After wondering why my email was seeing MTU-like issues once I enabled
an record, I see that pf is dropping IPv6 packets that are
fragmented.
pf.conf(5):
1546: Currently, only IPv4 fragments are supported and IPv6 fragments are
blocked unconditionally.
in pf.c, under #ifdef INET6:
4402
On Fri, Dec 05, 2008 at 12:43:33PM -0600, Todd T. Fries wrote:
>
> Theory suggests that PMTUD should handle things such that fragments do not
> appear, but encapsulation and tunneling via IPSec tend to generate them
> anyway..
Are we not breaking PMUTD by silently dropping these? Shouldn't there
On Fri, Dec 05, 2008 at 01:56:04PM -0600, Todd T. Fries wrote:
> It was not stated, but I've setup firewalls in the past, I presume you
> have a firewall that is doing 'block in' as a catchall (which catches
> the fragments) ..
>
> Set your return policy on that rule if you wish it to return.
ok
On Fri, Feb 06, 2009 at 04:16:57PM +0100, Simen Stavdal wrote:
> Hello,
>
> I've had a similar issue before, and cannot quite remember in detail, but it
> was something like this ;
thanks Simon for that - it's similar but not the same issue. uux
[hmnbx4r...@gatekeeper.wzrd.com] on #openbsd sorted
Hi,
when I change my router-id within /etc/ospfd.conf, my OSPF neighbour
will not go past EXSTA, but Cisco IOS will see the router-id as a new
router and go all the way to FULL.
How can I clear the neighbour association? `ospfctl reload` does nothing. I
would prefer not to kill the process as it
On Fri, Sep 05, 2008 at 02:59:47PM -0700, andrew fresh wrote:
> The problem I am seeing is that if I don't specify a router-id in
> ospfd.conf, then if the highest IP on a peer router changes the automatic
> Router ID, the session fails to start with a "failed to form adjacency with
> " error.
I s
Hi,
scrub in log... passes pfctl -nf but doesn't report anything.
I know for a fact that it is doing *something* - does anyone know if
it's possible to see a real time activity of 'scrub' from pflog0 ?
Regards,
C.
--
020 7729 4797
http://blog.playlouder.com/
On Fri, Nov 28, 2008 at 10:50:00AM +, td wrote:
> Charlie Allom wrote:
> > Hi,
> >
> > scrub in log... passes pfctl -nf but doesn't report anything.
> >
> > I know for a fact that it is doing *something* - does anyone know if
> > it's pos
Hi,
I am trying to setup an active/active routing firewall setup with OSPF
so it load shares the traffic equally.
I am have created a test lab with IOS ASBR's that have
`default-information originate always` so I then can see 2 routes to
0.0.0.0/0.0.0.0 via 2 routes.
It seems there is a limitati
9 matches
Mail list logo
