[pf4freebsd] Re: nfsd send error 1 probably caused by pf ?
Florian C. Smeets
flo at kasimir.com
Wed Sep 15 20:55:53 PDT 2004
Daniel Hartmeier wrote:
> On Wed, Nov 12, 2003 at 10:56:54PM +0100, Florian C. Smeets wrote:
>
>
>>Nov 12 19:38:57 bender kernel: nfsd send error 1
>
>
> Are you using nfs over udp or tcp?
>
It's tcp.
> If you are using scrub, try adding 'no-df' to all scrub rules. Some nfs
> implementations (Linux and Solaris, mostly) use fragments with DF set,
> which get dropped by scrub unless you use no-df.
I'm only using scrub on the external interface not on the internal one
where the nfs is transferred.
>
> If that doesn't solve it, add 'log' to all block rules and watch pflog
> for blocked packets. Enable debug logging (pfctl -xm) and watch
> /var/log/messages for pf related messages. Do you see fragment
> reassembly there?
I don't have any block rules on the internal interface ?!
>
> Daniel
>
I'm going to experiment a little further and see if i can find anything.
Thanks,
flo
More information about the freebsd-pf
mailing list