Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

IP Packet fragmentation

807567Mar 23 2004 — edited Apr 27 2004

Hello, all.
I've posted a similar message in the public 'network configuration' forum, but maybe you kernel-types will know something useful...

I have a problem with some Solaris 2.8 systems due to the fact that all outgoing IP packets have the 'DO_NOT_FRAGMENT' bit set to 1. When an outgoing UDP packet exceeds the MTU of the attached network (which happens often with NFS), it is fragmented in the stack and the 'MORE_FRAGMENTS' bit is also set.

The validity of this combination is dubious -- to the extent that our IPSec VPN software drops such packets, which is obviously a problem!

Does anybody know how to suppress the 'DO_NOT_FRAGMENT' bit in IP packets, either by configuration (preferred) or programatically (if that's what we have to do)? I've already tried:

ndd -set /dev/ip ip_path_mtu_discovery 0

but with no apparent effect. Do I need to restart the network interface after this change? I didn't think so.

Please help - I am desperate!

Dave

Locked Post

New comments cannot be posted to this locked post.

Locked on May 25 2004

Added on Mar 23 2004

#kernel, #oracle-solaris

2 comments

994 views