Linux host does not retransmit with a lower packet size in response to ICMPv6 Packet Too Big message

Question

I'm seeing this in Wireshark when curling this URL:

On the same network, a Windows host retransmits properly, but an Android host does not. On a different network (presumably appropriately configured), the same Android host works.

What could be the cause?

univerio · Accepted Answer · 2016-04-03T17:28:02.833

2

I've figured out the problem.

This is caused by TCP sequence number randomization in my firewall. The kernel was apparently unable to figure out which TCP connection the Packet Too Big message was referring to so it couldn't retry with the correct MTU. Disabling TCP sequence number randomization in my firewall fixed the issue.

EDIT: the firewall in question is a SonicWALL NSA 220, firmware 5.9.1.0-22o.

edited Apr 03 '16 at 17:28

answered Apr 01 '16 at 01:31

univerio

131

Linux host does not retransmit with a lower packet size in response to ICMPv6 Packet Too Big message

1 Answers1