On 3/12/23 03:47, Markus Schönhaber wrote:
02.12.23, 14:27 +0100, fedora@xxxxxxxxxxxxxx:
I did not do any change to the firewall, which is probably the only place
I could break things (like dropping ICMP).
The modem has a feature "IPv4 SPI Firewall" and turning it off did not
help here.
Well, I'm out of ideas, then.
Anyway, if icmp if dropped then I expect simple pings will not get
though either, right?
Not necessarily. A packet filter might let one type of ICMP packets
through while blocking other ICMP types/codes.
But you can simply try if pings get through.
What you could also do is make a recording of network traffic when
trying to transmit files with a high MTU setting and look if you find
any ICMP type 3 code 4 packets in there.
I have done so and can see how there are no ICMP replies beyond the modem.
One example:
$ sudo ifconfig eth1 mtu 1500
$ date ; tracepath -4 -n -l 1500 -m 3 1.1.1.1 ; date
Sun Dec 3 10:43:49 AEDT 2023
1: 192.168.2.5 1.147ms
2: no reply
3: no reply
Too many hops: pmtu 1500
Resume: pmtu 1500
Sun Dec 3 10:43:55 AEDT 2023
2023-12-03 10:43:49.201984 IP (tos 0x0, ttl 1, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44444: UDP, length 1472
2023-12-03 10:43:49.202503 IP (tos 0xc0, ttl 64, id 22137, offset 0, flags [none], proto ICMP (1), length 576)
192.168.2.5 > 192.168.2.7: ICMP time exceeded in-transit, length 556
IP (tos 0x0, ttl 1, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44444: UDP, length 1472
2023-12-03 10:43:49.202768 IP (tos 0x0, ttl 2, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44445: UDP, length 1472
2023-12-03 10:43:50.203883 IP (tos 0x0, ttl 2, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44446: UDP, length 1472
2023-12-03 10:43:51.205034 IP (tos 0x0, ttl 2, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44447: UDP, length 1472
2023-12-03 10:43:52.206217 IP (tos 0x0, ttl 3, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44448: UDP, length 1472
2023-12-03 10:43:53.207372 IP (tos 0x0, ttl 3, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44449: UDP, length 1472
2023-12-03 10:43:54.207878 IP (tos 0x0, ttl 3, id 0, offset 0, flags [DF], proto UDP (17), length 1500)
192.168.2.7.46132 > 1.1.1.1.44450: UDP, length 1472
Some good news: I just had a call from my ISP who finally admitted that I am not the only
user with a similar issue. I emailed them my test logs. Maybe they will resolve this.
--
Eyal at Home (fedora@xxxxxxxxxxxxxx)
--
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
