pmtud + ipnat RELENG_6_2 appears to be broken
Stephen Clark
Stephen.Clark at seclark.us
Thu Jul 12 19:34:23 UTC 2007
Stephen Clark wrote:
>Hi List,
>
>When using ipnat, part of ipfilter 4.1.13, I don't see any
>icmp packets being returned saying:
>Host Unreachable, frag needed and DF set.
>type 3, code 4
>
>It does work if I am not using ipnat.
>
>Any ideas?
>
>Thanks,
>Steve
>
>
>
Sorry for the noise - this seems to be OK. But the problem I am seeing
relates to:
Did something change in 6.2? If my mtu size on rl0 is 1280 it won't
accept a larger incoming packet.
kernel: rl0: discard oversize frame (ether type 800 flags 3 len 1514 > max
1294)
I don't think it worked this way in the past.
Won't this affect pmtud?
man page for ifconfig says mtu limits size of "transmission" not reception.
"mtu n Set the maximum transmission unit of the interface to n,
default
is interface specific."
--
"They that give up essential liberty to obtain temporary safety,
deserve neither liberty nor safety." (Ben Franklin)
"The course of history shows that as a government grows, liberty
decreases." (Thomas Jefferson)
More information about the freebsd-stable
mailing list