Dummynet and fragments

Alvaro Saurin saurin at dcs.gla.ac.uk
Fri Dec 9 03:35:24 PST 2005


Hi,

I have tested your patch and it works fine for me. Thanks.

Alvaro

On 9 Dec 2005, at 09:48, atanas atanas wrote:

> As i see nobody here answer to me and to other  guys i make my own
> ivestigation of the problem with dummynet and why it's produce broken
> fragments in 5.x 6.x RELEASES
> in my debug's i found what couse the problem ;))) , here is my  
> debugs all
> made on outgoing interaface after they live pipe's
>
> My Desktop PC ---- >>>
>
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 18997:1480 at 0+)
> (ttl 64, len 1500)
> 192.168.135.213 > 195.69.108.254: icmp (frag 18997:528 at 1480) (ttl  
> 64, len
> 548)
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 19000:1480 at 0+)
> (ttl 64, len 1500)
> 192.168.135.213 > 195.69.108.254: icmp (frag 19000:528 at 1480) (ttl  
> 64, len
> 548)
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 19004:1480 at 0+)
> (ttl 64, len 1500)
> 192.168.135.213 > 195.69.108.254: icmp (frag 19004:528 at 1480) (ttl  
> 64, len
> 548)
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 19008:1480 at 0+)
> (ttl 64, len 1500)
> 192.168.135.213 > 195.69.108.254: icmp (frag 19008:528 at 1480) (ttl  
> 64, len
> 548)
>
> Router-FreeBSD RELEASE-4.11-p13 with pipe's for incoming and outgoing
> traffic
>
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 18997:1480 at 0+)
> 192.168.135.213 > 195.69.108.254: icmp (frag 18997:528 at 1480)
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 19000:1480 at 0+)
> 192.168.135.213 > 195.69.108.254: icmp (frag 19000:528 at 1480)
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 19004:1480 at 0+)
> 192.168.135.213 > 195.69.108.254: icmp (frag 19004:528 at 1480)
> 192.168.135.213 > 195.69.108.254: icmp: echo request (frag  
> 19008:1480 at 0+)
> 192.168.135.213 > 195.69.108.254: icmp (frag 19008:528 at 1480)
>
>
> Router-FreeBSD RELEASE-5.4-p8 with pipe's for incoming and outgoing  
> traffic
>
> IP (tos 0x0, ttl  62, id 26431, offset 0, flags [+], length: 1500)
> 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 0
> IP (tos 0x0, ttl  62, id 26433, offset 1480, flags [none], length:  
> 548)
> 192.168.135.213 > 195.69.108.254: icmp
> IP (tos 0x0, ttl  62, id 36602, offset 0, flags [+], length: 1500)
> 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 256
> IP (tos 0x0, ttl  62, id 36603, offset 1480, flags [none], length:  
> 548)
> 192.168.135.213 > 195.69.108.254: icmp
> IP (tos 0x0, ttl  62, id 46610, offset 0, flags [+], length: 1500)
> 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 512
> IP (tos 0x0, ttl  62, id 46611, offset 1480, flags [none], length:  
> 548)
> 192.168.135.213 > 195.69.108.254: icmp
> IP (tos 0x0, ttl  62, id 57038, offset 0, flags [+], length: 1500)
> 192.168.135.213 > 195.69.108.254: icmp 1480: echo request seq 768
> IP (tos 0x0, ttl  62, id 57039, offset 1480, flags [none], length:  
> 548)
> 192.168.135.213 > 195.69.108.254: icmp
>
> the second router 5.x first change id off fragments then broke  
> sequence and
> destination host can't reasseble all packet this is the reason why
> ping -s 2000 x.y.z.1 won't work
> traceroute x.y.z.1 2000
> tcptraceroute x.y.z.1 80 2000 too
> but it's a simple tools for troubleshooting , the baddest in this  
> case is
> that  it's harm  real  traffic  vpn-s ,  and others
>
> ---> Here is a fix of this problem
>
>
> --- ip_output.c Fri Dec  2 13:35:16 2005
> +++ ip_output-fix.c     Thu Dec  8 17:39:28 2005
> @@ -173,7 +173,6 @@
>       if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) {
>               ip->ip_v = IPVERSION;
>               ip->ip_hl = hlen >> 2;
> -               ip->ip_id = ip_newid();
>               ipstat.ips_localout++;
>       } else {
>               hlen = ip->ip_hl << 2;
>
>
> br,
> CCNP Atanas Yankov
> Network Administrator
> AngelSoft Ltd.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"

-- 
Alvaro Saurin <alvaro.saurin at gmail.com> <saurin at dcs.gla.ac.uk>





More information about the freebsd-net mailing list