Ticket #9440 (new defect) — at Initial Version

Opened 8 years ago

Last modified 5 years ago

NAT networking rewrites the DF (dont fragment) flag

Reported by: holger67 Owned by:
Component: network/NAT Version: VirtualBox 4.1.0
Keywords: DF, fragmentation, dont fragment Cc:
Guest type: Linux Host type: Windows


I found that NAT network removes, improperly, he IP packet DF flag (dont fragment) when the packet is crossing the boundary of the NAT networking. The bridged network works fine.


VirtualBox 4.1.0 Host OS Windows 7 Guest OS Linux 2.6.38


When we send a UDP packet (I tested only UDP) with DF flag set (0x02) in the IP header, to the "outside world", it appears on the wire outside of the NAT network as having the IP flags as 0 - the DF flag disappears.

The same is true on the receiving side: when the packet on the wire has 0x02 flag set in the IP header, it is getting delivered to the NAT network with flags 0.

When I am changing the networking settings to "bridged", everything works normally - the DF flag is preserved both ways. So, this is NAT-only problem, but rather annoying for some advanced applications which have to perform PMTU discovery, for example.

Note: See TracTickets for help on using tickets.
ContactPrivacy policyTerms of Use