[geeks] Further info on Sol8 networking problem

Martijn Pronk martijn at smartie.xs4all.nl
Thu Mar 21 17:55:42 CST 2002 

Joshua D Boyd wrote:

> So, I broke out tcpdump tonight (don't know why I didn't think of it earlier).
> 
> And when I type telnet cs.millersville.edu, tcp dump shows normal activity,
> plus the following sorts of messages over and over:
> 
> 02:01:05.359189 192.168.0.55.32776 > cs.millersville.edu.telnet: S 23529836:23529836(0) win 24820 <nop,nop,sackOK,mss 1460> (DF)
> 02:01:18.858901 192.168.0.55.32776 > cs.millersville.edu.telnet: S 23529836:23529836(0) win 24820 <nop,nop,sackOK,mss 1460> (DF)


If I read this correctly, it's trying to send a tcp packet with 1460 bytes
and the Don't Fragment bit on. This looks like it is thying to do Path 
MTU discovery. (Send a big TCP packet with DF set down the line and if 
there is a link between the two hosts with a smaller MTU the router will 
send a ICMP message Fragmentation Needed. The OS will try to send a 
smaller packet and the proces is repeated until the tcp connection is 
complete and the smaller MTU size is used until the tcp connection is 
dropped.)
If you're somehow not able to recieve these ICMP messages, your OS is 
going to be confused...

Since ping and DNS packets are generally small these packets are not 
affected by this.

How to test for this? Try pinging the host with a bigger than normal 
Ping packet. (Your ping program will be able to create bigger ping packets)
So you could try (Solaris 8 Ping syntax)
ping -s obelix.sillywalks.org   (normal size, should work if not blocked 
by network)
ping -s obelix.sillywalks.org 1472 (Should work if the mtu is at least 
1500 bytes)
ping -s obelix.sillywalks.org 500 (Should work...)

Try to find the biggest packet that comes through and you have found the 
mtu of the path between you and the other host.


> 
> Which is pretty much what I'd expect (I can't ping cs.millersville.edu due
> to the campus filtering icmp packets).


Are you behind this filter? Then that might be your problem.
Try setting the MTU lower or turn of Path MTU discovery.


> 
> Any idea why the servers aren't replying?  The packets are obviously making it


Probably because they can't hear you.

> out over my network, so why are the outside servers responding to my linux
> and netbsd machines, but not the Solaris one?  I don't know if this tcpdump
> is actually of any use, but it seemed worth trying.

Maybe these systems don't use path-mtu-discovery... (Not sure about 
that, and all this is only a guess, but these DF bits make me scary.)

Hope this helps,



Martijn

More information about the geeks mailing list