From: Wolfgang Walter <linux@stwm.de>
To: netdev@vger.kernel.org,
Hannes Frederic Sowa <hannes@stressinduktion.org>
Subject: Re: linux 3.13: problems with isatap tunnel device and UFO
Date: Sun, 09 Feb 2014 00:17:15 +0100 [thread overview]
Message-ID: <1581659.JtJ1UQaXJr@h2o.as.studentenwerk.mhn.de> (raw)
In-Reply-To: <20140207222227.GC16198@order.stressinduktion.org>
Am Freitag, 7. Februar 2014, 23:22:27 schrieb Hannes Frederic Sowa:
> Hi!
>
> On Fri, Feb 07, 2014 at 07:17:40PM +0100, Wolfgang Walter wrote:
> > Am Freitag, 7. Februar 2014, 18:56:41 schrieb Hannes Frederic Sowa:
> > > Hi!
> > >
> > > On Fri, Feb 07, 2014 at 06:47:07PM +0100, Wolfgang Walter wrote:
> > > > with kernel 3.13 I have a problem with isatap tunnels receiving
> > > > fragmented
> > > > ipv6 udp packets.
> > >
> > > Which was the last known version that did work?
> >
> > I think 3.12 had no problems, but I'm not sure. I test this tonight.
3.12 is indeed fine. But this is probably because of:
ethtool -k is0
....
udp-fragmentation-offload: off [fixed]
....
>
> Could you give me a bit more details on your setup, please?
>
> I just tested a setup with UFO packets in sit tunnels and it worked
> properly for me (on net).
>
host A (which shows the problem with kernel 3.13):
$ ip addr ls eth0
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
link/ether 11:22:33:44:55:66 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2001:1111:2222:aaaa:0:5efe:c0a8:101/120 scope global
valid_lft forever preferred_lft forever
inet6 fe80::1322:33ff:fe44:5566/64 scope link
valid_lft forever preferred_lft forever
$ ip addr ls is0
14: is0: <NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN group
default
link/sit 192.168.1.1 brd 0.0.0.0
inet6 2001:1111:2222:aaaa:0:5efe:c0a8:101/64 scope global dynamic
valid_lft 85977sec preferred_lft 13977sec
inet6 fe80::5efe:c0a8:101/64 scope link
valid_lft forever preferred_lft forever
The other host B is in the same isatap-subnet (but a different ipv4-subnet):
$ ip addr ls eth0
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
link/ether 11:22:33:44:55:ee brd ff:ff:ff:ff:ff:ff
inet 192.168.10.1/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::1322:33ff:fe44:55ee/64 scope link
valid_lft forever preferred_lft forever
$ ip addr ls is0
10: is0: <NOARP,UP,LOWER_UP> mtu 1280 qdisc noqueue state UNKNOWN group
default
link/sit 192.168.10.1 brd 0.0.0.0
inet6 2001:1111:2222:aaaa:0:5efe:c0a8:a01/64 scope global dynamic
valid_lft 85977sec preferred_lft 13977sec
inet6 fe80::5efe:c0a8:a01/64 scope link
valid_lft forever preferred_lft forever
The application I see this is strongswan (ikev2). When it establishes an
connection it sends udp-packets to large for is0 (here 1316 data-bytes,
strongswan says).
For the tests I unloaded the netfilter modules so there should be no
interference with the firewall or conntrack etc.
Regards,
--
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts
next prev parent reply other threads:[~2014-02-08 23:17 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-07 17:47 linux 3.13: problems with isatap tunnel device and UFO Wolfgang Walter
2014-02-07 17:56 ` Hannes Frederic Sowa
2014-02-07 18:17 ` Wolfgang Walter
2014-02-07 22:22 ` Hannes Frederic Sowa
2014-02-08 23:17 ` Wolfgang Walter [this message]
2014-02-11 2:44 ` Hannes Frederic Sowa
2014-02-11 17:42 ` Wolfgang Walter
2014-02-17 16:09 ` Hannes Frederic Sowa
2014-02-20 2:44 ` Hannes Frederic Sowa
2014-02-20 2:54 ` Hannes Frederic Sowa
2014-02-21 0:43 ` Cong Wang
2014-02-21 1:19 ` Hannes Frederic Sowa
2014-02-23 21:05 ` [PATCH net] ipv4: ipv6: better estimate tunnel header cut for correct ufo handling Hannes Frederic Sowa
2014-02-23 21:24 ` [PATCH net v2] " Hannes Frederic Sowa
2014-02-23 23:48 ` [PATCH net v3] " Hannes Frederic Sowa
2014-02-25 23:27 ` David Miller
2014-02-26 13:47 ` Hannes Frederic Sowa
2014-02-26 18:45 ` David Miller
2014-03-07 14:13 ` Wolfgang Walter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1581659.JtJ1UQaXJr@h2o.as.studentenwerk.mhn.de \
--to=linux@stwm.de \
--cc=hannes@stressinduktion.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.