Date: Sat, 7 Apr 2007 15:01:09 -0500 From: David Duchscher <daved@tamu.edu> To: net@freebsd.org Subject: pf + scrub fragment reassemble + if_bridge = bad? Message-ID: <DD6B106A-C1CD-4A72-8F56-EDD9AE90AE38@tamu.edu>
next in thread | raw e-mail | index | archive | help
--Apple-Mail-1-100374143 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Ran into a problem the other day and wanted to drop a note and see if I should followup with a PR. Running a box as a bridging firewall and ran into problem with giant packets being reported by the router on one end and OSPF routing dropping. Seems that once a packet is reassembled by pf, it gets forward on through the bridge and out onto the wire. In this case, it was an OSPF packet that ended up being 1540 bytes long . Of course, turning off the scrub rules fix the problem but I was wondering if this is expected behavior, a bug, or has already been fix. The box is running 6.1-RELEASE i386. Network interfaces are em gigabit interfaces with MTU at 1500. Thanks, -- DaveD --Apple-Mail-1-100374143--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DD6B106A-C1CD-4A72-8F56-EDD9AE90AE38>