Linux replies to large (fragmented) ping6 packets with the fragments
sent in an unusual order. This seems to confuse Cisco routers, and with
large packets (16k) it actually makes a pinging Cisco crash (ok, that's
his fault, but still...)
Other systems we have tried (BSD/KAME) don't show this strange
behaviour. Is there any reason why Linux sends fragments in this order?
tcpdump snippet (turtle is a FreeBSD 3.4+KAME machine; panther is
a Linux 2.3.48 system, but 2.2.10 shows the same behaviour):
13:48:13.014602 turtle.ipv6.stack.nl > panther.ipv6.stack.nl: frag (0|1432)
icmp6: echo request
13:48:13.015091 turtle.ipv6.stack.nl > panther.ipv6.stack.nl: frag (1432|1432)
13:48:13.016322 turtle.ipv6.stack.nl > panther.ipv6.stack.nl: frag (2864|1432)
13:48:13.017264 turtle.ipv6.stack.nl > panther.ipv6.stack.nl: frag (4296|512)
13:48:13.410755 panther.ipv6.stack.nl > turtle.ipv6.stack.nl: frag (2864|1432)
13:48:13.570641 panther.ipv6.stack.nl > turtle.ipv6.stack.nl: frag (1432|1432)
13:48:13.665278 panther.ipv6.stack.nl > turtle.ipv6.stack.nl: frag (0|1432)
icmp6: echo reply
13:48:13.700859 panther.ipv6.stack.nl > turtle.ipv6.stack.nl: frag (4296|512)
Greetings,
Johan van Selst
|