From: Steffen Klassert <steffen.klassert@secunet.com>
To: Benjamin Poirier <bpoirier@suse.de>
Cc: netdev@vger.kernel.org, "David S. Miller" <davem@davemloft.net>,
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
James Morris <jmorris@namei.org>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
Patrick McHardy <kaber@trash.net>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] xfrm: take iphdr size into account for esp payload size calculation
Date: Fri, 11 May 2012 12:39:35 +0200 [thread overview]
Message-ID: <20120511103935.GA1841@secunet.com> (raw)
In-Reply-To: <20120511010249.GA23584@d2.synalogic.ca>
On Thu, May 10, 2012 at 09:02:49PM -0400, Benjamin Poirier wrote:
>
> The value returned by this function is tuned for tcp segment size:
> 1) from tcp_mtu_to_mss()
> mss = pmtu - tcp_hlen - net_hlen
> 2) frame structure for transport mode
> mtu = mss + tcp_hlen + esp_header_len(esp_payload_len) + ah_len + net_hlen
I think you can simplify the calculations here, this
calculation should not depend on any special layer 4
protocol.
>
> The "mtu" parameter of esp4_get_mtu is in fact mtu - ah_len.
> The return value of esp4_get_mtu is put into pmtu.
>
> If we put 1 and 2 together we have:
> pmtu = mtu - ah_len - esp_header_len(esp_payload_len)
> with esp_payload_len = mss + tcp_hlen
>
> This formula expands to:
> pmtu = mtu - ah_len - (header_len + align(align(pmtu - net_hlen + 2, blksize),
> esp->padlen) - (pmtu - net_hlen) + alen)
>
> and simplifies to:
> pmtu = (mtu - ah_len - net_hlen - header_len - alen) & ~(max(blksize,
> esp->padlen) - 1) + (net_hlen - 2)
>
> which, in the context of esp4_get_mtu, becomes:
> ((mtu - x->props.header_len - crypto_aead_authsize(esp->aead) - sizeof(struct
> iphdr)) & ~(align - 1)) + (sizeof(struct iphdr) - 2)
>
> This is the same formula as before, except for sizeof(struct iphdr) which was
> missing.
>
Well, makes sense. I use transport mode very rarely, so I never noticed this.
But I was sure that it worked correct in tunnel mode.
Thanks.
prev parent reply other threads:[~2012-05-11 10:39 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-09 22:35 [PATCH] xfrm: take iphdr size into account for esp payload size calculation Benjamin Poirier
2012-05-10 12:18 ` Steffen Klassert
2012-05-11 1:02 ` Benjamin Poirier
2012-05-11 1:07 ` [PATCH v2] " Benjamin Poirier
2012-05-14 22:39 ` David Miller
2012-05-16 19:35 ` [PATCH v3] " Benjamin Poirier
2012-05-18 0:05 ` David Miller
2012-05-24 21:32 ` [PATCH v4] xfrm: take net hdr len " Benjamin Poirier
2012-05-27 5:09 ` David Miller
2012-05-11 10:39 ` Steffen Klassert [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120511103935.GA1841@secunet.com \
--to=steffen.klassert@secunet.com \
--cc=bpoirier@suse.de \
--cc=davem@davemloft.net \
--cc=jmorris@namei.org \
--cc=kaber@trash.net \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.