From: "Toke Høiland-Jørgensen" <toke@kernel.org>
To: Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
djduanjiong@gmail.com
Cc: netdev@vger.kernel.org
Subject: Re: [PATCH v3] veth: Drop MTU check when forwarding packets
Date: Fri, 09 Aug 2024 11:47:17 +0200 [thread overview]
Message-ID: <87seveownu.fsf@toke.dk> (raw)
In-Reply-To: <66b51e9aebd07_39ab9f294e6@willemb.c.googlers.com.notmuch>
Willem de Bruijn <willemdebruijn.kernel@gmail.com> writes:
> Toke Høiland-Jørgensen wrote:
>> djduanjiong@gmail.com writes:
>>
>> > This is similar to a virtual machine that receives packets larger than
>> > its own mtu, regardless of the mtu configured in the guest. Or, to
>> > put it another way, what are the negative effects of this change?
>>
>> Well, it's changing long-standing behaviour (the MTU check has been
>> there throughout the history of veth). Changing it will mean that
>> applications that set the MTU and rely on the fact that they will never
>> receive packets higher than the MTU, will potentially break in
>> interesting ways.
>
> That this works is very veth specific, though?
>
> In general this max *transfer* unit configuration makes no assurances
> on the size of packets arriving. Though posted rx buffer size does,
> for which veth has no equivalent.
Well, in practice we do use the MTU to limit the RX size as well. See
for instance the limit on MTU sizes if an XDP program without
multibuffer support is loaded. And I don't think having an asymmetric
MTU setting on a physical point-to-point Ethernet link generally works
either. So in that sense it does make sense that veth has this
limitation, given that it's basically emulating an ethernet wire.
I do see your point that a virtual device doesn't really *have* to
respect MTU, though. So if we were implementing a new driver this
argument would be a lot easier to make. In fact, AFAICT the newer netkit
driver doesn't check the MTU setting before forwarding, so there's
already some inconsistency there.
>> You still haven't answered what's keeping you from setting the MTU
>> correctly on the veth devices you're using?
>
> Agreed that it has a risk, so some justification is in order. Similar
> to how commit 5f7d57280c19 (" bpf: Drop MTU check when doing TC-BPF
> redirect to ingress") addressed a specific need.
Exactly :)
And cf the above, using netkit may be an alternative that doesn't carry
this risk (assuming that's compatible with the use case).
-Toke
next prev parent reply other threads:[~2024-08-09 9:47 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-08 7:04 [PATCH v3] veth: Drop MTU check when forwarding packets Duan Jiong
2024-08-08 9:23 ` Toke Høiland-Jørgensen
2024-08-08 9:55 ` Duan Jiong
2024-08-08 10:21 ` Toke Høiland-Jørgensen
[not found] ` <00f872ac-4f59-4857-9c50-2d87ed860d4f@Spark>
2024-08-08 12:24 ` Toke Høiland-Jørgensen
2024-08-08 19:38 ` Willem de Bruijn
2024-08-09 9:47 ` Toke Høiland-Jørgensen [this message]
2024-08-12 9:11 ` Duan Jiong
2024-08-13 11:40 ` Toke Høiland-Jørgensen
2024-08-14 6:42 ` Duan Jiong
2024-08-16 21:09 ` Toke Høiland-Jørgensen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87seveownu.fsf@toke.dk \
--to=toke@kernel.org \
--cc=djduanjiong@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=willemdebruijn.kernel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).