Setting IP DF bit in Solaris 2.4

Setting IP DF bit in Solaris 2.4

Post by Colm Anderso » Thu, 24 Oct 1996 04:00:00

Does anybody out there know of a Solaris kernel tweak to set/unset
the "Dont Fragment" bit in the IP header ?

Colm Anderson


1. Solaris 2.4 IP problem - DF bit always set

I recently ran into a problem with a Solaris box -
SPARC 10 running Solaris 2.4, kernel jumbo patch 101945-10.

The problem appeared when people on remote SLIP machines dialed
in to certain ISPs were unable to load the WWW pages from the Solaris
box.  A few bytes (80-120) would appear; then the connection
ground to a halt and no more data would come through (or it would
trickle through very slowly).

Removing most of the graphics from the page (it had several small
GIF and JPEG images) or tweaking the SLIP configuration a lot
(disabling MNP5 on the modems, etc) helped, but these were deemed
unacceptable solutions as the SLIP machines loaded pages from
non-Solaris machines just fine.

Further investigation with packet sniffers and such showed
a very high TCP retransmit rate.  It also showed that the
Solaris box is *always* setting the "dont't fragment" bit on
IP packets.

The only fix I've come up with so far is to set the MTU on
the ethernet interface to 255 (tried 535 and it helped, but
255 seems to help more) and also setting "ip_path_mtu_discovery 0"
in the /dev/ip driver.  I'm not certain if the latter resulted
in any measurable improvement but it didn't seem to hurt.

"showrev -p" shows the following patches have been applied:

101753-01 101829-01 101878-01 101879-01 101880-03 101902-01
101905-01 101907-02 101920-01 101921-04 101922-04 101923-03
101925-01 101933-01 101945-10 101959-02 101969-04 101975-01
101979-03 101981-01 101983-01 102001-03 102002-01 102003-01
102007-01 102011-02 102020-02 102035-01 102036-01 102037-01
102038-01 102044-01 102062-03 102079-01 102112-01 102137-01

Does anyone have any thoughts on other solutions or patches
for this problem?  I've looked through the list of fixes in
101945-27 (or -29 or whatever it was) as that seemed like a
likely place to find a fix - but it doesn't seem to have
anything relevent.  I don't want to apply yet another patch
unless it's fairly likely to help.

Leaving the MTU as low as it is will work but is a nasty
hack (IMO) and will probably adversely effect throughput
to the rest of the world.

BTW, this doesn't seem to be unique among Solaris machines.
I noticed that, which looks like it's running
Solaris, also has the DF bit set on every IP packet that I've
looked at... and the SLIP machines show the same problem when
trying to load WWW pages from that site.

Thanks -
                       -Robert Tarrall.-
                       Unix System/Network Admin
                       Laboratory for Computational Dynamics
                       CU - Boulder

2. Linex <?> PCI video card?

3. ?Make Xdefaults dependent on sreen size?

4. Setting DF bit in IP header.

5. ftape 1.13b overrun

6. How do I set ip addess etc on solaris 2.4

7. After compiling, what can I junk?

8. is it possible to set IP type-of-service on Solaris 2.4?

9. df incorrectly reports remaining space (Solaris 2.4)

10. ipfw (IP Firewall), proxy and IP routing on Solaris 2.4

11. Sparc 5/Solaris 2.4 TCP/IP Problem with SL/IP connections

12. sticky-bit on solaris 2.4 executables: does it help?