David S. Miller wrote:

>Hey guys, please try to take a look at this one.
>
>There are multiple confirmations that merely having ipt_MASQUERADE
>loaded or built into the kernel causes PMTU ICMP messages to be
>ignored in the current kernel.
>
>I suspect this is more fallout from Rusty's recent conntrack/nat
>stuff.  Maybe it'll result in some more nfsim testcases being
>added, so perhaps not such a bad thing afterall :-)
>
You were right, NAT messes up the inner packet pretty badly :)

IP (tos 0xd0, ttl  64, id 40755, offset 0, flags [none], length: 88) 
172.16.1.123 > 172.16.1.123: icmp 68: type-#142 for IP (tos 0x10, ttl 
180, id 13605, offset 0, flags [DF], length: 60, bad cksum e8b3 
(->73d8)!) 172.16.1.123 > 172.16.195.55:  ip-proto-225 40

This patch fixes it.

Signed-off-by: Patrick McHardy <kaber@trash.net>