Project

General

Profile

Bug #7388

Suricata does not property recognize MTU for PPPOE interfaces

Added by Kristopher Kolpin 4 months ago. Updated 4 months ago.

Status:
New
Priority:
High
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
03/14/2017
Due date:
% Done:

0%

Affected version:
2.3.3_1
Affected Architecture:
amd64

Description

Due to path MTU discovery (via ICMPv6) issues with some IPv6 TCP traffic I have to manually set MSS to 1452 in the WAN interface.

The Suricata detects the MTU as 1500 in this situaion. However, when MTU and MSS are left blank (i.e. pfSense auto-establishes MTU and MSS) Suricata detects MTU properly as 1492. See logs below:

#Manually set MTU of 1492 and MSS of 1452.
14/3/2017 -- 21:50:29 - <Info> -- Found an MTU of 1500 for 'pppoe0'
14/3/2017 -- 21:50:29 - <Info> -- Set snaplen to 1524 for 'pppoe0'

#MTU and MSS left blank (auto).
14/3/2017 -- 21:58:41 - <Info> -- Found an MTU of 1492 for 'pppoe0'
14/3/2017 -- 21:58:41 - <Info> -- Set snaplen to 1516 for 'pppoe0'

Also available in: Atom PDF