Subject: Re: kern/36309 ipf 4.1.20 breaks NAT setup
To: None <ipf-bug-people@NetBSD.org, gnats-admin@netbsd.org,>
From: Michael van Elst <mlelstv@serpens.de>
List: netbsd-bugs
Date: 05/27/2007 11:25:03
The following reply was made to PR kern/36309; it has been noted by GNATS.

From: Michael van Elst <mlelstv@serpens.de>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: kern/36309 ipf 4.1.20 breaks NAT setup
Date: Sun, 27 May 2007 13:23:34 +0200

 I have now updated to the latest 4.0_BETA2 with ipf4.1.22,
 the problem is still there.
 
 For a test, I have connected client and NAT router over Ethernet
 without IPSEC but have configured the ethernet interface on
 the NAT router with an MTU of 1200 to force fragmentation.
 
 The result is the same, a need-frag ICMP message is generated
 that contains the private address of the client and sent to
 the internet host.
 
 -- 
                                 Michael van Elst
 Internet: mlelstv@serpens.de
                                 "A potential Snark may lurk in every tree."