On Wed, Mar 03, 1999 at 12:44:09AM +1200, Keith Owens wrote:
> There is one corner case where masq does not reformat an outgoing
> packet correctly and it is causing some of the pMTU problems people are
> reporting.
>
> +------+ High MTU High MTU +------+ Low MTU High MTU +------+
> |Server|----------------------| masq |----------------------|Client|
> +------+ +------+ +------+
>
> The SYN packets contain a high MTU and the server sends a large packet
> with DF. The packet is demasqed then forwarded to the client. It hits
> the low MTU interface and generates ICMP_FRAG_NEEDED to the server.
> Alas the "original" datagram in the ICMP contains the client address
> and port number. The server has no record of that session, ignores
> ICMP and resends a big packet.
>
> Admittedly this is a silly way to configure a system but some people
> have done it. The patch below against 2.2.2-ac7 fixes the problem for
> me, replacing client address and port with masq data. However it is
> ugly and I am not sure that I covered all the bases. Flame away :).
>
> [patch skipped]
Patch correctly handles out->in(DF!)->out rewriting, but the opposite case will
need similar hacking.
I'll make a (test)patch for tomorrow.
--
-- Juanjo
PS: Ank, do you have a kernel-ss patch for 2.2.2? I need a
stable CBQ and I don't like sta{ll|y}ing @2.2.1
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
