Page MenuHomeVyOS Platform
Create Task
Maniphest T3634

Add op command option for ping for do not fragment bit to be set
Closed, ResolvedPublicFEATURE REQUEST
Actions

Description

This is for a ping command augmentation so we can have a do not fragment bit to be set to 1 for troubleshooting

Details

Difficulty level
Easy (less than an hour)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible

Event Timeline

Cheeze_It claimed this task.Jun 17 2021, 10:24 PM
Cheeze_It created this task.
Cheeze_It changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
Cheeze_It added a comment.Jun 17 2021, 10:42 PM

Added PR:

https://github.com/vyos/vyos-1x/pull/885

Added small documentation add:

https://github.com/vyos/vyos-documentation/pull/551

c-po closed this task as Resolved.Jun 18 2021, 5:37 AM
pasik added a subscriber: pasik.Jun 18 2021, 6:47 AM
Viacheslav reopened this task as Open.Aug 5 2021, 8:39 PM
Viacheslav added a subscriber: Viacheslav.

Reopen
It doesn't work properly

[email protected]:~$ ping 1.1.1.1 do-not-fragment size 5000
PING 1.1.1.1 (1.1.1.1) 5000(5028) bytes of data.
5008 bytes from 1.1.1.1: icmp_seq=1 ttl=56 time=35.0 ms
5008 bytes from 1.1.1.1: icmp_seq=2 ttl=56 time=35.1 ms
5008 bytes from 1.1.1.1: icmp_seq=3 ttl=56 time=35.2 ms


[email protected]:~$ sudo ping -M dont 1.1.1.1 -s 1700
PING 1.1.1.1 (1.1.1.1) 1700(1728) bytes of data.
1708 bytes from 1.1.1.1: icmp_seq=1 ttl=56 time=34.1 ms
1708 bytes from 1.1.1.1: icmp_seq=2 ttl=56 time=34.1 ms

The correct flag should be do not dont

[email protected]:~$ sudo ping -M do 1.1.1.1 -s 1700
PING 1.1.1.1 (1.1.1.1) 1700(1728) bytes of data.
ping: local error: Message too long, mtu=1500
ping: local error: Message too long, mtu=1500
^C
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 41ms
Cheeze_It added a comment.Aug 5 2021, 9:26 PM

Hmmmm....it worked last time. I'll give it another run.

Cheeze_It added a comment.EditedAug 5 2021, 9:53 PM

Did a quick test...

[email protected]:~$ ping 10.0.0.65 size 1472 do-not-fragment count 5
PING 10.0.0.65 (10.0.0.65) 1472(1500) bytes of data.
1480 bytes from 10.0.0.65: icmp_seq=1 ttl=64 time=0.198 ms
1480 bytes from 10.0.0.65: icmp_seq=2 ttl=64 time=0.210 ms
1480 bytes from 10.0.0.65: icmp_seq=3 ttl=64 time=0.208 ms
1480 bytes from 10.0.0.65: icmp_seq=4 ttl=64 time=0.218 ms
1480 bytes from 10.0.0.65: icmp_seq=5 ttl=64 time=0.206 ms

  • 10.0.0.65 ping statistics ---

5 packets transmitted, 5 received, 0% packet loss, time 4101ms
rtt min/avg/max/mdev = 0.198/0.208/0.218/0.006 ms
[email protected]:~$ ping 10.0.0.65 size 1473 do-not-fragment count 5
PING 10.0.0.65 (10.0.0.65) 1473(1501) bytes of data.

  • 10.0.0.65 ping statistics ---

5 packets transmitted, 0 received, 100% packet loss, time 4124ms

So I redid it and did a linux <> linux (vyos) ping and I got this:

[email protected]:~$ ping 10.0.0.67 size 64 count 5
PING 10.0.0.67 (10.0.0.67) 64(92) bytes of data.
72 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.126 ms
72 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.131 ms
72 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.081 ms
72 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.096 ms
72 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.153 ms

15:47:24.710402 IP (tos 0x0, ttl 64, id 26514, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 1, length 72
15:47:25.753799 IP (tos 0x0, ttl 64, id 26520, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 2, length 72
15:47:26.777779 IP (tos 0x0, ttl 64, id 27140, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 3, length 72
15:47:27.801789 IP (tos 0x0, ttl 64, id 27868, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 4, length 72
15:47:28.825824 IP (tos 0x0, ttl 64, id 28515, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 5, length 72

[email protected]:~$ ping 10.0.0.67 size 64 count 5 do-not-fragment
PING 10.0.0.67 (10.0.0.67) 64(92) bytes of data.
72 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.188 ms
72 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.202 ms
72 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.170 ms
72 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.196 ms
72 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.209 ms

15:47:38.240403 IP (tos 0x0, ttl 64, id 36463, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 1, length 72
15:47:39.257896 IP (tos 0x0, ttl 64, id 37062, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 2, length 72
15:47:40.281851 IP (tos 0x0, ttl 64, id 37084, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 3, length 72
15:47:41.305886 IP (tos 0x0, ttl 64, id 37443, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 4, length 72
15:47:42.329867 IP (tos 0x0, ttl 64, id 37911, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 5, length 72

I am looking through stuff...

Cheeze_It added a comment.Aug 5 2021, 9:55 PM

It seems the man page that I looked at I either didn't read carefully enough, or I completely messed it up. You're right @Viacheslav.

Cheeze_It added a comment.EditedAug 5 2021, 10:09 PM

Made the change to "do" and I noticed that.....DF is used even if there is no DF bit explicitly set...:

[email protected]:~$ ping 10.0.0.67 size 1472 count 5
PING 10.0.0.67 (10.0.0.67) 1472(1500) bytes of data.
1480 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.160 ms
1480 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.138 ms
1480 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.138 ms
1480 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.125 ms
1480 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.156 ms

16:05:43.302202 IP (tos 0x0, ttl 64, id 25762, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 1, length 1480
16:05:44.313879 IP (tos 0x0, ttl 64, id 25959, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 2, length 1480
16:05:45.337874 IP (tos 0x0, ttl 64, id 26850, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 3, length 1480
16:05:46.361904 IP (tos 0x0, ttl 64, id 27549, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 4, length 1480
16:05:47.385899 IP (tos 0x0, ttl 64, id 28014, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 5, length 1480





[email protected]:~$ ping 10.0.0.67 size 1472 count 5 do-not-fragment
PING 10.0.0.67 (10.0.0.67) 1472(1500) bytes of data.
1480 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.095 ms
1480 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.156 ms
1480 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.142 ms
1480 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.146 ms
1480 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.136 ms

16:05:51.964736 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 1, length 1480
16:05:53.017914 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 2, length 1480
16:05:54.041893 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 3, length 1480
16:05:55.065892 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 4, length 1480
16:05:56.089904 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 5, length 1480
Cheeze_It added a comment.Aug 7 2021, 5:19 PM

Did more checks.....and noticed it *IS* properly sending the ping command:

[email protected]:~$ ping 10.0.0.65
sudo ip vrf exec default /bin/ping 10.0.0.65


[email protected]:~$ ping 10.0.0.65 do-not-fragment
sudo ip vrf exec default /bin/ping -M do 10.0.0.65

It seems that the DF bit being set for other reasons though. However the behavior *IS* still different. When going to 1473 we get:

sudo ip vrf exec default /bin/ping -s 1473 10.0.0.65
PING 10.0.0.65 (10.0.0.65) 1473(1501) bytes of data.
^C
--- 10.0.0.65 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3073ms


But with DF bit we get:

[email protected]:~$ ping 10.0.0.65 size 1473 do-not-fragment
sudo ip vrf exec default /bin/ping -s 1473 -M do 10.0.0.65
PING 10.0.0.65 (10.0.0.65) 1473(1501) bytes of data.
/bin/ping: local error: message too long, mtu=1500
/bin/ping: local error: message too long, mtu=1500
/bin/ping: local error: message too long, mtu=1500
/bin/ping: local error: message too long, mtu=1500
^C
--- 10.0.0.65 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3072ms

Still put in a PR for this though.

https://github.com/vyos/vyos-1x/pull/956

Viacheslav closed this task as Resolved.Sep 3 2021, 12:55 PM
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Viacheslav added a project: test.
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0-epa1); removed test, VyOS 1.3 Equuleus.Sep 5 2021, 7:06 AM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa1) board.Sep 5 2021, 4:08 PM