Subject: Re: IP DF problems (again)
To: Jukka Marin <jmarin@pyy.jmp.fi>
From: Jason Thorpe <thorpej@nas.nasa.gov>
List: current-users
Date: 02/01/1998 09:38:19 
On Sun, 1 Feb 1998 14:05:12 +0200 
 Jukka Marin <jmarin@pyy.jmp.fi> wrote:

 > Someone is trying to send mail to our machine from a m$ system, it seems.
 > The sender uses large IP packets with the DF flag set.  My NetBSD 1.2
 > router can't transmit the packets over a PPP line due to MTU of 576 bytes,
 > so it responds to the sender like this:
 > 
 > 13:44:04.878280 mailhost.orion.fi.34036 > kyyhky.jmp.fi.smtp: P 138:1598(1460) ack 373 win 8760 (DF)
 > 13:44:04.878446 muikku.jmp.fi > mailhost.orion.fi: icmp: kyyhky.jmp.fi unreachable - need to frag (DF)
 > 
 > Of course, the sender doesn't care but tries to send the packet all over
 > again.  Finally, it opens a new SMTP connection to our system and I end up
 > with several sendmail processes just hanging there, getting no data from
 > the sender.
 > 
 > Is there a way to tell the NetBSD 1.2 router to fragment the packets so
 > they would get through?  I have mailed to the postmaster of the sender
 > system, but if every single m$ driven machine in the world has this problem,
 > I will spend the rest of my life trying to convince them to get their TCP/IP
 > fixed... :-(

There is no way to tell NetBSD to violate such a fundamental Internet
standard :-)  And even if there were, if someone else along the way
decided to return needs-frag, the problem would persist.

It could be that the Windows system is trying to do PMTU discovery, or it
could be that the Windows system just can't deal with fragmentation properly
(I have heard reports of the latter).

I'd suggest continuing to send mail to the postmaster at the offending site,
and perhaps put their upstream provider in the loop if the problem persists.

 > It should be illegal to connect broken systems to the net!

Indeed, but this give us fuel to bash Microsoft at the next IETF :-)

Jason R. Thorpe                                       thorpej@nas.nasa.gov
NASA Ames Research Center                            Home: +1 408 866 1912
NAS: M/S 258-5                                       Work: +1 650 604 0935
Moffett Field, CA 94035                             Pager: +1 415 428 6939