Currently when FreeBSD responds to a ICMP Echo Request, it takes the
original mbuf, rewrites a couple of fields (like the src/dst IP and
the ICMP type), and then sends that mbuf back. As things are
currently implemented, the Don't Fragment bit is kept in the ICMP
replay. This can cause problems for large ICMP Echo Requests if the
MTU on the return route is less than the MTU on the incoming route and
the DF bit is set(Linux's ping command sets it by default). Is it
intended that the DF bit from the Request be copied into the Reply?
If not, this patch fixes the issue for me:
--- ip_icmp.c 2011-10-06 14:54:14.000000000 -0400
+++ ip_icmp.c 2011-10-06 15:12:27.000000000 -0400
@@ -767,6 +767,7 @@
#endif
ip->ip_src = t;
ip->ip_ttl = V_ip_defttl;
+ ip->ip_off = 0;
if (optlen > 0) {
register u_char *cp;
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
