lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4684F80D.9070201@domdv.de>
Date:	Fri, 29 Jun 2007 14:16:13 +0200
From:	Andreas Steinmetz <ast@...dv.de>
To:	Patrick McHardy <kaber@...sh.net>
CC:	Linux Kernel Mailinglist <linux-kernel@...r.kernel.org>,
	netfilter-devel@...ts.netfilter.org
Subject: Re: mss to pmtu clamping partially broken?

Patrick McHardy wrote:
> Andreas Steinmetz wrote:
>> Patrick McHardy wrote:
>>
>>> - assuming you have ethernet internally, the PMTU from your router
>>> to the internal hosts is 1500, so it won't do any clamping.
>>>
>>
>> Yep, internal PMTU is 1500, still the incoming packets are clamped to
>> 1452 on the one line and not clamped on the other.
>>
>>
>>> Does that explain it?
>>>
>>> A useful thing for TCPMSS for routers would be to clamp to the
>>> minimum of the PMTU of both directions. But thats not supported
>>> so far.
>>>
>>
>> I wonder, as somteimes it gets clamped. If it would never have been
>> clamped I wouldn't have asked.
> 
> 
> Its possible that one of your ISPs is doing clamping. You could

This would be fun as it is the same ISP for both lines. I'll check next
week as the lines are located 40km away.

> check on ppp0 if thats the case. Or maybe for some reason the
> PMTU value for the internal host is smaller than 1500. You can
> check that by doing "ip route get <internal host>".
> 

No. Unmodified internal network in both test cases.

> 


-- 
Andreas Steinmetz                       SPAMmers use robotrap@...dv.de
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ