Re: Ugly problem with ebtables

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
To: netfilter@vger.kernel.org
Subject: Re: Ugly problem with ebtables
Date: Mon, 27 Apr 2009 15:30:30 +0200	[thread overview]
Message-ID: <49F5B376.2090101@plouf.fr.eu.org> (raw)
In-Reply-To: <c5f74e0f56607a07b993f7b3e858a659.squirrel@limbo.ari.es>

Hello,

Juan Antonio Rodriguez Moreno a écrit :
> 
> I have a linux bridged machine, with eth1 and eth2 port on br0. I'm using
> ebtables to up smtp traffic on routing process and iptables to mark it. I
> route this traffic over openvpn tunnel tun0.
> 
> That's all right but when IP fragment a packet and send the former frame
> without the PUSH flag, this frame dissapear.

What your traces shows below is not IP fragmentation (which has nothing 
to do with PUSH which is a TCP flag) but TCP segmentation.

> I can see all traffic on the sending point of the tunel, but the frames
> without the PUSH flag set don't arrive on the another side.

IIUC, some packets enter the bridge, are routed through the tunnel and 
don't arrive at the other end. What makes you think that ebtables is 
involved ?

Couldn't it be an MTU problem in the tunnel ? AFAIK, when TCP transmits 
a message which must be segmented, it sends maximum-size segments 
without the PUSH flag and a last smaller segment with the PUSH flag set 
containing the remaining data.

next prev parent reply	other threads:[~2009-04-27 13:30 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-04-27 10:02 Ugly problem with ebtables Juan Antonio Rodriguez Moreno
2009-04-27 13:30 ` Pascal Hambourg [this message]
2009-04-27 20:26   ` Juan Antonio
2009-04-28  9:40     ` Pascal Hambourg
2009-04-28 11:56       ` Juan Antonio

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=49F5B376.2090101@plouf.fr.eu.org \
    --to=pascal.mail@plouf.fr.eu.org \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox