I recently encountered a scenario where in I find that ICMP network unreachable [type-1, code-3- meaning destination unreachable, which is correct w.r.t trace route working, refer rfc link below] packet is getting dropped only when bytes sent exceeds 'X' [certain] bytes.
** Check this RFC, section 3.1 - https://www.rfc-editor.org/rfc/rfc4443#section-3.1 **
For example [source: FreeBSD based trace route code],
i = sendto(sndsock, (char *)outpacket,outpacketlength, 0,
(struct sockaddr *)&Dst, Dst.sin6_len); // to send packet of length "outpacketlength", from source buffer "outpacket" and to destination "Dst".
...
retval = recvmsg(rcvsock, mhdr, 0); // use recvmsg for receiving reply.
Question
When I malloc and send 'X' bytes of data, I get reply received in receive buffer.But, not greater than that limit. i.e, retval is always 0 when "outpacketlen" is greater 'X' bytes, even though you malloc and reset the buffer for 'X' bytes. But, with packet capture I see packet received in my host. Meaning, I receive packet but not in receive buffer. How/When is this possible [Any malformed packet info?]?
How can I go about debugging this issue?
Is there a tool that can use to debug such a scenario? I used "truss" utility in BSD. Are there better way of handling this?
How should I go about investigating the packets lost between interface and application? What tools/utilities/technique would be efficient choice based on your experience?
Am I missing something? Thanks for your time and inputs. I appreciate it.
You need to work with Wireshark and investigate if you are sending your packets correctly. Put a breakpoint just before the
sendtoand see what happens.