From: Shan Wei <shanwei@cn.fujitsu.com>
To: Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
Cc: kaber@trash.net, davem@davemloft.net, kuznet@ms2.inr.ac.ru,
pekkas@netcore.fi, jmorris@namei.org, yoshfuji@linux-ipv6.org,
eric.dumazet@gmail.com, david@blue-labs.org, jorge@dti2.net,
opurdila@ixiacom.com, netdev@vger.kernel.org,
netfilter-devel@vger.kernel.org
Subject: Re: [PATCH v2]IP: Send an ICMP "Fragment Reassembly Timeout" message when enabling connection track
Date: Tue, 26 Jan 2010 09:25:54 +0800 [thread overview]
Message-ID: <4B5E44A2.2080006@cn.fujitsu.com> (raw)
In-Reply-To: <201001250057.o0P0v76J005243@toshiba.co.jp>
Yasuyuki KOZAKAI wrote, at 01/25/2010 08:57 AM:
> It sounds good. Please take care that IPv6 router does not reassemble
> fragmented packets.
I don't know the details about IPv6 router implement.
Did you mean that we can not directly use ip6_route_input(skb) to find Routing type(host/router)?
> IIRC the current nf_conntrack_{ipv6,reasm}.c
> reassembles the cloned skbs for tracking, discard the cloned skbs after
> tracking and forward the original skbs to IPv6 stack to keep the size of
> fragmented packets.
Indeed, after assembling fragments successfully in IPv6 connection track, original fragments are forwarded to IPv6 stack. And then IPv6 stack also assembles those received fragments again.
Thus fragments are assembled twice.
But IPv4 only assembly once. IPv4 connection track assembles fragments successfully and then just forwards assembled intact packet to IPv4 stack.
Do you know why is IPv6 designed like that?
--
Best Regards
-----
Shan Wei
next prev parent reply other threads:[~2010-01-26 1:25 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-21 1:21 [PATCH]IP: Send an ICMP "Fragment Reassembly Timeout" message when enabling connection track Shan Wei
2010-01-21 12:13 ` Patrick McHardy
2010-01-22 2:22 ` [PATCH v2]IP: " Shan Wei
2010-01-22 11:48 ` Patrick McHardy
2010-01-23 9:58 ` David Miller
2010-01-25 0:57 ` Yasuyuki KOZAKAI
2010-01-25 8:18 ` Shan Wei
[not found] ` <201001250057.o0P0v76J005243@toshiba.co.jp>
2010-01-26 1:25 ` Shan Wei [this message]
2010-01-26 2:34 ` Yasuyuki KOZAKAI
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B5E44A2.2080006@cn.fujitsu.com \
--to=shanwei@cn.fujitsu.com \
--cc=davem@davemloft.net \
--cc=david@blue-labs.org \
--cc=eric.dumazet@gmail.com \
--cc=jmorris@namei.org \
--cc=jorge@dti2.net \
--cc=kaber@trash.net \
--cc=kuznet@ms2.inr.ac.ru \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=opurdila@ixiacom.com \
--cc=pekkas@netcore.fi \
--cc=yasuyuki.kozakai@toshiba.co.jp \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).