Re: [PATCH net] ipv6: Reflect MTU changes on PMTU of exceptions for MTU-less routes

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Stefano Brivio <sbrivio@redhat.com>
To: "Maciej Żenczykowski" <zenczykowski@gmail.com>
Cc: "David S . Miller" <davem@davemloft.net>,
	Wei Wang <weiwan@google.com>,
	Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
	Linux NetDev <netdev@vger.kernel.org>
Subject: Re: [PATCH net] ipv6: Reflect MTU changes on PMTU of exceptions for MTU-less routes
Date: Sat, 3 Mar 2018 12:21:17 +0100	[thread overview]
Message-ID: <20180303122117.36fcabf1@epycfail> (raw)
In-Reply-To: <CANP3RGf9YVSqFv1sL_smxp0ci0p=k=gtT==dmtVSeGht2g_HZA@mail.gmail.com>

Hi Maciej,

On Fri, 2 Mar 2018 10:54:36 -0800
Maciej Żenczykowski <zenczykowski@gmail.com> wrote:

> I spend a significant fraction of my time making sure we never rely on PMTUD.

Thanks for your comments.

I see your point, but here we are not blindly relying on PMTUD,
rather reflecting an MTU administrative change on the PMTU, and making
the behaviour consistent between regular routes and exceptions, which
is nothing else than a bug fix.

This behaviour reflects RFC 8201, par. 3:

	The basic idea is that a source node initially assumes that
	the PMTU of a path is the (known) MTU of the first hop in the path.

and the need for it is clearly explained by the existing comment in
rt6_mtu_change_route():

	/* For administrative MTU increase, there is no way to discover
	   IPv6 PMTU increase, so PMTU increase should be updated here.
	   Since RFC 1981 doesn't include administrative MTU increase
	   update PMTU increase is a MUST. (i.e. jumbo frame)
	 */

Letting that aside for a moment, a PMTU increase due to my fix is only
possible if the old local MTU (administratively set) was the lowest in
the path, no PMTUD happened meanwhile (but we have an exception route
in place e.g. due to a tunnel calling skb_dst_update_mtu()), and we get
a subsequent administrative change of the local MTU.

Relying on some old value set by the user is simply a bug, and breaks
the natural user assumption that increasing the MTU will have an
effect, if PMTU is not otherwise constrained.

If PMTUD is not working, we will rely on the MTU values set by the
user. This looks like the only sane thing to do.

> Debugging MTU related blackholes is a constant bane of my existence.
> 
> [btw. we're considering adding a hack to always fragment UDP to
> min(1280, dev/route/path mtu)...]
> 
> Basically: lower is always better because it's more likely to work...

This is not directly related to my fix, but I wonder if we shouldn't,
in general, simply comply with RFCs, and provide ways out in case the
network is broken, instead of breaking expected behaviours by default,
or making things work "by mistake". The way out, here, is as simple as
setting 1280 as MTU for the local interface.

Somebody might say higher is better because you avoid fragmentation. So
I would just keep the implementation compliant (and, perhaps more
importantly, consistent).

-- 
Stefano

next prev parent reply	other threads:[~2018-03-03 11:21 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-05 22:47 [PATCH net v2] ipv6: Reflect MTU changes on PMTU of exceptions for MTU-less routes Stefano Brivio
2018-03-02 18:54 ` [PATCH net] " Maciej Żenczykowski
2018-03-03 11:21   ` Stefano Brivio [this message]
2018-03-02 22:39 ` David Ahern
2018-03-03 11:22   ` Stefano Brivio
2018-03-04 23:12     ` Stefano Brivio
2018-03-05  1:11       ` David Ahern
2018-03-05 12:29         ` Stefano Brivio
2018-03-05 14:14           ` David Miller
2018-03-05 15:27           ` David Ahern

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180303122117.36fcabf1@epycfail \
    --to=sbrivio@redhat.com \
    --cc=davem@davemloft.net \
    --cc=netdev@vger.kernel.org \
    --cc=weiwan@google.com \
    --cc=yoshfuji@linux-ipv6.org \
    --cc=zenczykowski@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).