthew@uq.edu.au> To: freebsd-current@freebsd.org Subject: DF (Don't frag) issues Message-ID: <426426AE.2060406@uq.edu.au>
index | next in thread | raw e-mail
[-- Attachment #1 --]
Any reason why FreeBSD 5.2.1+ and 5.3-p9 set DF on all packets?
I'm getting some real problems with VPNs, setting the interface MTU to
1024 fixes them, but it really is less than ideal.
example with dominator [203.15.51.36] MTU at 1500, vpn server is at
203.15.51.36 (all interfaces are MTU 1500 except gif0 which is 1280),
other end of the VPN has interfaces at MTU 1500 which serices the
10.200.254.0 network (wireless)....
root@dominator:~# tcpdump -n | grep 10.200.254.98
tcpdump: listening on bge0
23:36:22.638202 10.200.254.98.33118 > 203.15.51.36.24: SWE
742813284:742813284(0) win 5840 <mss 1460,sackOK,timestamp 1548890
0,nop,wscale 0> (DF)
23:36:22.638259 203.15.51.36.24 > 10.200.254.98.33118: S
2275901409:2275901409(0) ack 742813285 win 65535 <mss 1460,nop,wscale
1,nop,nop,timestamp 45880291 1548890> (DF)
23:36:22.680880 10.200.254.98.33118 > 203.15.51.36.24: . ack 1 win 5840
<nop,nop,timestamp 1548895 45880291> (DF)
23:36:22.683004 203.15.51.36.24 > 10.200.254.98.33118: P 1:43(42) ack 1
win 33304 <nop,nop,timestamp 45880295 1548895> (DF)
23:36:22.728581 10.200.254.98.33118 > 203.15.51.36.24: . ack 43 win 5840
<nop,nop,timestamp 1548900 45880295> (DF)
.
.
.
23:36:23.474807 203.15.51.36.24 > 10.200.254.98.33118: P 2075:2171(96)
ack 2425 win 33304 <nop,nop,timestamp 45880374 1548974> (DF)
23:36:23.475751 10.200.254.98.33118 > 203.15.51.36.24: P 2425:2537(112)
ack 2075 win 10496 <nop,nop,timestamp 1548974 45880368> (DF) [tos 0x10]
23:36:23.510998 203.15.51.36.24 > 10.200.254.98.33118: P 2171:2219(48)
ack 2537 win 33304 <nop,nop,timestamp 45880378 1548974> (DF) [tos 0x10]
23:36:23.511752 203.15.51.36.24 > 10.200.254.98.33118: P 2219:2315(96)
ack 2537 win 33304 <nop,nop,timestamp 45880378 1548974> (DF) [tos 0x10]
23:36:23.514316 203.15.51.36.24 > 10.200.254.98.33118: P 2315:3643(1328)
ack 2537 win 33304 <nop,nop,timestamp 45880378 1548974> (DF) [tos 0x10]
23:36:23.515060 203.15.51.61 > 203.15.51.36: icmp: 10.200.254.98
unreachable - need to frag (DF)
23:36:23.516599 203.15.51.36.24 > 10.200.254.98.33118: P 3643:3723(80)
ack 2537 win 33304 <nop,nop,timestamp 45880379 1548974> (DF) [tos 0x10]
23:36:23.517255 203.15.51.36.24 > 10.200.254.98.33118: P 3723:3771(48)
ack 2537 win 33304 <nop,nop,timestamp 45880379 1548974> (DF) [tos 0x10]
23:36:23.517337 203.15.51.36.24 > 10.200.254.98.33118: P 3771:3995(224)
ack 2537 win 33304 <nop,nop,timestamp 45880379 1548974> (DF) [tos 0x10]
23:36:23.527961 203.15.51.36.24 > 10.200.254.98.33118: P 3995:4059(64)
ack 2537 win 33304 <nop,nop,timestamp 45880380 1548974> (DF) [tos 0x10]
23:36:23.552652 10.200.254.98.33118 > 203.15.51.36.24: . ack 2171 win
10496 <nop,nop,timestamp 1548983 45880374> (DF) [tos 0x10]
23:36:23.561291 10.200.254.98.33118 > 203.15.51.36.24: . ack 2219 win
10496 <nop,nop,timestamp 1548983 45880378> (DF) [tos 0x10]
23:36:23.565812 10.200.254.98.33118 > 203.15.51.36.24: . ack 2315 win
10496 <nop,nop,timestamp 1548983 45880378> (DF) [tos 0x10]
23:36:23.570650 10.200.254.98.33118 > 203.15.51.36.24: . ack 2315 win
10496 <nop,nop,timestamp 1548983 45880378> (DF) [tos 0x10]
23:36:23.577811 10.200.254.98.33118 > 203.15.51.36.24: . ack 2315 win
10496 <nop,nop,timestamp 1548984 45880378> (DF) [tos 0x10]
23:36:23.577829 10.200.254.98.33118 > 203.15.51.36.24: . ack 2315 win
10496 <nop,nop,timestamp 1548984 45880378> (DF) [tos 0x10]
23:36:23.577880 203.15.51.36.24 > 10.200.254.98.33118: . 2315:3763(1448)
ack 2537 win 33304 <nop,nop,timestamp 45880385 1548984> (DF) [tos 0x10]
23:36:23.578406 203.15.51.61 > 203.15.51.36: icmp: 10.200.254.98
unreachable - need to frag (DF)
23:36:23.582784 10.200.254.98.33118 > 203.15.51.36.24: . ack 2315 win
--
Matthew Sullivan
Specialist Systems Programmer
Information Technology Services
The University of Queensland
[-- Attachment #2 --]
0 *H
01
0 +�0 *H
��0r0Z*0
*H
�01
0 UAU10U
Queensland10UBrisbane1%0#U
The University of Queensland1(0&U
Information Technology Services10UCertificate Server0
040121233621Z
060121233621Z01
0 UAU1%0#U
The University of Queensland1'0%U
Information Tecnology Services10
&,dccmatt10UMatthew Sullivan1 0
*H
matthew@uq.edu.au0\0
*H
�K�0HA�~?AJ#0z^TY%L ~3:ܠDŽoӄ'Zբ,pK�h0f0U
0 `HB0 U
#0&2MA{7XT0 U
0matthew@its.uq.edu.au0
*H
��]f*fe
7>Că3$K:C%˜pr0(
;wP@H$U ҷs;#B
dYMz9 Z ȥ-Z=53Fl
.jٍ�\]W)R+,!6Ampz:3 JFwH2LRD"ױTb^#)/xgBRr{(1&fcv@Jpc4fc
y{SaU0r0Z*0
*H
�01
0 UAU10U
Queensland10UBrisbane1%0#U
The University of Queensland1(0&U
Information Technology Services10UCertificate Server0
040121233621Z
060121233621Z01
0 UAU1%0#U
The University of Queensland1'0%U
Information Tecnology Services10
&,dccmatt10UMatthew Sullivan1 0
*H
matthew@uq.edu.au0\0
*H
�K�0HA�~?AJ#0z^TY%L ~3:ܠDŽoӄ'Zբ,pK�h0f0U
0 `HB0 U
#0&2MA{7XT0 U
0matthew@its.uq.edu.au0
*H
��]f*fe
7>Că3$K:C%˜pr0(
;wP@H$U ҷs;#B
dYMz9 Z ȥ-Z=53Fl
.jٍ�\]W)R+,!6Ampz:3 JFwH2LRD"ױTb^#)/xgBRr{(1&fcv@Jpc4fc
y{SaU1@0<001
0 UAU10U
Queensland10UBrisbane1%0#U
The University of Queensland1(0&U
Information Technology Services10UCertificate Server*0 +�-0 *H
1
*H
0
*H
1
050418212918Z0# *H
1pcI?]rVPJIL$0R *H
1E0C0
*H
0*H
�0
*H
@0+0
*H
(0 +71001
0 UAU10U
Queensland10UBrisbane1%0#U
The University of Queensland1(0&U
Information Technology Services10UCertificate Server*0
*H
101
0 UAU10U
Queensland10UBrisbane1%0#U
The University of Queensland1(0&U
Information Technology Services10UCertificate Server*0
*H
�@.3],CK4A"/Qy
7piwu"~g$pȇDdV������
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?426426AE.2060406>