Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    path MTU discovery problem

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 460 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z Offline
      zacha
      last edited by zacha

      Hello!

      I have a gif interface with MTU 1452 set. When I send packages of 1452 bytes size it works out correctly:

      20:12:05.543941 IP6 2001:XXX::2 > 2a02:2e0:3fe:1001:7777:772e:2:85: ICMP6, echo request, seq 1, length 1412
      20:12:05.565816 IP6 2a02:2e0:3fe:1001:7777:772e:2:85 > 2001:XXX::2: ICMP6, echo reply, seq 1, length 1412

      But when i rais the size about 1 byte I expectedly get a "message to big" message:

      20:14:46.282562 IP6 2001:XXX::2 > 2a02:2e0:3fe:1001:7777:772e:2:85: ICMP6, echo request, seq 1, length 1413
      20:14:46.282917 IP6 2001:XXX::1 > 2001:XXX::2: ICMP6, packet too big, mtu 1452, length 1240

      The client learns the path mtu correctly and fragments the packages afterwards, but the fragments don't get past the pfsense router for some reason:

      20:16:12.338663 IP6 2001:XXX::2 > 2a02:2e0:3fe:1001:7777:772e:2:85: frag (0|1400) ICMP6, echo request, seq 1, length 1400
      20:16:12.338694 IP6 2001:XXX::2 > 2a02:2e0:3fe:1001:7777:772e:2:85: frag (1400|13)
      20:16:12.339201 IP6 2001:XXX::1 > 2001:XXX::2: ICMP6, destination unreachable, unreachable address 2a02:2e0:3fe:1001:7777:772e:2:85, length 69

      pfsense now tells me destination is unreachable but why???
      Does anyone have a clue what is going on here?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.