Changes between Initial Version and Version 1 of Ticket #348, comment 5


Ignore:
Timestamp:
01/19/14 12:57:32 (8 years ago)
Author:
john7000
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #348, comment 5

    initial v1  
    33Having examined the code I did wonder why recvmsg()/sendmsg() are only used when multihome is declared with recvfrom()/sendto() being used otherwise.  It seems to create unnecessary complexity in the code having both forms of the function calls.
    44
    5 HOWEVER I have found another udp/ipv6 issue.  It seems that the fragmentation algorithm does not take into account the larger IPv6 carrier header resulting in oversize UDP/IPv6 packets.  I observed that these big UDP packets are then fragmented by the network stack layer creating an additional small packet for the overflow.  This packet does not have a UDP header.  These raw IPv6 packets then get rejected by firewalls (like Cisco ASAs and routers) on the path.  They can be seen to send back ICMPv6 unreachable messages.  This causes the VPN communications to fail.  Would you like this reported as a new bug?
     5HOWEVER I have found another udp/ipv6 issue.  It seems that the fragmentation algorithm does not take into account the larger IPv6 carrier header resulting in oversize UDP/IPv6 packets.  I observed that these big UDP packets are then fragmented by the network stack layer creating an additional small packet for the overflow.  This packet does not have a UDP header.  These raw IPv6 packets then get rejected by firewalls (like Cisco ASAs and routers) on the path.  They can be seen to send back ICMPv6 unreachable messages.  This causes the VPN communications to fail.  Would you like this reported as a new bug?   - Now added as #364