From owner-freebsd-net@freebsd.org Thu Aug 17 21:41:07 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8955FDD92BE for ; Thu, 17 Aug 2017 21:41:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mx1.sbone.de", Issuer "SBone.DE" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BD5265F1D for ; Thu, 17 Aug 2017 21:41:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 4EF4925D38A5; Thu, 17 Aug 2017 21:41:04 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 666DDD1F815; Thu, 17 Aug 2017 21:41:03 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id dHD8JgXOmeTs; Thu, 17 Aug 2017 21:41:02 +0000 (UTC) Received: from [192.168.124.1] (unknown [IPv6:fde9:577b:c1a9:31:2ef0:eeff:fe03:ee34]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id E0C75D1F808; Thu, 17 Aug 2017 21:40:58 +0000 (UTC) From: "Bjoern A. Zeeb" To: "Gopakumar Pillai" Cc: "freebsd-net@FreeBSD.org" Subject: Re: Only last IP frag sent if ARP entry absent Date: Thu, 17 Aug 2017 21:40:57 +0000 Message-ID: <43CC3432-DB42-4170-B3E7-E305561973F3@lists.zabbadoz.net> In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Mailer: MailMate (2.0BETAr6090) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Aug 2017 21:41:07 -0000 On 17 Aug 2017, at 21:16, Gopakumar Pillai wrote: > Hi FreeBSD Networking Gurus, > I came across an issue with an old version of FreeBSD and looking at > the latest FreeBSD code, seems it exists even now. I am assuming that > this issue is not reported. > > Observation: > When a ping was performed with larger payload than MTU, the first ping > failed when the ARP entry was absent for that IP. That is because ping/ICMP has no retransmit. > Noticed on the wire that the last IP fragment was sent for the first > request and then the subsequent requests were fine. > > Root Cause: > * ip_output fragments the packets and loops through the fragments to > send them to ether_output. > * ether_output does an arpresolve and if there is no existing ARP > entry it'll return EWOULDBLOCK after sending ARP Request. > * ether_output ignores the error and propagates success to ip_output > and it continues to send the remaining fragments. > * llentry keeps only one mbuf and the last fragment is retained when > the ARP Reply comes and the fragment is sent. Yes, according to the spec (RFC) we are supposed to throw the packet away entirely and simply report that to the next upper layer. However over the years people realised that this sucks for a TCP SYN packet with a retransmit timer and hence we store one of them. A large UDP packet would btw see the same behaviour to your ping. There’s no guarantee any of these packets will not be dropped anywhere on the network, so we can as well. Just my 2ct /bz