login
Login / Register
Header Space

 
 

Home » Mailing list archives » openbsd-misc » 2008 » May » 20

Strange tos bits?

Score:
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Martin Hedenfalk <martin@...>
To: <misc@...>
Subject: Strange tos bits?
Date: Tuesday, May 20, 2008 - 4:28 am

Hello list,

I have a problem with an IPsec peer. My OpenBSD 4.1 responder (obsd in  
the tcpdump below) doesn't reply to pings in the tunnel. The initiator  
is an OpenBSD 4.1 appliance (not GENERIC kernel, but I don't think  
that's the problem). There are two NATed hosts behind the peer-gw, and  
one of them works fine. The len 160 packets are icmp echos btw.

The problematic peer is sending packets that gets TOS 0x3. If I  
understand the ECN RFC correctly, this means the sending router has  
set the Congestion Experienced codepoint, ie it is congested. I see  
the point for TCP, but this is UDP, so I'm not sure what behaviour is  
expected.

Is OpenBSD dropping these packets because of this?
If the sending gateway is broken I just need to get back with a good  
explanation.

15:58:16.725725 peer-gw.19062 > obsd.4500: [no cksum] udpencap: esp  
peer-gw > obsd spi 0x916EDE15 seq 1 len 132 [tos 0x3 (EC)] (ttl 51, id  
1823, len 160)
15:58:19.737917 peer-gw.19062 > obsd.4500: [no cksum] udpencap: esp  
peer-gw > obsd spi 0x916EDE15 seq 2 len 132 [tos 0x3 (EC)] (ttl 51, id  
30812, len 160)
15:58:22.757857 peer-gw.19062 > obsd.4500: [no cksum] udpencap: esp  
peer-gw > obsd spi 0x916EDE15 seq 3 len 132 [tos 0x3 (EC)] (ttl 51, id  
29700, len 160)
15:58:25.778924 peer-gw.19062 > obsd.4500: [no cksum] udpencap: esp  
peer-gw > obsd spi 0x916EDE15 seq 4 len 132 [tos 0x3 (EC)] (ttl 51, id  
17471, len 160)
15:58:27.412816 peer-gw.22417 > obsd.4500: [no cksum] udpencap: esp  
peer-gw > obsd spi 0x01CE4B59 seq 41 len 132 (ttl 51, id 60525, len 160)
15:58:27.412897 obsd.4500 > peer-gw.22417: [no cksum] udpencap: esp  
obsd > peer-gw spi 0xDA9BB2EC seq 41 len 132 (ttl 64, id 20442, len 160)
15:58:28.799610 peer-gw.19062 > obsd.4500: [no cksum] udpencap: esp  
peer-gw > obsd spi 0x916EDE15 seq 5 len 132 [tos 0x3 (EC)] (ttl 51, id  
7672, len 160)
15:58:29.265331 peer-gw.22417 > obsd.4500: [udp sum ok] NAT-T  
Keepalive (ttl 51, id 35799, len 29)
15:58:32.772233 peer-gw.19062 > obsd.4500: [udp sum ok] NAT-T  
Keepalive [tos 0x3 (EC)] (ttl 51, id 11876, len 29)
15:58:36.919621 peer-gw.19062 > obsd.4500: [no cksum] udpencap: esp  
peer-gw > obsd spi 0x916EDE15 seq 6 len 132 [tos 0x3 (EC)] (ttl 51, id  
32119, len 160)

I'm trying to track down where these TOS bits are set, but have had no  
luck yet.

tia
	-martin
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
Strange tos bits?, Martin Hedenfalk, (Tue May 20, 4:28 am)

Mail archive search
Enter your search terms.
Optionally limit your search to a specific mailing list.
advanced
Colocation donated by:
Who's online
There are currently 3 users and 1466 guests online.

Online users

Syndicate
Syndicate content
© 2007 KernelTrap.  |  Powered by Drupal.  |  Legal statement.
speck-geostationary