ssh & select() problem on 5.3
Claudiu Dragalia-Paraipan
dr.clau at gmail.com
Mon Nov 29 13:21:31 PST 2004
Peter Jeremy wrote:
> On Sun, 2004-Nov-28 18:43:47 +0200, Claudiu Dragalia-Paraipan wrote:
>
>>Since the problem occurs only when I connect to the firewall or to a
>>server behind it, I started to suspect a hardware failure. Could a
>>network card cause such problems ?
>
>
> A couple of people have mentioned path-MTU problems. I've also bumped
> into this problem when playing with VLANs where one end of the VLAN
> trunk doesn't support long frames - an oversize packet will get ignored
> by the receiver without any error being returned.
>
It seems that packets of size more then 1478 are dropped somewhere, but
not on the FreeBSD Firewall. The problem seems to be that it never
receives a ICMP "fragmentation needed but DF set".
Unfortunately I have control only over the firewall and what's behind it.
Next after the firewall (towards internet) there are a switch and a
Cisco router. I asked about the settings of this two, and it seems that
the switch is used for VLANs, and the Cisco for making a tunnel over
fiber channel with the next hop.
I have too few information about this at the moment, but I am almost
certain that the problems are occuring because of the Cisco router.
I did a traceroute from the firewall to outside, and big packets always
stop on Cisco router.
A traceroute from outside to the firewall always stops at the hop
exactly before the cisco router I am talking about, which I suppose is
the other end of this tunnel.
--
Claudiu Dragalina-Paraipan
dr.clau at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20041129/76344a8f/signature.bin
More information about the freebsd-hackers
mailing list