Project

General

Profile

Actions

Bug #7388

open

Suricata does not property recognize MTU for PPPOE interfaces

Added by Kristopher Kolpin over 7 years ago. Updated over 7 years ago.

Status:
New
Priority:
High
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
03/14/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.3.3_1
Affected Plus Version:
Affected Architecture:
amd64

Description

Due to path MTU discovery (via ICMPv6) issues with some IPv6 TCP traffic I have to manually set MSS to 1452 in the WAN interface.

The Suricata detects the MTU as 1500 in this situaion. However, when MTU and MSS are left blank (i.e. pfSense auto-establishes MTU and MSS) Suricata detects MTU properly as 1492. See logs below:

#Manually set MTU of 1492 and MSS of 1452.
14/3/2017 -- 21:50:29 - <Info> -- Found an MTU of 1500 for 'pppoe0'
14/3/2017 -- 21:50:29 - <Info> -- Set snaplen to 1524 for 'pppoe0'

#MTU and MSS left blank (auto).
14/3/2017 -- 21:58:41 - <Info> -- Found an MTU of 1492 for 'pppoe0'
14/3/2017 -- 21:58:41 - <Info> -- Set snaplen to 1516 for 'pppoe0'

Actions

Also available in: Atom PDF