From: Konstantin Shemyak <konstantin@shemyak.com>
To: Hannes Frederic Sowa <hannes@stressinduktion.org>,
netdev@vger.kernel.org, pshelar@nicira.com
Subject: Re: IPv4 tunnels: why IP-IP and SIT enforce DF bit, but GRE does not?
Date: Tue, 1 Dec 2015 15:20:54 +0200 [thread overview]
Message-ID: <565D9EB6.1080102@shemyak.com> (raw)
In-Reply-To: <1448964929.3305540.454487369.098BD535@webmail.messagingengine.com>
On 01.12.2015 12:15, Hannes Frederic Sowa wrote:
> Hello,
>
> On Thu, Nov 26, 2015, at 19:28, Konstantin Shemyak wrote:
>> The kernel has taken the decision to always enforce DF bit on IPv4
>> tunnels, which have fixed (not inherited) TTL (e.g.
>> net/ipv4/ipip.c:ipip_tunnel_ioctl()). Commment by Alexey Kuznetsov in
>> the head of ip_gre.c explains that the reason is attempting to avoid
>> network loops.
>>
>> But the commit c54419321455631 removed this enforcing from GRE tunnels,
>> not changing this behavior for IP-IP (net/ipv4/ipip.c) and SIT
>> (net/ipv6/sit.c).
>>
>> It can be discussed whether such enforcing of DF bit is exactly the
>> desired behavior, but shouldn't it at least be identical across IPv4
>> tunnels?
>
> Very simple, I would like to see DF bit being enforced in case we have a
> static TTL. Parvin, any reasons you removed this code? It is currently
> the only way to make sure the network does not kill itself in an endless
> loop on configuration mistakes.
This solution does not completely eliminate all network loops, as there
may be other routers in the loop which do not set the DF bit. But it is
true that this behavior is "we did all we could".
My point was not to question its feasibility, but to make it similar
across GRE, IP-IP and SIT tunnels.
Konstantin.
next prev parent reply other threads:[~2015-12-01 13:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-26 18:28 IPv4 tunnels: why IP-IP and SIT enforce DF bit, but GRE does not? Konstantin Shemyak
2015-12-01 10:15 ` Hannes Frederic Sowa
2015-12-01 13:20 ` Konstantin Shemyak [this message]
2015-12-01 13:30 ` Hannes Frederic Sowa
2015-12-01 17:08 ` David Miller
2015-12-05 15:24 ` Konstantin Shemyak
2015-12-05 18:07 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=565D9EB6.1080102@shemyak.com \
--to=konstantin@shemyak.com \
--cc=hannes@stressinduktion.org \
--cc=netdev@vger.kernel.org \
--cc=pshelar@nicira.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).