> On Dec 5, 2016, at 11:59, Ryan Stone <[email protected]> wrote:
>
> What's the MTU on the bce and vlan interfaces? Does the bce interface show
> VLAN_MTU option set (in ifconfig)?
I had manually set these to try to work out the problem earlier in my
experimentation, but am now back (unless I missed something) to the natural
MTUs on all interfaces. The vlan’s all show 1496, and the bee’s (and lagg0)
show 1500. The options on each of the bce’s show VLAN_MTU, and a few other
VLAN_ options.
- Chris
> On Mon, Dec 5, 2016 at 10:00 AM, Chris Ross <[email protected]> wrote:
>
> Hello all. I recently replaced my router with a FreeBSD/11 box (stable/11
> r308579). I am running a lagg device across two bce’s, and 802.1q vlan
> interfaces atop lagg0. I’m using pf to NAT/filter out through a single
> outside IP address.
>
> I’m having the following problem. Some devices appear to be having trouble
> passing traffic. Of course, I first assumed I was doing something wrong with
> my pf filters, but I believe now that’s not the problem. One client machine
> (a TiVo Roamio) that produces a failure reliably, so I’ve been using it for
> testing, is showing that during a TCP session, which starts up fine, in the
> middle of a POST operation to an outside server, there are 1500 byte packets.
> These packets have the DF bit in the IP header, and then never show up on
> the external interface (vlan0). Smaller packets in the same TCP stream do.
> But, I’m also not seeing the ICMP from the router back to the client telling
> it that it cannot send the packet.
>
> I have tried all sorts of changes to my pf rules, including now allowing all
> ICMP unconditionally on all interfaces (pass out log quick inet proto icmp
> all). I have packet traces during the failed communication across pflog0,
> vlan0 (external network) and vlan7 (internal network). I’d be happy to
> answer any questions, or provide the traces off-list.
>
> Does anyone have any idea what I’ve missed? Thank you very much for your
> help.
>
> - Chris
>
> _______________________________________________
> [email protected] mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "[email protected]"
>
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[email protected]"
