Router on 6.0-stable fails to route tcp packets due to NAT?? malfunction

Oleg Tarasov subscriber at osk.com.ua
Mon Dec 26 07:58:43 PST 2005


Hello,

Further analysis brought me to a conclusion that the problem is in MTU
values. Changing MTU on client machines made everything work fine -
but as I know this is not right. If packets are routed between
different MTU interfaces they have to be fragmented or something. If
fragmentation is impossible due to "dont fragment" bit set an icmp
packet "Need Fragmentation" should be sent to packet sender.

As I know web and ftp packets dont have "dont fragment" bit set so
packet fragmentation should apply normally what doesn't happen.

Reading my firewall configuration we can see that any icmp packets can
go freely through it so the reason of such malfunction is unknown to
me. Also there are rules that allow passing of fragmented packets
freely. Anyway the firewall configuration was copied from another
production system which also has different MTU's on interfaces.

Can anyone tell me what is the problem?

-- 
Best regards,
 Oleg Tarasov                          mailto:subscriber at osk.com.ua



More information about the freebsd-net mailing list