[Bug 220351] Path MTU discovery works only after resetting an internal interface MTU (mpd5, ng_nat, ipfw)

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Thu Jun 29 10:21:32 UTC 2017 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220351

            Bug ID: 220351
           Summary: Path MTU discovery works only after resetting an
                    internal interface MTU (mpd5, ng_nat, ipfw)
           Product: Base System
           Version: 11.0-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: la5lbtyi at aon.at

Scenario:
=========
I am using the following setup to connect a home network to the ISP:
- mpd5 with "set iface enable nat" (so that mpd5 uses ng_nat)
- ipfw
- RFC1918 internal address range
- FreeBSD 11.0 as border router running mpd5 and ipfw
- FreeBSD 11.0 internal machine.
- The internal network is wired Ethernet (100baseTX for the border router,
1000baseT for the internal machine), MTU 1500.

Due to this setup, ipfw sees only the NATted addresses and is not concerned
with NATting itself.

Ipfw is configured to allow icmptypes 0,3,4,11,12 in and 3,8,11,12 out.

Recently, the provider changed from PPPoA to PPPoE. This means that now the MTU
on the link to the provider is 1492 instead of 1500. In mpd5, I now have 'set
link mtu 1492; set link mru 1492'. Before that change, the problem described
below in this PR did not occur.

Scenario 1 (good):
==================
Running svn, git, and rsync from the border router to machines on the Internet
works.

Scenario 2 (problem):
=====================
Running svn, git, and rsync from the internal machine to machines on the
Internet nearly never works (maybe one out of 20).

However, if I manually set the internal machine's Ethernet I/F MTU to 1492 and
immediately thereafter reset it to 1500 all subsequent connections work
flawlessly (ifconfig <if> mtu 1492; ifconfig <if> mtu 1500).

Expected result:
================
Svn, git, and rsync connections from the internal machine to machines on the
Internet should work right after boot.

-- Martin

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list