dummynet & IP fragmentation bug

From: Alexander Motin (mav_at_alkar.net)
Date: 11/20/03

  • Next message: Colin Watson: "Re: Connecting subnet over PPP" 
    Date: Thu, 20 Nov 2003 14:39:38 +0200
To: freebsd-net@freebsd.org

    Hello.

    I have one strange problem with dummynet & IP fragmentation.

    I have FreeBSD 4.8-RELEASE router with few interfaces:
    em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
             options=3<rxcsum,txcsum>
             inet 195.248.191.172 netmask 0xffffffc0 broadcast 195.248.191.191
             ether 00:30:48:20:8e:7e
             media: Ethernet autoselect (1000baseTX <full-duplex>)
             status: active
    ng4: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1492
             inet 195.248.191.172 --> 212.86.231.58 netmask 0xffffffff

    Interface ng4 have MTU 1492 because it is PPPoE link.
    When I do not use dummynet on router and somebody send a big
    (>1492bytes) packet to 212.86.231.58 with DontFragment flag set router
    generates ICMP reply message (Fragmentation Needed). This is correct.

    But when I use dummynet on that interface:
    10170 pipe 10009 ip from any to any out xmit ng4
    10175 allow ip from any to any via ng4

    10009: 128.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail
         mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000
    BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes
    Pkt/Byte Drp
       0 udp 195.248.191.65/53 212.86.231.58/1118 50965 28380582 0
        0 143

    router stops sending that ICMP messages. Pipe is not overflowed at that
    tme, it is empty. 

    -- 
Alexander Motin
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
  • Next message: Colin Watson: "Re: Connecting subnet over PPP"

    Relevant Pages

    • Re: Tweaking for broadband
      ... tweaking almost certainly refers to altering the MTU on the PC. ... should be set not only on the router via the router's interface, ...
      (uk.comp.sys.mac)
    • Re: pulling my hair out with this "Static IP" setup
      ... My understanding is that that MTU is appropriate when using PPPoE. ... PC is inside the router then the PC should be using an MTU of 1500 and the ... to forward onto an interface which only supports 1492? ...
      (comp.os.os2.setup.misc)
    • Re: ICMP and discard oversize frame
      ... These messages are generated when a router forwards a packet from ... an interface with a large MTU to an interface with a small MTU. ...
      (comp.unix.bsd.freebsd.misc)
    • [Full-Disclosure] FW: Cisco Vulnerability forensic protocol analysis results.
      ... AMILABS CISCO IP PROTOCOL EXPLOIT TESTING RESULTS ... Cisco router interfaces using either all or one of the following IP ... of a remote Cisco interface uses all of them. ... output buffer failures, 0 output buffers swapped out Router4# ...
      (Full-Disclosure)
    • Re: Site-to-Site VPN client routing question - clients at branch office not able to acce
      ... I would recommend that you use some other machine as your router, ... select the demand-dial interface from the dropdown list. ... On the RRAS server in Shanghai, configure a demand-dial interface and give it a static route to 194.1.1.0/24 as above. ... This makes sure that the connection is made to the correct dd interface and sets up the correct route back to Shanghai through the VPN link. ...
      (microsoft.public.windows.server.networking)