Andrew Reilly wrote: > I ran a script using jot to send ping packets across the link, with > sizes varying from 1300 to 2300 bytes, while also watching the link with > tcpdump. > > Only one ping failed (it didn't even get out), with the following error > message: > ping: sendto: Message too long > > I also saw a few "ip reassembly time exceeded" messages in tcpdump, but > I'm not sure whether they were correlated. > > Most of my problems seem to have gone away when I added "add allow all > from any to any frag" to my firewall script. Not sure how it ever > worked at all without that, though.
Mind posting the IP addrs? I'd like to send you a few frags. ;-) Seriously, that's a workaround that wouldn't be acceptable here. I've noticed problems with some servers out *there* on the net, which send large TCP packets with DF set, but seemingly ignore the ICPM NEED FRAG error response. Ack. Pppt. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
