MTU or Fragmentation Problems on 7.0?

Ian Smith smithi at nimnet.asn.au
Tue Jan 27 08:01:48 PST 2009 

On Mon, 26 Jan 2009, Len Gross wrote:
 > Ian,
 > 
 > Thanks so much for taking the time to look at this problem.

More like a parting shot over the shoulder before bedtime :)

 > I do not have any firewall running on any of the machines, unless
 > something "auto enables."  The  only rc.conf entries are ifconfig and
 > routing.
 > 
 > The thing that is most puzzling to me is that everything is fine on
 > FreeBSD #2 even though it is "behind" a link with 1450 MTU.  This
 > sounds like it must be a "bug" on  FreeBSD #2 (version 7.0) routing
 > from the 1450 route to the 1500 route to FreeBSD 3.  But if that were
 > true, why would running a Web Proxy on FreeBSD #1 work?

What if you also set FreeBSD #2's more inside interface to 1450, as on 
FreeBSD #1?  Apart from that I can't say anything as useful as David 
DeSimone's more detailed coverage of the issues, except that tcpdump on 
FreeBSD #3 should show what is (and isn't) happening more clearly.

cheers, Ian


 > Some other data.  I get the same problem if I replace FreeBSD 3 with a
 > Windows box.
 > I'm pretty sure I had similar behaviour with FreeBSD 6.3 as machine
 > #2,, but it was ignored at the time.  I've seen the problem with
 > connections to two different ISPs.
 > 
 > I can live with having a Web Proxy on FreeBSD # 1, but I am concerned
 > that this issue will crop up someplace else.
 > 
 > -- Len
 > 
 > On Sun, Jan 25, 2009 at 9:51 PM, Ian Smith <smithi at nimnet.asn.au> wrote:
 > > On Sun, 25 Jan 2009, Len Gross wrote:
 > >  > The following configuration works fine _until_ I make a change in MTU
 > >  > setting on the link between FreeBSD1 and FreeBSD2
 > >  >
 > >  > Internet
 > >  >                                    |
 > >  > Router                      x.x.x.x
 > >  >                          192.168.0.1/16
 > >  >                                    |
 > >  > FreeBSD #1       192.168.0.202 /16
 > >  >   6.3                  192.168.1.1/ 24
 > >  >                                    |
 > >  > FreeBSD #2        192.168.1.2/24
 > >  >   7.0                   192.168.1.5/24
 > >  >                        |
 > >  > FreeBSD #3        192.168.5.2/24
 > >  > 7.0
 > >  >
 > >  > All connections are Ethernet.
 > >  >
 > >  > If I change the MTU on 192.168.1.1 to 1450  and the corresponding MTU
 > >  > on 192.168.1.2 to 1450, then Web Browsing on FreeBSD2 continues to
 > >  > work, BUT browsing on FreeBSD3  "fails"  (mostly.)
 > >  >
 > >  > On FreeBSD 3
 > >  > Ping and nslookup work fine from FreeBSD3
 > >  > I can get to Google but virtually no other web sites
 > >  > Using tcpdump there is lots of unusual stuff, some relating to
 > >  > fragmentation ICMP?
 > >
 > > Do any of these machines have a firewall rule blocking ICMP?  You want
 > > to be sure at least icmptypes 3,11 are flowing freely to/from FreeBSD3,
 > > as well as pings (icmptypes 0,8) which are apparently permitted.
 > >
 > > cheers, Ian
 > >
 > >  > If I put a Web Proxy on FreeBSD 1, everything works fine.
 > >  >
 > >  > I have tried putting mtu = 1450 using route change on all the routes,
 > >  > but that didn't help.
 > >  > When I did this I verified all routes had 1450 mtu via netstat ?arW
 > >  >
 > >  > So I am unsure if this is a FreeBSD bug, a "internet" fragmentation issue or ???
 > >  > Amongst the strangest things is that FreeBSD 2 is unaffected; Firefox
 > >  > runs fine there
 > >  >
 > >  > (There was a thread in October about mtu issues in 7.0 but it didn't
 > >  > seem to help my problem.)
 > >  > (I run 1450 MTU to support testing of an experimental protocol., but
 > >  > all the above is with straight out of the box FreeBSD.)
 > >  >
 > >  > -- Len
 > >
 >

More information about the freebsd-net mailing list