netfilter buglog - Jun 2018 - [Bug 1266] New: bridge-nf-filter-pppoe-tagged mtu bug?

https://bugzilla.netfilter.org/show_bug.cgi?id=1266

            Bug ID: 1266
           Summary: bridge-nf-filter-pppoe-tagged mtu bug?
           Product: netfilter/iptables
           Version: linux-2.6.x
          Hardware: All
                OS: RedHat Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: bridging
          Assignee: netfilter-buglog at lists.netfilter.org
          Reporter: realvoland at yandex.ru

down vote
favorite

CentOs 6.9

I already has cofigured brdge br0:

(user.pppoe)-------(server.brdge)-------(ISP)

So, now I want to filter out IP packets by IP adressess from PPPoE traffic that
passes over the bridge. 
Server hasn't local ppp interfaces,only bridge and one management interface.

But. Then I seting up system variables:

bridge-nf-call-iptables=1
bridge-nf-filter-pppoe-tagged=1

User got a problem - Some sites are unable to load and give an error.

If I set variables like that:

bridge-nf-call-iptables=1
bridge-nf-filter-pppoe-tagged=0

or unset both to 0, all of sites working fine.

Seems like MTU Black Hole issure. I tried to change MTU by MSS value in
iptables, switching iptabless off, but unfortunatly.

Is it netfilter bug? How to fix it?

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180630/fd0f507d/attachment.html>