as far as I can see, Linux sends out fragmented IP packets
"butt-first":
11:34:53.927146 alice > bob: (frag 44605:343@1480)
11:34:53.927189 alice.4831 > bob.udpdemo: udp 1815 (frag 44605:1480@0+)
(where the first packet is actually the fragmented 2nd part of the
second packet).
This confuses at least one firewall appliance. As I understand it,
this is done for efficency reasons. Still, is there any way to
suppress this and get the packets sent out in "head first" sequence? I
know that routers might resort the fragments again but in my case I
have an "alice -- firewall -- bob" topology which at the moment drops
the fragment on the floor...
Is there a way to configure this? Maybe even connection specific?
I tested 2.2.19 and 2.4.18 with 100 MBit Ethernet (3Com and eepro100).
Both show the same behaviour.
Regards
Henning
-- Dipl.-Inf. (Univ.) Henning P. Schmiedehausen -- Geschaeftsfuehrer INTERMETA - Gesellschaft fuer Mehrwertdienste mbH hps@intermeta.deAm Schwabachgrund 22 Fon.: 09131 / 50654-0 info@intermeta.de D-91054 Buckenhof Fax.: 09131 / 50654-20 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/