[nsd-users] Possible fragmentation issue transferring larger zones over IPv6?
Anand Buddhdev
anandb at ripe.net
Sun Mar 30 16:24:05 UTC 2014
On 29/03/2014 22:37, Darren Pilgrim wrote:
> I'm not sure how to document this other than showing you the "operation
> timed out: tcp" log entries and zonestatus output that shows the slaves
> are not getting the zone.
If NSD is emitting packets that are bigger than the IPv6 path MTU to the
slave, then a device along the path will send back an ICMP message
asking the source to fragment. If this ICMP message never reaches the
master, it won't know that it needs to fragment the packets, and will
keep sending bigger packets, and result in a timeout.
On the master, run tcpdump, and then send out large packets to the slave
(ping6 will do) and see if you're getting back the relevant ICMP
message, and whether the network stack on the master is adapting itself
to such a notificaiton.
Regards,
Anand Buddhdev
RIPE NCC
More information about the nsd-users
mailing list