From: Jakub Kicinski <kuba@kernel.org>
To: wenxu <wenxu@ucloud.cn>
Cc: netdev@vger.kernel.org, Stefano Brivio <sbrivio@redhat.com>,
David Ahern <dsahern@kernel.org>
Subject: Re: [PATCH net] ip_tunnel: fix over-mtu packet send fail without TUNNEL_DONT_FRAGMENT flags
Date: Mon, 26 Oct 2020 13:56:26 -0700 [thread overview]
Message-ID: <20201026135626.23684484@kicinski-fedora-PC1C0HJN.hsd1.ca.comcast.net> (raw)
In-Reply-To: <c4dae63c-6a99-922e-5bd0-03ac355779ae@ucloud.cn>
On Mon, 26 Oct 2020 16:23:29 +0800 wenxu wrote:
> On 10/24/2020 5:12 AM, Jakub Kicinski wrote:
> > On Wed, 21 Oct 2020 17:21:55 +0800 wenxu@ucloud.cn wrote:
> >> From: wenxu <wenxu@ucloud.cn>
> >>
> >> The TUNNEL_DONT_FRAGMENT flags specific the tunnel outer ip can do
> >> fragment or not in the md mode. Without the TUNNEL_DONT_FRAGMENT
> >> should always do fragment. So it should not care the frag_off in
> >> inner ip.
> > Can you describe the use case better? My understanding is that we
> > should propagate DF in normally functioning networks, and let PMTU
> > do its job.
>
> Sorry for relying so late. ip_md_tunnel_xmit send packet in the collect_md mode.
>
> For OpenVswitch example, ovs set the gre port with flags df_default=false which will not
>
> set TUNNEL_DONT_FRAGMENT for tun_flags.
>
> And the mtu of virtual machine is 1500 with default. And the tunnel underlay device mtu
>
> is 1500 default too. So if the size of packet send from vm + underlay length > underlay device mtu.
>
> The packet always be dropped if the ip header of packet set flags with DF.
>
> In the collect_md the outer packet can fragment or not should depends on the tun_flags but not inner
>
> ip header like vxlan device did.
Is this another incarnation of 4cb47a8644cc ("tunnels: PMTU discovery
support for directly bridged IP packets")? Sounds like non-UDP tunnels
need the same treatment to make PMTUD work.
RFC2003 seems to clearly forbid ignoring the inner DF:
Identification, Flags, Fragment Offset
These three fields are set as specified in [10]. However, if
the "Don't Fragment" bit is set in the inner IP header, it MUST
be set in the outer IP header; if the "Don't Fragment" bit is
not set in the inner IP header, it MAY be set in the outer IP
header, as described in Section 5.1.
and:
[..] In
particular, use of IP options is allowed, and use of fragmentation is
allowed unless the "Don't Fragment" bit is set in the inner IP
header. This restriction on fragmentation is required so that nodes
employing Path MTU Discovery [7] can obtain the information they
seek.
next prev parent reply other threads:[~2020-10-26 20:56 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-21 9:21 [PATCH net] ip_tunnel: fix over-mtu packet send fail without TUNNEL_DONT_FRAGMENT flags wenxu
2020-10-23 21:12 ` Jakub Kicinski
2020-10-26 8:23 ` wenxu
2020-10-26 20:56 ` Jakub Kicinski [this message]
2020-10-27 14:51 ` David Ahern
2020-10-27 15:55 ` Jakub Kicinski
2020-10-29 2:30 ` wenxu
2020-10-30 1:14 ` Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201026135626.23684484@kicinski-fedora-PC1C0HJN.hsd1.ca.comcast.net \
--to=kuba@kernel.org \
--cc=dsahern@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=sbrivio@redhat.com \
--cc=wenxu@ucloud.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).