* nftables flow offload possible mtu handling issue
@ 2019-05-17 16:27 marcmicalizzi
2019-05-18 21:45 ` Florian Westphal
2019-05-21 1:44 ` Florian Westphal
0 siblings, 2 replies; 3+ messages in thread
From: marcmicalizzi @ 2019-05-17 16:27 UTC (permalink / raw)
To: netfilter-devel
With flow offload between devices of differing mtus, there seems to be an
issue sending from through higher mtu to the lower mtu device.
Im currently on 4.20 from the linux-arm mcbin branch, as its all I can get
running on my specific embedded platform.
In my case I have
table ip nat {
chain POSTROUTING {
type nat hook postrouting priority 100; policy accept;
oifname "ppp0" ip saddr 192.168.10.0/24 snat to
xx.xxx.xx.xxx
}
}
table ip filter {
flowtable f1 {
hook ingress priority 0
devices = { eth0.1, ppp0 }
}
chain FORWARD {
type filter hook forward priority 0; policy accept;
ip protocol tcp flow offload @f1
counter
tcp flags syn tcp option maxseg size set rt mtu
}
}
ppp0 has an mtu of 1500.
Running a speedtest from a device connected to eth0.1, download seems to
always be fine, but if eth0.1 has an mtu higher than 1492, upload fails
completely most of the time. (Prior to flow offloading, eth0/eth0.1 has an
mtu of 9000, and this is the mtu I would prefer to have it running at.
An interesting observation, as well, is that with eth0.1 mtu at 9000, if
during the upload portion of a speed test I issue `ip link set ppp0 mtu
(1492/1500, whichever it currently is not)`, the upload will start working
for the remainder of the upload test.
This also manifests outside speedtest, but less predictably, with dropped
connections due to outgoing packet failures.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: nftables flow offload possible mtu handling issue
2019-05-17 16:27 nftables flow offload possible mtu handling issue marcmicalizzi
@ 2019-05-18 21:45 ` Florian Westphal
2019-05-21 1:44 ` Florian Westphal
1 sibling, 0 replies; 3+ messages in thread
From: Florian Westphal @ 2019-05-18 21:45 UTC (permalink / raw)
To: marcmicalizzi; +Cc: netfilter-devel
marcmicalizzi@gmail.com <marcmicalizzi@gmail.com> wrote:
> With flow offload between devices of differing mtus, there seems to be an
> issue sending from through higher mtu to the lower mtu device.
> Im currently on 4.20 from the linux-arm mcbin branch, as its all I can get
> running on my specific embedded platform.
Current assumptions:
1. Flow offload can't deal with GRO skbs when MTU of oif is smaller,
as it bypasses the code in ip output that deals with this
2. flow offload expr should never offload connections that have
active helper and/or seqadj extension.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: nftables flow offload possible mtu handling issue
2019-05-17 16:27 nftables flow offload possible mtu handling issue marcmicalizzi
2019-05-18 21:45 ` Florian Westphal
@ 2019-05-21 1:44 ` Florian Westphal
1 sibling, 0 replies; 3+ messages in thread
From: Florian Westphal @ 2019-05-21 1:44 UTC (permalink / raw)
To: marcmicalizzi; +Cc: netfilter-devel
marcmicalizzi@gmail.com <marcmicalizzi@gmail.com> wrote:
> With flow offload between devices of differing mtus, there seems to be an
> issue sending from through higher mtu to the lower mtu device.
> Im currently on 4.20 from the linux-arm mcbin branch, as its all I can get
> running on my specific embedded platform.
I think i figured out why this is failing, I will send patches later
today.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-05-21 1:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-17 16:27 nftables flow offload possible mtu handling issue marcmicalizzi
2019-05-18 21:45 ` Florian Westphal
2019-05-21 1:44 ` Florian Westphal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).