On Wed, Jan 20, 2010 at 10:57:15AM -0800, David Christensen wrote:
> > While trying to debug the same issue I stumbled across this
> > thread ... We've got HS22 blades (IBM BladeCenter) which
> > habe the BCM5709S and suffer from exactly the same problem.
> >
> > Dave, are there any news regard
On Thu, Mar 18, 2010 at 02:20:56PM -0700, David Christensen wrote:
> > >> Ooo!!
> > >>
> > >> Could you link me though to the patch Oliver, I don't seem to find
> > >> any post on this thread between today and mid last year?
> > >>
> > >
> > >Let's give more time to David. He can test my guess work
Hello,
While making some tests with fragmented udp DNS responses (with
EDNS0), we discovered a possible problem with ipf and pf in FreeBSD
6.2 and 7.0 (200705 snapshot).
Our test is a DNS query to an DNSSEC enabled server which replies with
a ~4KB udp response. We do this with the following dig
Ok. I understand that, but in FreeBSD 4.11 it works and without the
"keep frags" the query is blocked. Is it just a misbehaviour of
an old ipf version?
And there is also the different behaviour of pf under OpenBSD. As I
understand, the "scrub" rule should reassemble the fragments and pass
the comp
