every 2nd echo-request malformed when ping -s >4067
Harald Schmalzbauer
h.schmalzbauer at omnilan.de
Wed Oct 24 16:24:33 UTC 2012
schrieb Jeremy Chadwick am 24.10.2012 17:40 (localtime):
> (Please keep me CC'd as I'm not subscribed)
>
> Regarding:
>
> http://lists.freebsd.org/pipermail/freebsd-stable/2012-October/070239.html
>
> tcpdump -x is not helpful here. tcpdump -xx would be.
>
> tcpdump -x dumps the *payload* portion of the packet, while -xx dumps
> everything (all headers/protocol data included).
>
> The reason I say -xx would be helpful is because of this:
>
>> 2nd: 12:21:10.052891 IP 10.5.49.126 > 10.5.49.65: icmp
>> 0x0000: 4500 1000 0f2d 0040 4001 e4c7 0a05 317e
> The ICMP code/type and related header data is not being decoded
> correctly, or is being *encoded* incorrectly. I can't tell because all
> that's shown there is the payload!
Hmm, if I understand things right, there's only the link-level-header
missing, meaning the ethernet adresses. Not the IP-header.
Verified that:
1st: 16:03:08.963292 IP 10.5.49.126 > 10.5.49.65: ICMP echo request, id
30477, seq 0, length 4076
000c 29f1 8424 90e2 ba18 f885 0800
2nd: 16:03:09.968454 IP 10.5.49.126 > 10.5.49.65: icmp
000c 29f1 8424 90e2 ba18 f885 0800
Since the link-level-header is identical, the problem must be later and
the former dump should be valid.
That's easily reproducable everywhere, since lo0 has mtu 16384, so just
' ping -D -s 4068 127.0.0.1 '.
Thanks,
-Harry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20121024/92bb8cea/attachment.sig>
More information about the freebsd-stable
mailing list