kern/115413: [ipv6] ipv6 pmtu not working
Jacek Zapala
jacek at ipv6.jacek.it.pl
Tue Aug 21 07:38:46 PDT 2007
On Tue, 2007-08-21 at 16:31 +0200, Daniel Hartmeier wrote:
> Is the following a correct view of your setup:
>
> src ---- $int_if pf $ext_if ---- router ---- dst
>
> Where client src connects to server dst, and you create the state
> entry
> when the initial TCP SYN goes out $ext_if on the firewall?
>
> The ICMPv6 is coming in on $ext_if, in the reverse direction, relative
> to the initial TCP SYN?
>
> And the router is between pf and dst, on the $ext_if side?
pf is set up on src so it looks like:
src with pf ---- router ---- (internet) ---- dst
pf rule:
pass out quick on $if0 inet6 proto tcp from any to $dst_net port 22
flags S/SA keep state
Jacek
More information about the freebsd-net
mailing list