Page MenuHomeVyOS Platform

Add op command option for ping for do not fragment bit to be set
Closed, ResolvedPublicFEATURE REQUEST

Description

This is for a ping command augmentation so we can have a do not fragment bit to be set to 1 for troubleshooting

Details

Difficulty level
Easy (less than an hour)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible

Event Timeline

Cheeze_It created this task.
Cheeze_It changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
Viacheslav added a subscriber: Viacheslav.

Reopen
It doesn't work properly

vyos@r4-1.3:~$ ping 1.1.1.1 do-not-fragment size 5000
PING 1.1.1.1 (1.1.1.1) 5000(5028) bytes of data.
5008 bytes from 1.1.1.1: icmp_seq=1 ttl=56 time=35.0 ms
5008 bytes from 1.1.1.1: icmp_seq=2 ttl=56 time=35.1 ms
5008 bytes from 1.1.1.1: icmp_seq=3 ttl=56 time=35.2 ms


vyos@r4-1.3:~$ sudo ping -M dont 1.1.1.1 -s 1700
PING 1.1.1.1 (1.1.1.1) 1700(1728) bytes of data.
1708 bytes from 1.1.1.1: icmp_seq=1 ttl=56 time=34.1 ms
1708 bytes from 1.1.1.1: icmp_seq=2 ttl=56 time=34.1 ms

The correct flag should be do not dont

vyos@r4-1.3:~$ sudo ping -M do 1.1.1.1 -s 1700
PING 1.1.1.1 (1.1.1.1) 1700(1728) bytes of data.
ping: local error: Message too long, mtu=1500
ping: local error: Message too long, mtu=1500
^C
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 41ms

Hmmmm....it worked last time. I'll give it another run.

Did a quick test...

vyos@vyos:~$ ping 10.0.0.65 size 1472 do-not-fragment count 5
PING 10.0.0.65 (10.0.0.65) 1472(1500) bytes of data.
1480 bytes from 10.0.0.65: icmp_seq=1 ttl=64 time=0.198 ms
1480 bytes from 10.0.0.65: icmp_seq=2 ttl=64 time=0.210 ms
1480 bytes from 10.0.0.65: icmp_seq=3 ttl=64 time=0.208 ms
1480 bytes from 10.0.0.65: icmp_seq=4 ttl=64 time=0.218 ms
1480 bytes from 10.0.0.65: icmp_seq=5 ttl=64 time=0.206 ms

  • 10.0.0.65 ping statistics ---

5 packets transmitted, 5 received, 0% packet loss, time 4101ms
rtt min/avg/max/mdev = 0.198/0.208/0.218/0.006 ms
vyos@vyos:~$ ping 10.0.0.65 size 1473 do-not-fragment count 5
PING 10.0.0.65 (10.0.0.65) 1473(1501) bytes of data.

  • 10.0.0.65 ping statistics ---

5 packets transmitted, 0 received, 100% packet loss, time 4124ms

So I redid it and did a linux <> linux (vyos) ping and I got this:

vyos@vyos:~$ ping 10.0.0.67 size 64 count 5
PING 10.0.0.67 (10.0.0.67) 64(92) bytes of data.
72 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.126 ms
72 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.131 ms
72 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.081 ms
72 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.096 ms
72 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.153 ms

15:47:24.710402 IP (tos 0x0, ttl 64, id 26514, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 1, length 72
15:47:25.753799 IP (tos 0x0, ttl 64, id 26520, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 2, length 72
15:47:26.777779 IP (tos 0x0, ttl 64, id 27140, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 3, length 72
15:47:27.801789 IP (tos 0x0, ttl 64, id 27868, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 4, length 72
15:47:28.825824 IP (tos 0x0, ttl 64, id 28515, offset 0, flags [DF], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 30962, seq 5, length 72

vyos@vyos:~$ ping 10.0.0.67 size 64 count 5 do-not-fragment
PING 10.0.0.67 (10.0.0.67) 64(92) bytes of data.
72 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.188 ms
72 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.202 ms
72 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.170 ms
72 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.196 ms
72 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.209 ms

15:47:38.240403 IP (tos 0x0, ttl 64, id 36463, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 1, length 72
15:47:39.257896 IP (tos 0x0, ttl 64, id 37062, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 2, length 72
15:47:40.281851 IP (tos 0x0, ttl 64, id 37084, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 3, length 72
15:47:41.305886 IP (tos 0x0, ttl 64, id 37443, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 4, length 72
15:47:42.329867 IP (tos 0x0, ttl 64, id 37911, offset 0, flags [none], proto ICMP (1), length 92) 10.0.0.80 > 10.0.0.67: ICMP echo request, id 2815, seq 5, length 72

I am looking through stuff...

It seems the man page that I looked at I either didn't read carefully enough, or I completely messed it up. You're right @Viacheslav.

Made the change to "do" and I noticed that.....DF is used even if there is no DF bit explicitly set...:

vyos@vyos:~$ ping 10.0.0.67 size 1472 count 5
PING 10.0.0.67 (10.0.0.67) 1472(1500) bytes of data.
1480 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.160 ms
1480 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.138 ms
1480 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.138 ms
1480 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.125 ms
1480 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.156 ms

16:05:43.302202 IP (tos 0x0, ttl 64, id 25762, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 1, length 1480
16:05:44.313879 IP (tos 0x0, ttl 64, id 25959, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 2, length 1480
16:05:45.337874 IP (tos 0x0, ttl 64, id 26850, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 3, length 1480
16:05:46.361904 IP (tos 0x0, ttl 64, id 27549, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 4, length 1480
16:05:47.385899 IP (tos 0x0, ttl 64, id 28014, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 53430, seq 5, length 1480





vyos@vyos:~$ ping 10.0.0.67 size 1472 count 5 do-not-fragment
PING 10.0.0.67 (10.0.0.67) 1472(1500) bytes of data.
1480 bytes from 10.0.0.67: icmp_seq=1 ttl=64 time=0.095 ms
1480 bytes from 10.0.0.67: icmp_seq=2 ttl=64 time=0.156 ms
1480 bytes from 10.0.0.67: icmp_seq=3 ttl=64 time=0.142 ms
1480 bytes from 10.0.0.67: icmp_seq=4 ttl=64 time=0.146 ms
1480 bytes from 10.0.0.67: icmp_seq=5 ttl=64 time=0.136 ms

16:05:51.964736 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 1, length 1480
16:05:53.017914 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 2, length 1480
16:05:54.041893 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 3, length 1480
16:05:55.065892 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 4, length 1480
16:05:56.089904 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 1500)    10.0.0.80 > 10.0.0.67: ICMP echo request, id 2865, seq 5, length 1480

Did more checks.....and noticed it *IS* properly sending the ping command:

vyos@vyos:~$ ping 10.0.0.65
sudo ip vrf exec default /bin/ping 10.0.0.65


vyos@vyos:~$ ping 10.0.0.65 do-not-fragment
sudo ip vrf exec default /bin/ping -M do 10.0.0.65

It seems that the DF bit being set for other reasons though. However the behavior *IS* still different. When going to 1473 we get:

sudo ip vrf exec default /bin/ping -s 1473 10.0.0.65
PING 10.0.0.65 (10.0.0.65) 1473(1501) bytes of data.
^C
--- 10.0.0.65 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3073ms


But with DF bit we get:

vyos@vyos:~$ ping 10.0.0.65 size 1473 do-not-fragment
sudo ip vrf exec default /bin/ping -s 1473 -M do 10.0.0.65
PING 10.0.0.65 (10.0.0.65) 1473(1501) bytes of data.
/bin/ping: local error: message too long, mtu=1500
/bin/ping: local error: message too long, mtu=1500
/bin/ping: local error: message too long, mtu=1500
/bin/ping: local error: message too long, mtu=1500
^C
--- 10.0.0.65 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3072ms

Still put in a PR for this though.

https://github.com/vyos/vyos-1x/pull/956

Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Viacheslav added a project: test.