Re: Problem with net.inet.tcp.path_mtu_discovery=1

Reply: Christos Chatzaras : "Re: Problem with net.inet.tcp.path_mtu_discovery=1"
In reply to: Christos Chatzaras : "Problem with net.inet.tcp.path_mtu_discovery=1"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Dave Cottlehuber <dch_at_skunkwerks.at>
Date: Wed, 04 Jun 2025 16:36:39 UTC

On Wed, 4 Jun 2025, at 16:36, Christos Chatzaras wrote:
> Hello,
>
> I manage some servers hosting websites.

What does tcpdump/wireshark show for traffic, particularly icmp? Wireshark is very helpful in explaining some issues.

What is the actual MTU on the working net vs the failing one?

Is there a local MTU where the failing websites start working again?

see ping(8) and use -v -D -s …. together to find a working MTU and cross check with tcpdump to find where things seem to break.

On a recent cloud environment I needed to add ‘ set reassemble yes no-df’ to my pf.conf to address MTU issues between VNET jails and the internet.

Happy hunting
Dave