Date: Mon, 25 Apr 2005 19:04:07 +0200 From: Andre Oppermann <andre@freebsd.org> To: Matthew Sullivan <matthew@uq.edu.au> Cc: freebsd-current@freebsd.org Subject: Re: DF (Don't frag) issues Message-ID: <426D2307.97D15253@freebsd.org> References: <426426AE.2060406@uq.edu.au><42663EA1.3020409@uq.edu.au> <20050424150211.GA87520@walton.maths.tcd.ie> <426BC78A.3E56D99B@freebsd.org> <426C1600.106@uq.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Sullivan wrote: > > As David suggested my config is shown here: > > http://lists.freebsd.org/pipermail/freebsd-current/2005-April/048980.html Ok, I see. Do you still have this setup at your disposal? I need to know the suggested MTU value in the ICMP packet. Best you look at it with ethereal. This will help a lot to get ahold of the bug. > After talking with people I see 2 issues..... > > 1/ The bug is being triggered when the incoming 'need frag' ICMP message > doesn't have a suggested value. If it comes from a FreeBSD box is certainly does have a suggested value but tcpdump does not show it. We need to know what it put in there to be able to figure out what is going wrong. > This ICMP message is being generated by 'stealth.sorbs.net' which is a > FreeBSD 5.3 p9 server running FAST_IPSEC (no crypto card yet - waiting > for delivery), and otherwise pretty standard kernel. As for fast forwarding: > > net.inet.ip.fastforwarding: 0 That's fine. > 2/ The bug itself is also a problem, as it cannot be guarenteed that the > host returning the ICMP 'need frag' will fill in a suggested mtu, so > that also needs to be looked at (but I guess you know that already ;-)) I'm testing a fix right now. Unfortunatly the whole situation is a lot more complex than thought at first. While stepping through the code I found some other incorrect assumptions. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?426D2307.97D15253>