pmtud problem

[Stephen Clark]

Hello List,

We have a setup that looks like the following.

pc <-ethernet-> freebsd 4.9 <-pppoe-> internet  <-ethernet-> freebsd 6.1
on the freebsd box we have a gre tunnel with a mtu of 1420 feeding into a
gif vpn tunnel with a mtu of 1280 ( I know this dumb but it the default 
value when you create a gif )
feeding into a tun0 with a mtu of 1492.

What we see is the packet never makes it to the freebsd 6.1 system.

if the pc sends a packet of 1460 bytes with the DF bit set shouldn't the 
freebsd 4.9 system
send back an icmp dest unreachable - fragmentation needed and DF bit set?
$ sysctl -a | grep mtu
net.inet.tcp.path_mtu_discovery: 1

Now if I change the mtu of the gre to 1412 everything works.

Any insight would be appreciated.

Thanks,
Steve
-- 

"They that give up essential liberty to obtain temporary safety, 
deserve neither liberty nor safety."  (Ben Franklin)

"The course of history shows that as a government grows, liberty 
decreases."  (Thomas Jefferson)