Dummynet and fragments
atanas atanas
atanas.yankov at gmail.com
Fri Dec 9 01:48:30 PST 2005
As i see nobody here answer to me and to other guys i make my own
ivestigation of the problem with dummynet and why it's produce broken
fragments in 5.x 6.x RELEASES
in my debug's i found what couse the problem ;))) , here is my debugs all
made on outgoing interaface after they live pipe's
My Desktop PC ---- >>>
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 18997:1480 at 0+)
(ttl 64, len 1500)
192.168.135.213 > 195.69.108.254: icmp (frag 18997:528 at 1480) (ttl 64, len
548)
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19000:1480 at 0+)
(ttl 64, len 1500)
192.168.135.213 > 195.69.108.254: icmp (frag 19000:528 at 1480) (ttl 64, len
548)
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19004:1480 at 0+)
(ttl 64, len 1500)
192.168.135.213 > 195.69.108.254: icmp (frag 19004:528 at 1480) (ttl 64, len
548)
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19008:1480 at 0+)
(ttl 64, len 1500)
192.168.135.213 > 195.69.108.254: icmp (frag 19008:528 at 1480) (ttl 64, len
548)
Router-FreeBSD RELEASE-4.11-p13 with pipe's for incoming and outgoing
traffic
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 18997:1480 at 0+)
192.168.135.213 > 195.69.108.254: icmp (frag 18997:528 at 1480)
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19000:1480 at 0+)
192.168.135.213 > 195.69.108.254: icmp (frag 19000:528 at 1480)
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19004:1480 at 0+)
192.168.135.213 > 195.69.108.254: icmp (frag 19004:528 at 1480)
192.168.135.213 > 195.69.108.254: icmp: echo request (frag 19008:1480 at 0+)
192.168.135.213 > 195.69.108.254: icmp (frag 19008:528 at 1480)
Router-FreeBSD RELEASE-5.4-p8 with pipe's for incoming and outgoing traffic
IP (tos 0x0, ttl 62, id 26431, offset 0, flags [+], length: 1500)
192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 0
IP (tos 0x0, ttl 62, id 26433, offset 1480, flags [none], length: 548)
192.168.135.213 > 195.69.108.254: icmp
IP (tos 0x0, ttl 62, id 36602, offset 0, flags [+], length: 1500)
192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 256
IP (tos 0x0, ttl 62, id 36603, offset 1480, flags [none], length: 548)
192.168.135.213 > 195.69.108.254: icmp
IP (tos 0x0, ttl 62, id 46610, offset 0, flags [+], length: 1500)
192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 512
IP (tos 0x0, ttl 62, id 46611, offset 1480, flags [none], length: 548)
192.168.135.213 > 195.69.108.254: icmp
IP (tos 0x0, ttl 62, id 57038, offset 0, flags [+], length: 1500)
192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 768
IP (tos 0x0, ttl 62, id 57039, offset 1480, flags [none], length: 548)
192.168.135.213 > 195.69.108.254: icmp
the second router 5.x first change id off fragments then broke sequence and
destination host can't reasseble all packet this is the reason why
ping -s 2000 x.y.z.1 won't work
traceroute x.y.z.1 2000
tcptraceroute x.y.z.1 80 2000 too
but it's a simple tools for troubleshooting , the baddest in this case is
that it's harm real traffic vpn-s , and others
---> Here is a fix of this problem
--- ip_output.c Fri Dec 2 13:35:16 2005
+++ ip_output-fix.c Thu Dec 8 17:39:28 2005
@@ -173,7 +173,6 @@
if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) {
ip->ip_v = IPVERSION;
ip->ip_hl = hlen >> 2;
- ip->ip_id = ip_newid();
ipstat.ips_localout++;
} else {
hlen = ip->ip_hl << 2;
br,
CCNP Atanas Yankov
Network Administrator
AngelSoft Ltd.
More information about the freebsd-net
mailing list