[asterisk-dev] UDP packet options/flags
Steve Davies
davies147 at gmail.com
Thu May 4 04:35:32 MST 2006
Hi,
I realise that this is not strictly an Asterisk question, but perhaps
someone could point me to where I can obtain clarification...
It seems that UDP SIP packets generated by Asterisk on a Linux
platform are generated with the "DF" (Don't Fragment) bit set (ie. UDP
Path MTU discovery is enabled). This in itself is not a major problem
because the SIP protocol retries quickly enough that an MTU corrected
request is retried (fragmented), and all is happy. The problem is that
some firewalls do not play nicely with Fragments that have the DF bit
set (which happens in Linux's UDP Path MTU discovery)
>From the Linux 'ip' manpage:
IP_MTU_DISCOVER
Sets or receives the Path MTU Discovery setting for a socket.
When enabled, Linux will perform Path MTU Discovery as defined
in RFC1191 on this socket. The don't fragment flag is set on all
outgoing datagrams. The system-wide default is controlled by the
ip_no_pmtu_disc sysctl for SOCK_STREAM sockets, and disabled
on all others.
UDP packets are SOCK_DGRAM, and should therefore default to having
PMTU discovery _off_. Asterisk does not actively enable PMTU discovery
on DGRAM sockets, so I cannot see why the 'DF' bit is set on these
packets...
As I said, any clues are welcome.
Thanks,
Steve
More information about the asterisk-dev
mailing list