DF (Don't frag) issues
Matthew Sullivan
matthew at uq.edu.au
Sat Apr 23 05:29:10 PDT 2005
Matthew Sullivan wrote:
> I'm going to post this back to the list as Marko was also helping me get
> to the bottom of it...
>
> David Malone wrote:
>
>> On Tue, Apr 19, 2005 at 07:29:18AM +1000, Matthew Sullivan wrote:
>>
>>
>>> Any reason why FreeBSD 5.2.1+ and 5.3-p9 set DF on all packets?
>>>
>>
>>
>> It is usual to do this to do path MTU discovery with TCP. I don't
>> know what the situation with the packets that the VPN sends is.
>
Ok well thanks to Andrew @ Supernews and a lot of debugging it appears
there is a bug....
sys/netinet/ip_icmp.c: line 440
if (!mtu)
mtu = ip_next_mtu(mtu, 1);
Problem is ip_next_mtu will always return 0 when called with (0, 1) ...
so following that with:
if (mtu >= max(296, (tcp_minmss +
sizeof(struct tcpiphdr))))
tcp_hc_updatemtu(&inc, mtu);
and nothing gets changed.... hence why it fails.
Apparently the gateway should be suggesting a MTU value for use.... the
gateway is also FreeBSD 5.3 so something needs fixing .. :-/
Regards,
--
Matthew Sullivan
Specialist Systems Programmer
Information Technology Services
The University of Queensland
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2666 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20050423/775dc662/smime.bin
More information about the freebsd-current
mailing list