similar to: MTU, PMTU & DF flag

Displaying 20 results from an estimated 2000 matches similar to: "MTU, PMTU & DF flag"

2015 May 14
0
MTU, PMTU & DF flag
On Thu, May 14, 2015 at 10:12:40 +0200, Florent B wrote: > On 05/13/2015 05:00 PM, Guus Sliepen wrote: > > I have no experience with Ubuntu, but I find it hard to believe it would > > block ICMP Fragmentation Needed packets out of the box. > > I can confirm you that this is the case. Ubuntu ignores those ICMP > packets... :( (rp_filter settings) > > You can see it
2015 May 13
0
MTU, PMTU & DF flag
On Wed, May 13, 2015 at 04:41:30PM +0200, Florent B wrote: > I have MTU problems when all these conditions are true: > - a client is running Ubuntu (ICMP messages about PMTUd are ignored on > it by default) I have no experience with Ubuntu, but I find it hard to believe it would block ICMP Fragmentation Needed packets out of the box. > - a client is accessing us from a particular
2014 Feb 25
3
PMTU = 1518 over local network at 1500 MTU
Hi all, I have two nodes, connected to a switch, using Tinc 1.1 from git. They connect each other with sptps, and to other nodes in the Internet with old protocol because they have Tinc 1.0. There is no problem with remote nodes, but between my 2 local nodes, they see 1518 PMTU. But local network is 1500 MTU !!! So nodes can ping each other but larger data does not go. test1=sllm1 test2=sllm2
2010 Nov 26
2
PMTU Discovery Question
Hi Guus, while checking the source code, I stumbled upon PMTU Discovery. I've got a question regarding the process of sending/receiving PMTU packets. As I understand, the packet flow is like this: 1 .Tinc creates a packet with a specific payload length to send it as an PMTU probe. (The data part is just some random bytes.) 2. This packet gets compressed and sent
2011 Aug 16
1
Node problems.
Hi, I get de following error messages in the logfile: var/log/tinc.ci1070300036.log:2011-08-16 14:12:54 tinc.ci1070300036[10834]: Possible node with same Name as us! Sleeping 10 seconds. I know that i don't have duplicate node names. But i see some strange node names: Al my node names start with ci but there is a node a did not create my self, and that is ca1070300036 How can i remove
2015 Jul 31
0
Indirect routing issue?
Hi there, I am experiencing an annoying but not critical issue with (I think) tinc's internal routing. My setup is this: HostA (local. ConnectTo = HostC) HostB (geographically close. ConnectTo = HostC) HostC (far away. ConnectTo = nothing) Without tinc, pings from HostA to HostB take around 10ms, and from HostA/B to HostC around 200ms. With tinc, pings from HostA to HostB take nearly
2012 Sep 29
1
Error during decryption of meta key
Hi, I've got a relatively simple tinc setup. I've got two "servers" that are on the public internet that act as routers for three "clients" that are behind NATs. Those servers are called aaaaa and bbbbb the clients are xxxxx, yyyyy and zzzzz Unfortunatly the servers have problems accepting a connection from the clients syslog on aaaaa: Sep 29 18:28:58 schuerrer
2011 Jan 05
1
PMTU Discovery
Dear Guus, while improving the PMTU Discovery algorithm, I found the following behavior in the method "send_udppacket": 1) The code checks, whether the data size is smaller than the MTU, thus if it fits into a single UDP packet. If not, you send the packet via TCP. 2) The data is compressed, changing its size. (Usually, making it smaller, but that's not always
2013 May 12
1
connectivity issues
Hi Guus and List, Since the CVE-2013-1428 was announced, I followed the recommendation to update my windows machines to tinc1.1pre7. I've had connectivity issues since upgrading. I've done some debugging but I can't figure out when or why its happening. All machines on the network are running Windows 7 or Windows 2008R2 Enterprise server and tinc 1.1pre7. I've got one master
2008 Oct 14
3
Sendmail and pmtu discovery
We have an issue with some customers who refuse to accept ICMP traffic to their mail servers. It seems that they have put Mordac, preventer of information services in charge of their firewall policy (http://en.wikipedia.org/wiki/List_of_minor_characters_in_Dilbert#Mordac). My mail logs are showing that customers who specifically disallow ICMP traffic have many "Connection Reset"
2014 Nov 12
2
Connection failing between 2 nodes with dropped packets error
Hi, I'm sometimes getting a failure of connecting 2 nodes when Tinc is started and configured in a LAN. In the logs, there are some unexpected dropped packets with very high or negative seq. I can reproduce this issue ~2% of the time. When this happens, the 2 nodes can no longer ping or ssh each other through the tunnel interface but using eth0 works fine. The connection can recover after at
2013 Jan 19
1
Ethernet frame header size of TAP device and apropriate MTU calculation
Hello, all! I have many questions about tap device architecture. What is a right way to calc mtu on TAP device to avoid fragmentation on real eth device? I suppose TAP MTU = 1500-8(UDP)-20(IP)-18(Ethernet) = 1454. So I'd set 1454 for tap device: "ip link set mtu 1454 dev eth0" I'm not shure about what is the exact size of ethernet frame header, which tap device use in switch
2015 Apr 21
1
Questions about routing issue
Hello, I'm running a tinc network including dozens of nodes in switch mode. Some are running stable branch 1.0, while a small set of nodes are running 1.1 with ed25519 support. I discovered some routing issue between two nodes: (names are hidden) A (1.1): ConnectTo = B ConnectTo = C IndirectData = yes Mode = Switch B (1.0): Mode = Switch C (1.1 but only with RSA key): Mode = Switch
2005 Dec 27
0
PMTU - ICMP type 3/subtype 4 on 2.4.x
Hello, I try to set up my Linux 2.4.x system to respond by "ICMP Destination Unreachable message" subtype 4 ("fragmentation needed and DF set") in order to support the Path MTU Discovery (RFC 1191) as a router. There is any /proc/xxx parameter to do this? Thanks Mugur _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl
2013 Jun 05
0
[Bug 662] netfilters clamp-mss-to-pmtu sets bad MSS when none was set before
https://bugzilla.netfilter.org/show_bug.cgi?id=662 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED CC| |netfilter at linuxace.com Resolution|
2014 Sep 28
1
Proposals for UDP information transport over the metagraph
While working on SPTPS UDP relaying I realized that there is one issue I didn't account for, which is that the sending node only knows the PMTU to the first relay node. It doesn't know the PMTU of the entire relay path beyond the first hop, because the relay nodes don't provide their own PMTU information over the metaprotocol. Now, in the legacy protocol this is not really an issue,
2016 Mar 20
8
[Bug 1058] New: Add clamp MSS to MTU
https://bugzilla.netfilter.org/show_bug.cgi?id=1058 Bug ID: 1058 Summary: Add clamp MSS to MTU Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter:
2003 Apr 14
1
http://lartc.org/howto/lartc.cookbook.mtu-mss.html
current content below is annotated by some suggestions of things to add along with questions for those who know more than I do [in brackets] ================ # iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu This calculates the proper MSS for your link. [If I understand the code correctly ... - expert intervention invited] More precisely, this sets the
2006 Jan 30
1
Shared ADSL SHAPER
Hi, I''m trying to make a shaper / firewall to improve sharing of bandwidth on a ADSL (3mbit down / ½ mbit up) Since the ADSL is very asymmetric, down is unimportant, I make a ingress rate limit shaper to ensure, all shaping is at the Shaper, and not on the Router or the ISP. The Idea is then to make one HTB hierarchy and have each client (IP) filtererd and put in a child-HTB queue.
2011 Jan 03
1
Tinc improvements
Dear Guus, I've attached my first git commit to your repository. It does not contain any new functionalities, but it is a first try to interact with your git copy. Could you please verify, if you can push this commit to your repository? If it works, I'll send you the rest of my work, which contains: 1) some small improvements in logging (using flags instead of counters) 2) the