Re: [masq] IP masquerading and fragmentation

Graham Mitchell (gmitch@woodlea.wintermute.co.uk)
Tue, 14 May 1996 21:41:31 +0000


On 14 May 96 at 17:26, masq@indyramp.com wrote:

> I have been running some tests on the IP Masquerading stuff,
> generally with reasonable results at present. However there is one
> case that completely floors it...
>
>
> The situation is:-
> <A> a client box, with reasonable IP stack that does
> (or attempts) MTU discovery - ie a Linux box
> It communicates with the internet via...
>
> <B> a Linux box acting as a masquerading router.
> The private network is one side, with <A> on it,
> the internet (by some means) on the other.

EXACTLY the setup I have.....:) Thank goodness someone else has
managed to show up the problem. I was beginning to think I was living
in the Twilight Zone here.....:)) In my case the router with the low
MTU is my IAP. The force it to 296, and wont change it, 'cos it works
fine for everyone else, and we dont want to risk screwing them up for
you', which I see their point if they're in business - doesnt help me
much tho.....:((

As you say, stripping the DF flag is quick, dirty and 'the wrong
thing'. However, if someone can point me to where it should be done,
I'll do my sources (I'm not intimate enough with the IPv4 code to be
100% sure that I'd do it correctly)

Also, since I dont know the code well enough to fix it, I will leave
it to those others with the knowledge. I am however MORE than willing
to test any patches anyone comes up with.

Graham

Ask not what you can do for your country,
but what your government is doing to you