kern/122338: ICMP unreach, frag needed but df set + route mtu broken - breaks PMTU

Mark Cammidge mark at peralex.com
Tue Apr 1 08:40:02 PDT 2008 

>Number:         122338
>Category:       kern
>Synopsis:       ICMP unreach, frag needed but df set + route mtu broken - breaks PMTU
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 01 15:40:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Mark Cammidge
>Release:        7.0-STABLE (cvsupped 2008-03-24)
>Organization:
none
>Environment:
FreeBSD www.peralex.com 7.0-STABLE FreeBSD 7.0-STABLE #3: Tue Apr  1 09:09:58 SAST 2008 
>Description:
When a IP forwarding is enabled on a FreeBSD machine, the mtu on the route that is used for the next hop is ignored when "icmp unreachable, frag needed but df set" packets are returned when a packet is dropped as a result of a packet being too large (the route mtu is used correctly to decide which packets to drop).

The icmp packets are returned, but the next hop value does not take into account the mtu on the route, only the mtu on the interface to which the packet would have been routed.

This breaks path mtu discovery when the route MTU is smaller than the interface MTU for the next hop.

This was working correctly in 6-STABLE

>How-To-Repeat:
Set up a system (call it SystemA) to do ip forwarding.
Set up a route to use a low MTU (say 1300), but leave the MTU on the interfaces that will carry those connection at 1500.
>From a separate machine (call it SystemB) , establish a TCP connection via SystemA to another system (SystemC say) that will be routed according to the route with the MTU set to 1300.
When large packets are sent from SystemB to SystemC, SystemA sends 'icmp unreachable, frag needed by df set' replies to SystemB and drops the large packets.  These icmp packets specify the next hop MTU as 1500, rather than 1300 as should be the case.  The next hop should be the minimum of the interface and path MTUs.

>Fix:
Bjoern A. Zeeb reported this problem on the freebsd-net mailing list:

http://lists.freebsd.org/pipermail/freebsd-net/2007-December/016357.html

and provided a patch:

http://sources.zabbadoz.net/freebsd/patchset/patch-20071228-02-ip-forward-unreach-needfrag-ro.diff

Bjoern has requested that this issue be assigned to him.

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list