* NFS UDP firewall reassemble failure
@ 2002-03-21 21:16 Shem Page
2002-03-22 0:54 ` Trond Myklebust
0 siblings, 1 reply; 2+ messages in thread
From: Shem Page @ 2002-03-21 21:16 UTC (permalink / raw)
To: nfs
I have discovered that my firewall will not re-assemble packets to a length
of more than about 1800 bytes (what fits in a single buffer).
I have been trying to mount a linux machine through the firewall and discover
that even if the mount is successful, once I start opening files, the mount
fails because the firewall cannot reassemble the packets to do it's stateful
inspection, hence it drops the packets so the client never sees the reply
from the server.
>From the packet traces it is evident that the NFS is sending fragments that
add up to well over 2k - too much for the software on the router to
reassemble.
I have been told by the maker of the router that this is not something they
intend to change in the near future, and perhaps I should look for a solution
within the configuration of the NFS.
So after quickly scanning some Man Pages, and also searching this archive, I
couldn't find any hint at how to restrict Mount, or NFSD to a limited packet
size.
Can people indicate to me whether this is possible to do, and perhaps where
I should begin.
Thanks in advance
Shem
--
==========================================================
Shem Page Tel 408 523-5305
Systems Engineer Fax 408 736-0100
Allied Telesyn Web: http://www.alliedtelesyn.com
960 Stewart Dr. Suite B email: Shem_Page@alliedtelesyn.com
Sunnyvale, California 94085
Simply connecting the IP world
==========================================================
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: NFS UDP firewall reassemble failure
2002-03-21 21:16 NFS UDP firewall reassemble failure Shem Page
@ 2002-03-22 0:54 ` Trond Myklebust
0 siblings, 0 replies; 2+ messages in thread
From: Trond Myklebust @ 2002-03-22 0:54 UTC (permalink / raw)
To: shem_page; +Cc: nfs
>>>>> " " == Shem Page <shem_page@alliedtelesyn.com> writes:
> So after quickly scanning some Man Pages, and also searching
> this archive, I
> couldn't find any hint at how to restrict Mount, or NFSD to a
> limited packet size.
You can't do this on the server side, however you can on the client side:
just specify the options 'rsize=1024,wsize=1024' in /etc/fstab.
Alternatively, if you have applied Neil's TCP server patches (see
http://cgi.cse.unsw.edu.au/~neilb/patches/linux-stable), you might
instead specify the 'tcp' mount option - again on the client.
Cheers,
Trond
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-03-22 0:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-03-21 21:16 NFS UDP firewall reassemble failure Shem Page
2002-03-22 0:54 ` Trond Myklebust
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.