[j-nsp] "fragmentation needed" broken on unnumbered interfaces?

Kevin Day toasty at dragondata.com
Mon Dec 12 03:20:47 EST 2005


It doesn't look like the generation of fragmentation needed messages  
is matching what my understanding of the docs says.


Example config:

interfaces {
ip-0/2/0 {
     unit 0 {
         tunnel {
             source 4.1.1.1;
             destination 5.1.1.1;
             ttl 50;
         }
         family inet {
             address 6.1.1.1/30;
         }
     }
}
t1-1/2/0 {
     encapsulation cisco-hdlc;
     unit 0 {
         family inet;
     }
}
lo0 {
     unit 0 {
         family inet {
             address 22.1.1.1/32 {
                 primary;
                 preferred;
             }
         }
     }
}

}

routing-options {
     static {
         route 8.1.1.0/24 next-hop t1-1/2/0.0;
         route 9.1.1.0/24 next-hop ip-0/2/0.0;
     }
}


Basically, I have a T1 with 8.1.1.0/24 on it, then through a tunnel I  
have 9.1.1.0/24 which goes out over an unrelated ge interface.

If I send from 8.1.1.44 to 9.1.1.55 a 1500 byte packet with Don't- 
Fragment set, nothing is sent back to 8.1.1.44. However, if I do:

set interfaces t1-1/2/0 unit 0 family internet address 10.1.1.1/30

Then it correctly sends back a "fragmentation needed" message to  
8.1.1.44 sourced from 10.1.1.1.


This makes it look like it won't source an ICMP message on an  
unnumbered interface. However, the docs make it sound like it will,  
and use the IP from another interface:

> When configuring unnumbered interfaces, you must ensure that a source
> address is configured on some interface in the routing platform. This
> address is the default address. We recommend that you do this by  
> assigning
> an address to the loopback interface (lo0), as described in  
> Configuring
> the Loopback Interface. If you configure an address (other than a  
> martian)
> on the lo0 interface, that address is always the default address,  
> which is
> preferable because the loopback interface is independent of any  
> physical
> interfaces and therefore is always accessible.

Based off of this, I would have thought if the T1 interface was  
unnumbered it would have used the IP assigned to lo0, or failing that  
from another interface.

Am I misreading this, or is it not working as intended?



More information about the juniper-nsp mailing list