From: Patrick McHardy <kaber@trash.net>
To: John Heffner <jheffner@psc.edu>
Cc: David Miller <davem@davemloft.net>, netdev@vger.kernel.org
Subject: Re: [PATCH 1/3] [NET] Do pmtu check in transport layer
Date: Mon, 09 Apr 2007 18:40:31 +0200 [thread overview]
Message-ID: <461A6C7F.1030506@trash.net> (raw)
In-Reply-To: <461A6896.1050308@psc.edu>
John Heffner wrote:
> Patrick McHardy wrote:
>
>> This makes ping report an incorrect MTU when IPsec is used since we're
>> only accounting for the additional header_len, not the trailer_len
>> (which is not easily changeable). Additionally it will report different
>> MTUs for the first and following fragments when the socket is corked
>> because only the first fragment includes the header_len. It also can't
>> deal with things like NAT and routing by fwmark that change the route.
>> The old behaviour was that we get an ICMP frag. required with the MTU
>> of the final route, while this will always report the MTU of the
>> initially chosen route.
>>
>> For all these reasons I think it should be reverted to the old
>> behaviour.
>
>
> You're right, this is no good. I think the other problems are fixable,
> but NAT really screws this.
Routing by fwmark is also unfixable and IPsec is quite hard.
> Unfortunately, there is still a real problem with ipv6, in that the
> output side does not generate a packet too big ICMP like ipv4. Also, it
> feels kind of undesirable be rely on local ICMP instead of direct error
> message delivery. I'll try to generate a new patch.
I think its necessary since at the transport layer we simply don't
have all the information about whats going to happen to a packet.
IPv6 now also supports routing by fwmark, so it has the same problem
if it doesn't generate packet too big messages.
next prev parent reply other threads:[~2007-04-09 16:40 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-03-24 0:06 [PATCH 1/3] [NET] Do pmtu check in transport layer John Heffner
2007-03-24 0:06 ` [PATCH 2/3] [NET] Move DF check to ip_forward John Heffner
2007-03-24 0:06 ` [PATCH 3/3] [NET] Add IP(V6)_PMTUDISC_RPOBE John Heffner
2007-03-25 4:23 ` David Miller
2007-03-27 14:18 ` Andi Kleen
[not found] ` <4609640D.7010709@psc.edu>
[not found] ` <20070327193115.GA28138@one.firstfloor.org>
2007-03-27 19:52 ` [PATCH] ip(7) IP_PMTUDISC_PROBE John Heffner
2007-04-08 18:08 ` Michael Kerrisk
2007-03-25 4:17 ` [PATCH 2/3] [NET] Move DF check to ip_forward David Miller
2007-03-25 13:37 ` [NET]: Fix breakage, use ip_hdr() for DF check in ip_forward Thomas Graf
2007-03-25 20:27 ` David Miller
2007-03-25 4:14 ` [PATCH 1/3] [NET] Do pmtu check in transport layer David Miller
2007-04-09 8:40 ` Patrick McHardy
2007-04-09 16:23 ` John Heffner
2007-04-09 16:40 ` Patrick McHardy [this message]
2007-04-19 1:07 ` [PATCH 0/0] Re-try changes for PMTUDISC_PROBE John Heffner
2007-04-20 22:55 ` David Miller
2007-04-19 1:07 ` [PATCH] Revert "[NET] Add IP(V6)_PMTUDISC_RPOBE" John Heffner
2007-04-19 1:07 ` [PATCH] Revert "[NET] Do pmtu check in transport layer" John Heffner
2007-04-19 1:07 ` [PATCH] [NET] MTU discovery check in ip6_fragment() John Heffner
2007-04-19 1:07 ` [PATCH] [NET] Add IP(V6)_PMTUDISC_RPOBE John Heffner
2007-04-19 1:11 ` John Heffner
2007-04-19 1:25 ` David Miller
2007-04-19 1:09 ` [PATCH 1/4] Revert "[NET] Add IP(V6)_PMTUDISC_RPOBE" John Heffner
2007-04-19 1:09 ` [PATCH 2/4] Revert "[NET] Do pmtu check in transport layer" John Heffner
2007-04-19 1:09 ` [PATCH 3/4] [NET] MTU discovery check in ip6_fragment() John Heffner
2007-04-19 1:09 ` [PATCH 4/4] [NET] Add IP(V6)_PMTUDISC_RPOBE John Heffner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=461A6C7F.1030506@trash.net \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=jheffner@psc.edu \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).