Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris 11 Express NAT/Router IP Fragments
Special Forums IP Networking Solaris 11 Express NAT/Router IP Fragments Post 302512761 by DGPickett on Monday 11th of April 2011 02:48:52 PM
Old 04-11-2011
Path MTU Discovery is nice on a varied intranet, but not so good for the Internet, where the short relationships might make it not worth the effort.

Use a sniffer to see what sort of options are in your standard TCP packets (not SYN or FIN). Add their length to the 40 before subtracting. Sometimes, the RWIN is called max MSS. Try various options with a long stream between two local hosts.

Normally, frags are for big UDP packets and normal-net-max packets on VPN.
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

fragments in Solaris 8

When discussing inodes and data blocks, I know Solaris creates these data blocks with a total size of 8192b, divided into eight 1024b "fragments." It stores data in "contiguous" fragments and solaris doesn't allow a file to use portions of two different fragments. If the file size permits, then the... (4 Replies)
Discussion started by: manderson19
4 Replies

2. UNIX for Dummies Questions & Answers

Installing Solaris behind a windows NAT...

Greetings, and thank you for your time. I am cracking the whip to self-teach myself Unix because I think it will be the best platform for me to really open my mind and be creative. Sadly I lack anyone experienced in Unix to nag with questions, so you will be seeing a lot of me here I am sure... (4 Replies)
Discussion started by: Dustin
4 Replies

3. IP Networking

Destination NAT using ipnat in Solaris 8

Hello People, Please can someone help me with destination IP address NAT and Port transalation using ipnat in Solaris 8. Scenario: Box A(192.168.100.1/24) and Box B (192.168.100.50/24) are connected phyically and logically(vlan) on the same network switch. Box A hosts an... (0 Replies)
Discussion started by: mandarawachat
0 Replies

4. Solaris

ipfilter solaris express

Hello, | am trying to setup ipfilter on solaris express snv_91 but I don't seem to have the following file available. /etc/ipf/pfil.ap Is this an older way of configuring the interface?, I have all the packages installed. Thanks, (1 Reply)
Discussion started by: Actuator
1 Replies

5. Solaris

Solaris Express or OpenIndiana

Simply question which should I use. correct me if I'm wrong but Solaris Express is taking the place of Opensolaris and is officially sanctioned by Oracle and OpenIndiana is what used to be OpenSolaris. If I opt for OpenIndiana is it going to follow the official Oracle Solaris releases or are... (3 Replies)
Discussion started by: michael78
3 Replies

6. Solaris

Solaris 11 Express NAT performance issues

Hi all, I decided to replace my linux router/firewall with Solaris 11 express. This is a pppoe connection directly to my server...no router boxes. I got everything setup, but the performance is terrible on the NAT....really slow. A web page that loads on the server instantly will take... (3 Replies)
Discussion started by: vectox
3 Replies

7. Solaris

OpenSolaris, Solaris, Solaris Express - differences

What are the differences between these systems? I have to use Oracle's product but I do not know who to choose (3 Replies)
Discussion started by: PtaQ
3 Replies

LEARN ABOUT ULTRIX

synos

synos(1)							Mail Avenger 0.8.3							  synos(1)

NAME

       synos - guess operating system from TCP SYN fingerprint

SYNOPSIS

       synos [--mtu mtu] [--db path] syn-fingerprint

DESCRIPTION

       synos takes a SYN fingerprint, in the format described for the CLIENT_SYNFP environment variable in the avenger(1) man page, and outputs a
       guess as to the type of the client operating system.  synos makes use of the OpenBSD SYN fingerprint database (which is also repackaged
       with Mail Avenger).

   OPTIONS
       --mtu val
	   Certain operating systems set the initial TCP window size based on the maximum transmission unit, or MTU, of the network.  For such
	   operating systems, synos usually checks the window size using both the client's MSS option plus 40 bytes (for TCP and IP headers), or a
	   hard-coded MTU, which defaults to 1,500 bytes.  If either value works, the fingerprint is considered to match the operating system.
	   You can change the value 1,500 by specifying this option.  A value of 0 tells synos to use only the value derived from the MSS option.

       --db file
	   Specifies an alternate location for the SYN fingerprint database.

FILES

       /usr/local/share/pf.os
	   Default location of SYN fingerprint database.

SEE ALSO

       avenger(1), asmtpd(8)

       The Mail Avenger home page: <http://www.mailavenger.org/>.

       The OpenBSD home page: <http://www.openbsd.org/>.

BUGS

       The operating system type is determined by heuristics that are not always reliable.  Moreover, not all operating systems can be
       distinguished.  The database may not even contain a client's particular operating system and version.

       It is not hard to fool synos deliberately by changing TCP socket options or injecting raw packets onto the network.

AUTHOR

       David Mazieres

Mail Avenger 0.8.3						    2012-04-05								  synos(1)
All times are GMT -4. The time now is 12:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy