[Openswan Users] UDP fragmentation in Linux

[Paul Wouters]

On Fri, 4 Mar 2005, Marcus Leech wrote:

> No, I haven't.  I'm still doing more tests.  The system I wrote the test code 
> on doesn't have any ipchains/iptables
> turned on (which doesn't necessarily mean that it isn't going through the 
> IPTABLES code).
>
> I've attached my small test program.  You can see the offening behaviour if 
> you run this program, and
> use TCPDUMP in another window.  In modern TCPDUMPS, the IP flags field is 
> set to [+], which means
> "more fragments to follow", but none will appear for the UDP packets with 
> UDP length of 3000, since the
> MTU (for ethernet) will be 1500.

It seems to work for me too:



19:37:53.539129 IP (tos 0x0, ttl  64, id 22814, offset 0, flags [+], proto 17, length: 1500) 193.110.157.17.36048 > 10.0.0.10.555: UDP, length 3000
19:37:53.540647 IP (tos 0x0, ttl  64, id 22814, offset 1480, flags [+], proto 17, length: 1500) 193.110.157.17 > 10.0.0.10: udp
19:37:53.542274 IP (tos 0x0, ttl  64, id 22814, offset 2960, flags [none], proto 17, length: 68) 193.110.157.17 > 10.0.0.10: udp
19:37:54.573442 IP (tos 0x0, ttl  64, id 22815, offset 0, flags [none], proto 17, length: 328) 193.110.157.17.36048 > 10.0.0.10.555: UDP, length 300
19:37:55.575294 IP (tos 0x0, ttl  64, id 22816, offset 0, flags [+], proto 17, length: 1500) 193.110.157.17.36048 > 10.0.0.10.555: UDP, length 3000
19:37:55.576738 IP (tos 0x0, ttl  64, id 22816, offset 1480, flags [+], proto 17, length: 1500) 193.110.157.17 > 10.0.0.10: udp
19:37:55.578125 IP (tos 0x0, ttl  64, id 22816, offset 2960, flags [none], proto 17, length: 68) 193.110.157.17 > 10.0.0.10: udp
19:37:56.578136 IP (tos 0x0, ttl  64, id 22817, offset 0, flags [none], proto 17, length: 328) 193.110.157.17.36048 > 10.0.0.10.555: UDP, length 300

I tested with both forwarding and rp_filter settings changed and with and without ip_conntrack. It all 
seems to just work. This is on 2.6.10-1.766_FC3.

Paul

-- 

"At best it is a theory, at worst a fantasy" -- Michael Crichton