Need to frag (DF) :)
Dennis S. Davidoff
null at 1system.ru
Mon Mar 31 02:23:23 PST 2003
Hi all.
After successful authorization and setting tunnel by mpd I've got a
problem with packet fragmentation.
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
net 172.16.1.2 netmask 0xffffff00 broadcast 172.16.1.255
ether 00:02:44:2e:35:da
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 172.16.0.1 netmask 0xffffff00 broadcast 172.16.0.255
ether 00:10:dc:06:e8:91
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1392
inet 10.0.0.1 --> 10.0.0.2 netmask 0xffffffff
As you can see, mtu is 1392. So any attempt to open big content from
site or download a big file will fail. tcpdump shows:
14:13:09.876867 172.16.1.2 > 217.106.231.104: icmp: 192.168.0.168
unreachable - need to frag (mtu 1392) (DF)
...and so on.
Also I'll trying to test my gateway like that:
C:\Documents and Settings\null>ping -f -l 1500 172.16.0.1
Pinging 172.16.0.1 with 1500 bytes of data:
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Ping statistics for 172.16.0.1:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
Someone from obsd tells me that in obsd pf it could be solved by the rule:
scrub in all no-df fragment reassemble
...which defragments all packets and removes DF flag (i guess)
P.S. On my gateway I have an ipfw rule that allows any icmp type.
Thanks for any advices.
--
Sincerely,
Dennis
More information about the freebsd-net
mailing list