From owner-freebsd-ipfw@FreeBSD.ORG Mon Nov 24 10:42:06 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 52DC516A4CE; Mon, 24 Nov 2003 10:42:06 -0800 (PST) Received: from mail.alkar.net (mail.alkar.net [195.248.191.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id F183E43FF9; Mon, 24 Nov 2003 10:42:02 -0800 (PST) (envelope-from mav@alkar.net) Received: from [195.248.178.122] (HELO alkar.net) by mail.alkar.net (CommuniGate Pro SMTP 4.1.8) with ESMTP id 123315126; Mon, 24 Nov 2003 20:42:01 +0200 Message-ID: <3FC250FC.6090504@alkar.net> Date: Mon, 24 Nov 2003 20:42:04 +0200 From: Alexander Motin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5b) Gecko/20030827 X-Accept-Language: ru, uk, en-us, en MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org References: <3FBCCA12.1000906@alkar.net.lucky.freebsd.ipfw> In-Reply-To: <3FBCCA12.1000906@alkar.net.lucky.freebsd.ipfw> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Is this a bug? X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Nov 2003 18:42:06 -0000 Hi! Alexander Motin wrote: > I have one strange problem with dummynet & IP fragmentation. > > I have FreeBSD 4.8-RELEASE router with few interfaces: > em0: flags=8843 mtu 1500 > options=3 > inet 195.248.191.172 netmask 0xffffffc0 broadcast 195.248.191.191 > ether 00:30:48:20:8e:7e > media: Ethernet autoselect (1000baseTX ) > status: active > ng4: flags=88d1 mtu 1492 > inet 195.248.191.172 --> 212.86.231.58 netmask 0xffffffff > > Interface ng4 have MTU 1492 because it is PPPoE link. > When I do not use dummynet on router and somebody send a big > (>1492bytes) packet to 212.86.231.58 with DontFragment flag set router > generates ICMP reply message (Fragmentation Needed). This is correct. > > But when I use dummynet on that interface: > 10170 pipe 10009 ip from any to any out xmit ng4 > 10175 allow ip from any to any via ng4 > > 10009: 128.000 Kbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail > mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 > BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes > Pkt/Byte Drp > 0 udp 195.248.191.65/53 212.86.231.58/1118 50965 28380582 0 > 0 143 > > router stops sending that ICMP messages. Pipe is not overflowed at that > tme, it is empty. I recheck this on other router on Ethernet (rl0) interface. When I set MTU 1400 on rl0 interface I could see generated ICMP messages: 20:27:23.660470 dp3-w-com.alkar.net.ftp-data > pc.mavhome.dp.ua.1100: . 1027:2487(1460) ack 1 win 58400 (DF) 20:27:23.660580 router.mavhome.dp.ua > dp3-w-com.alkar.net: icmp: pc.mavhome.dp.ua unreachable - need to frag (mtu 1400) (DF) But when I configure outgoing pipe on this interface: ipfw pipe 2 config bw 64kbit/s ipfw add 1000 pipe 2 all from any to any out via rl0 I got problem: 20:29:32.778561 DP6-W-CUS.alkar.net.4522 > pc.mavhome.dp.ua.1103: . 1025:2485(1460) ack 1 win 58400 (DF) 20:29:35.080903 DP6-W-CUS.alkar.net.4522 > pc.mavhome.dp.ua.1103: . 1025:2485(1460) ack 1 win 58400 (DF) 20:29:39.274113 DP6-W-CUS.alkar.net.4522 > pc.mavhome.dp.ua.1103: . 1025:2485(1460) ack 1 win 58400 (DF) 20:29:47.306847 DP6-W-CUS.alkar.net.4522 > pc.mavhome.dp.ua.1103: . 1025:2485(1460) ack 1 win 58400 (DF) Hey, Developers! Where are you? Can anybody comment this? -- Alexander Motin