Newer versions of Linux don't behave correctly #4

Closed
jfesler opened this Issue Mar 2, 2016 · 6 comments

Projects

None yet

1 participant

@jfesler
Member
jfesler commented Mar 2, 2016

Packet Too Big works up to Ubuntu 14, CentOS 7

Later versions don't. Needs investigation.

@jfesler
Member
jfesler commented Mar 2, 2016

Need to check:

  • Does mtu1280 actually get the big packets
  • If so, does the OS block the outgoing Packet Too Big response?
  • Is this related to netfilter libraries failing? Can we build on ubuntu 14, run on 15?
@jfesler jfesler added the bug label Mar 2, 2016
@jfesler
Member
jfesler commented Mar 4, 2016

I'm told ubuntu 15 fails. I tested the latest, and .. it seems to work.

jfesler@ubuntu15:/etc/iptables$ cat /etc/os-release 
NAME="Ubuntu"
VERSION="15.10 (Wily Werewolf)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 15.10"
VERSION_ID="15.10"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
jfesler@ubuntu15:/etc/iptables$ ps auxww |grep mtu1280 |grep -v grep
root       836  0.0  0.0  10592   124 ?        Ss   19:25   0:00 /usr/sbin/mtu1280d -d -q 1280
jfesler@ubuntu15:/etc/iptables$ sudo ip6tables-save -t mangle
# Generated by ip6tables-save v1.4.21 on Thu Mar  3 19:33:01 2016
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [77:6696]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [45:7368]
:POSTROUTING ACCEPT [45:7368]
-A PREROUTING -d 2001:470:1:18::4:239/128 -j NFQUEUE --queue-num 1280
COMMIT
# Completed on Thu Mar  3 19:33:01 2016

And from another host

zircon% ping6 -c 3 -M dont -s 1400 ubuntu15.gigo.com
PING ubuntu15.gigo.com(ubuntu15.gigo.com) 1400 data bytes
From ubuntu15.gigo.com icmp_seq=1 Packet too big: mtu=1280
From ubuntu15.gigo.com icmp_seq=2 Packet too big: mtu=1280
From ubuntu15.gigo.com icmp_seq=3 Packet too big: mtu=1280

--- ubuntu15.gigo.com ping statistics ---
3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2002ms

zircon% 
@jfesler
Member
jfesler commented Mar 4, 2016

CentOS 7.

zircon% ping6 -c 3 -M dont -s 1400 centos72.gigo.com
PING centos72.gigo.com(centos72.gigo.com) 1400 data bytes
From centos72.gigo.com icmp_seq=1 Packet too big: mtu=1280
From centos72.gigo.com icmp_seq=2 Packet too big: mtu=1280
From centos72.gigo.com icmp_seq=3 Packet too big: mtu=1280

Getting it working was a bit of a pain; enough things have changed that it might be time to revisit the makefiles and see if we can make things more seamless. In particular, make init.d did install an init.d file, but was not actually effective on reboot. Coupled with firewalld ..

@jfesler
Member
jfesler commented Mar 4, 2016

And.. it looks like instructions for systemd + firewalld systems might be soon in order.

@jfesler
Member
jfesler commented Mar 4, 2016

No actual bug fond. Updating status as appropriate.

@jfesler jfesler closed this Mar 4, 2016
@jfesler jfesler added invalid and removed bug labels Mar 4, 2016
@jfesler
Member
jfesler commented Aug 28, 2016 edited
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment