Strange behavior of MTU on loopback interfaces.
c0re
nr1c0re at gmail.com
Fri Feb 25 10:45:56 UTC 2011
2011/2/25 Nikos Vassiliadis <nvass at gmx.com>:
> On 2/25/2011 9:29 AM, c0re wrote:
>>
>> Hello all!
>>
>> I'm testing setting lower MTU on loopback interfaces to avoid some MTU
>> problems with IPSEC in a path of traffic.
>>
>> ifconfig lo1 create
>> ifconfig lo1 mtu 1300
>> ifconfig lo1 5.5.5.5/32
>>
>> # ifconfig lo1
>> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 1300
>> inet 5.5.5.5 netmask 0xffffffff
>>
>> #ifconfig em0
>> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>> options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>> ether 12:ac:29:7c:fa:39
>> inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
>> media: Ethernet autoselect (1000baseTX<full-duplex>)
>> status: active
>>
>>
>> And I set only one "Listen 5.5.5.5:80" in http.conf in apache 2.2
>>
>> # sockstat -4 | grep 80
>> www httpd 96843 3 tcp4 5.5.5.5:80 *:*
>> www httpd 96838 3 tcp4 5.5.5.5:80 *:*
>> www httpd 96837 3 tcp4 5.5.5.5:80 *:*
>> www httpd 96836 3 tcp4 5.5.5.5:80 *:*
>> www httpd 96835 3 tcp4 5.5.5.5:80 *:*
>> www httpd 96834 3 tcp4 5.5.5.5:80 *:*
>> root httpd 96833 3 tcp4 5.5.5.5:80 *:*
>>
>> I run tcpdump -ni em0 port 80. And made telnet 5.5.5.5 80 from other
>> host and saw something wrong.
>>
>> 10:26:01.640866 IP 10.0.0.2.57553> 5.5.5.5.80: S
>> 1049284626:1049284626(0) win 65535<mss 1460,sackOK,eol>
>> 10:26:01.640902 IP 5.5.5.5.80> 10.0.0.2.57553: S
>> 2144222949:2144222949(0) ack 1049284627 win 65535<mss
>> 1460,sackOK,eol>
>> 10:26:01.642632 IP 10.0.0.2.57553> 5.5.5.5.80: . ack 1 win 65535
>>
>> 5.5.5.5:80 said that it has got tcp mss 1460. Why? I was waiting for
>> something like 1260.
>
> It uses the MTU of the outgoing path, which is 1500.
> You change the MTU for specific paths, using route and the mtu modifier.
> Like this:
>
>> lab# ifconfig em0
>> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>> options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>> ether 08:00:27:17:c3:de
>> inet 192.168.73.193 netmask 0xffffff00 broadcast 192.168.73.255
>> media: Ethernet autoselect (1000baseT <full-duplex>)
>> status: active
>> lab# route change 192.168.73.0 -mtu 1100
>> change net 192.168.73.0
>> lab# route -n get 192.168.73.0
>> route to: 192.168.73.0
>> destination: 192.168.73.0
>> mask: 255.255.255.0
>> interface: em0
>> flags: <UP,DONE,STATIC>
>> recvpipe sendpipe ssthresh rtt,msec mtu weight expire
>> 0 0 0 0 1100 1 0
>> lab#
>
> All packets going to 192.168.73.0/24 will use IP packet sizes up to
> 1100. IMHO it's better to leave the physical interface's MTU unchanged
> and use the routing subsystem to define the maximum IP packet size per
> path.
>
> HTH, Nikos
>
Works like a charm!
# route change 0.0.0.0 -mtu 1300
change net 0.0.0.0
# tcpdump -ni em0 host 5.5.5.5
13:42:58.996721 IP 10.0.0.2.51933 > 5.5.5.5.80: S
626695541:626695541(0) win 64512 <mss 1460,nop,nop,sackOK>
13:42:58.996760 IP 5.5.5.5.80 > 10.0.0.2.51933: S
289198669:289198669(0) ack 626695542 win 65535 <mss 1260,sackOK,eol>
13:42:58.999455 IP 10.0.0.2.51933 > 5.5.5.5.80: . ack 1 win 64512
Thank you very much!
More information about the freebsd-questions
mailing list