Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: David Haller <gentoo@×××××××.de>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] {OT} ISP requires MTU below 1500?
Date: Tue, 20 Sep 2016 15:57:36
Message-Id: 20160920155650.2rlyahbqy4tduhtp@grusum.endjinn.de
In Reply to: Re: [gentoo-user] {OT} ISP requires MTU below 1500? by Grant
1 Hello,
2
3 On Tue, 20 Sep 2016, Grant wrote:
4 [..]
5 >> $ ping -n -c 1 -M dont -s 1465 www.dslreports.com
6 >> PING www.dslreports.com (64.91.255.98) 1465(1493) bytes of data.
7 >> 1473 bytes from 64.91.255.98: icmp_seq=1 ttl=51 time=137 ms
8 >>
9 >> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
10 >> rtt min/avg/max/mdev = 137.888/137.888/137.888/0.000 ms
11 >>
12 >> ==== corresponding tcpdump -n -i eth0 icmp ====
13 >> 15:47:07.983484 IP 192.168.178.11 > 64.91.255.98: ICMP echo request, id 3595, seq 1, length 1472
14 >> 15:47:07.983494 IP 192.168.178.11 > 64.91.255.98: icmp
15 >> 15:47:08.121308 IP 64.91.255.98 > 192.168.178.11: ICMP echo reply, id 3595, seq 1, length 1472
16 >> 15:47:08.121343 IP 64.91.255.98 > 192.168.178.11: icmp
17 >> ====
18 >>
19 >>
20 >> Two packets sent and received for 1493 bytes packet size / 1465 bytes
21 >> ping-payload.
22 >>
23 >> Try with e.g. 'ping -c 4 -M dont -s 1472 www.dslreports.com' for
24 >> yourself to see, that you'll send/recv 2 packets for each ping-packet
25 >> (and 1472 bytes is the ping-payload that just fits into the standard
26 >> 1500 bytes MTU).
27 >
28 >
29 >Strangely, I'm able to ping with that command even with a very high -s value:
30 >
31 >$ ping -c 4 -M dont -s 9999 www.dslreports.com
32 >PING www.dslreports.com (64.91.255.98) 9999(10027) bytes of data.
33 >10007 bytes from www.dslreports.com (64.91.255.98): icmp_seq=1 ttl=54
34 >time=331 ms
35 >10007 bytes from www.dslreports.com (64.91.255.98): icmp_seq=2 ttl=54
36 >time=329 ms
37 >10007 bytes from www.dslreports.com (64.91.255.98): icmp_seq=3 ttl=54
38 >time=329 ms
39 >10007 bytes from www.dslreports.com (64.91.255.98): icmp_seq=4 ttl=54
40 >time=329 ms
41 >
42 >4 packets transmitted, 4 received, 0% packet loss, time 3003ms
43 >rtt min/avg/max/mdev = 329.159/329.877/331.612/1.158 ms
44
45 Look again! You're just looking at the _PING_ packets, not the ICMP/IP
46 packets actually going over the interface! You'll need to run
47 'tcpdump icmp' in parallel! "My ping" also just reports 1 packet, but
48 there's two IP packets actually going over the interface, due to the
49 ping-packet being too large and being fragmented.
50
51 Start the tcpdump in another (x)term before running the "ping" ...
52
53 If you use '-M do', you should get the
54
55 "Frag needed and DF set (mtu = NNNN)"
56
57 error from ping. "-M dont" explicitly allows fragmentation, which you
58 can then see with tcpdump. E.g. a with my MTU of 1492, a
59
60 ==== ping -n -c 1 -M dont -s 9999 192.168.178.1 ====
61 PING 192.168.178.1 (192.168.178.1) 9999(10027) bytes of data.
62 10007 bytes from 192.168.178.1: icmp_seq=1 ttl=64 time=2.79 ms
63
64 --- 192.168.178.1 ping statistics ---
65 1 packets transmitted, 1 received, 0% packet loss, time 0ms
66 rtt min/avg/max/mdev = 2.795/2.795/2.795/0.000 ms
67 ====
68
69 results in
70
71 ==== tcpdump -n -i eth0 icmp ====
72 17:40:11.901583 IP 192.168.178.11 > 192.168.178.1: ICMP echo request, id 11363, seq 1, length 1472
73 17:40:11.901597 IP 192.168.178.11 > 192.168.178.1: icmp
74 17:40:11.901599 IP 192.168.178.11 > 192.168.178.1: icmp
75 17:40:11.901600 IP 192.168.178.11 > 192.168.178.1: icmp
76 17:40:11.901602 IP 192.168.178.11 > 192.168.178.1: icmp
77 17:40:11.901603 IP 192.168.178.11 > 192.168.178.1: icmp
78 17:40:11.901605 IP 192.168.178.11 > 192.168.178.1: icmp
79 17:40:11.903762 IP 192.168.178.1 > 192.168.178.11: ICMP echo reply, id 11363, seq 1, length 1480
80 17:40:11.903779 IP 192.168.178.1 > 192.168.178.11: icmp
81 17:40:11.903984 IP 192.168.178.1 > 192.168.178.11: icmp
82 17:40:11.903997 IP 192.168.178.1 > 192.168.178.11: icmp
83 17:40:11.904227 IP 192.168.178.1 > 192.168.178.11: icmp
84 17:40:11.904241 IP 192.168.178.1 > 192.168.178.11: icmp
85 17:40:11.904338 IP 192.168.178.1 > 192.168.178.11: icmp
86 ====
87
88 Yes, that is just the _one_ ping packet.
89
90 Read up on the links I gave you about fragmentation and IP(v4) in
91 general a bit ;) It's much better described there than I could ATM.
92
93 Which does not mean not to ask for stuff that's unclear.
94
95 HTH,
96 -dnh, who seems to have a knack for translating "techese" to normal
97 language ... Actually, I guess fragmentation can be explained
98 quite nicely by comparing to real-life packets ;) You'd get an
99 basically unlimited supply of courier boys, but you can get just
100 so many incoming and outgoing through the doors ;)
101
102 *grepping out the appropriate sig for that*
103
104 --
105 No trees were destroyed in the sending of this message, however, a
106 significant number of electrons were terribly inconvenienced.

Replies

Subject Author
Re: [gentoo-user] {OT} ISP requires MTU below 1500? Grant <emailgrant@×××××.com>
Report Message
Find on MARC Find on Google Groups