DF (Don't frag) issues

[Matthew Sullivan]

Matthew Sullivan wrote:

> I'm going to post this back to the list as Marko was also helping me get
> to the bottom of it...
>
> David Malone wrote:
>
>> On Tue, Apr 19, 2005 at 07:29:18AM +1000, Matthew Sullivan wrote:
>>  
>>
>>> Any reason why FreeBSD 5.2.1+ and 5.3-p9 set DF on all packets?
>>>   
>>
>>
>> It is usual to do this to do path MTU discovery with TCP. I don't
>> know what the situation with the packets that the VPN sends is.
>
Ok well thanks to Andrew @ Supernews and a lot of debugging it appears 
there is a bug....

sys/netinet/ip_icmp.c: line 440
                        if (!mtu)
                                mtu = ip_next_mtu(mtu, 1);

Problem is ip_next_mtu will always return 0 when called with (0, 1) ... 
so following that with:

                        if (mtu >= max(296, (tcp_minmss +
                                        sizeof(struct tcpiphdr))))
                                tcp_hc_updatemtu(&inc, mtu);

and nothing gets changed.... hence why it fails.

Apparently the gateway should be suggesting a MTU value for use.... the 
gateway is also FreeBSD 5.3 so something needs fixing .. :-/

Regards,

-- 
Matthew Sullivan
Specialist Systems Programmer
Information Technology Services
The University of Queensland

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2666 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20050423/775dc662/smime.bin