From owner-freebsd-net@FreeBSD.ORG  Tue Jan 27 16:01:47 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 506BD1065724
	for <freebsd-net@freebsd.org>; Tue, 27 Jan 2009 16:01:47 +0000 (UTC)
	(envelope-from smithi@nimnet.asn.au)
Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [220.233.188.227])
	by mx1.freebsd.org (Postfix) with ESMTP id A1CE28FC0C
	for <freebsd-net@freebsd.org>; Tue, 27 Jan 2009 16:01:46 +0000 (UTC)
	(envelope-from smithi@nimnet.asn.au)
Received: from localhost (localhost [127.0.0.1])
	by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id n0RG1ird040190;
	Wed, 28 Jan 2009 03:01:45 +1100 (EST)
	(envelope-from smithi@nimnet.asn.au)
Date: Wed, 28 Jan 2009 03:01:44 +1100 (EST)
From: Ian Smith <smithi@nimnet.asn.au>
To: Len Gross <sandiegobiker@gmail.com>
In-Reply-To: <27cb3ada0901261803h301c8cd4xbf5dafcde1f6ff7c@mail.gmail.com>
Message-ID: <20090128024956.X86094@sola.nimnet.asn.au>
References: <27cb3ada0901251009x7a96019am672f8bd42380df90@mail.gmail.com> 
	<20090126164357.F90458@sola.nimnet.asn.au>
	<27cb3ada0901261803h301c8cd4xbf5dafcde1f6ff7c@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org>
Subject: Re: MTU or Fragmentation Problems on 7.0?
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2009 16:01:48 -0000

On Mon, 26 Jan 2009, Len Gross wrote:
 > Ian,
 > 
 > Thanks so much for taking the time to look at this problem.

More like a parting shot over the shoulder before bedtime :)

 > I do not have any firewall running on any of the machines, unless
 > something "auto enables."  The  only rc.conf entries are ifconfig and
 > routing.
 > 
 > The thing that is most puzzling to me is that everything is fine on
 > FreeBSD #2 even though it is "behind" a link with 1450 MTU.  This
 > sounds like it must be a "bug" on  FreeBSD #2 (version 7.0) routing
 > from the 1450 route to the 1500 route to FreeBSD 3.  But if that were
 > true, why would running a Web Proxy on FreeBSD #1 work?

What if you also set FreeBSD #2's more inside interface to 1450, as on 
FreeBSD #1?  Apart from that I can't say anything as useful as David 
DeSimone's more detailed coverage of the issues, except that tcpdump on 
FreeBSD #3 should show what is (and isn't) happening more clearly.

cheers, Ian


 > Some other data.  I get the same problem if I replace FreeBSD 3 with a
 > Windows box.
 > I'm pretty sure I had similar behaviour with FreeBSD 6.3 as machine
 > #2,, but it was ignored at the time.  I've seen the problem with
 > connections to two different ISPs.
 > 
 > I can live with having a Web Proxy on FreeBSD # 1, but I am concerned
 > that this issue will crop up someplace else.
 > 
 > -- Len
 > 
 > On Sun, Jan 25, 2009 at 9:51 PM, Ian Smith <smithi@nimnet.asn.au> wrote:
 > > On Sun, 25 Jan 2009, Len Gross wrote:
 > >  > The following configuration works fine _until_ I make a change in MTU
 > >  > setting on the link between FreeBSD1 and FreeBSD2
 > >  >
 > >  > Internet
 > >  >                                    |
 > >  > Router                      x.x.x.x
 > >  >                          192.168.0.1/16
 > >  >                                    |
 > >  > FreeBSD #1       192.168.0.202 /16
 > >  >   6.3                  192.168.1.1/ 24
 > >  >                                    |
 > >  > FreeBSD #2        192.168.1.2/24
 > >  >   7.0                   192.168.1.5/24
 > >  >                        |
 > >  > FreeBSD #3        192.168.5.2/24
 > >  > 7.0
 > >  >
 > >  > All connections are Ethernet.
 > >  >
 > >  > If I change the MTU on 192.168.1.1 to 1450  and the corresponding MTU
 > >  > on 192.168.1.2 to 1450, then Web Browsing on FreeBSD2 continues to
 > >  > work, BUT browsing on FreeBSD3  "fails"  (mostly.)
 > >  >
 > >  > On FreeBSD 3
 > >  > Ping and nslookup work fine from FreeBSD3
 > >  > I can get to Google but virtually no other web sites
 > >  > Using tcpdump there is lots of unusual stuff, some relating to
 > >  > fragmentation ICMP?
 > >
 > > Do any of these machines have a firewall rule blocking ICMP?  You want
 > > to be sure at least icmptypes 3,11 are flowing freely to/from FreeBSD3,
 > > as well as pings (icmptypes 0,8) which are apparently permitted.
 > >
 > > cheers, Ian
 > >
 > >  > If I put a Web Proxy on FreeBSD 1, everything works fine.
 > >  >
 > >  > I have tried putting mtu = 1450 using route change on all the routes,
 > >  > but that didn't help.
 > >  > When I did this I verified all routes had 1450 mtu via netstat ?arW
 > >  >
 > >  > So I am unsure if this is a FreeBSD bug, a "internet" fragmentation issue or ???
 > >  > Amongst the strangest things is that FreeBSD 2 is unaffected; Firefox
 > >  > runs fine there
 > >  >
 > >  > (There was a thread in October about mtu issues in 7.0 but it didn't
 > >  > seem to help my problem.)
 > >  > (I run 1450 MTU to support testing of an experimental protocol., but
 > >  > all the above is with straight out of the box FreeBSD.)
 > >  >
 > >  > -- Len
 > >
 >