Logical bug in ipv4 (and ipv6?) PMTU handling?

Harald Nordgård-Hansen (hnh@linpro.no)
Thu, 12 Jun 2003 22:11:15 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Torrey Hoffman: "[OOPS] 2.5.70-bk15: SBP2 unmount"
Previous message: Bill Nottingham: "Re: Pentium M (Centrino) cpufreq device driver (please test me)"

This is a MIME-formatted message. If you see this text it means that your
E-mail software does not support MIME-formatted messages.

--=_courier-18686-1055448796-0001-2
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

I was helping a collegue here trying to get some udp packets through a
link, and stumbled upon what seems to be a bug in the ipv4 code of
current kernels (checked 2.4.20, 2.4.21-pre8 and 2.5.70).

According to 'man 7 ip', the IP_PMTU_DISCOVER flag i controlled by the
ip_no_pmtu_disc sysctl for SOCK_STREAM, and off for all other socket
types. But in net/ipv4/af_inet.c, the flag is set based on
ip_no_pmtu_disc, regardless of socket type.

This causes all udp packets to be send out with the ip don't fragment
flag set, and unless the application happens to handle the resulting
error messages generated, the packets will not get through on
lower-mtu path segments. A quick dump of some udp packets confirms
that the don't fragment flag is set on all the packets.

The attached one-liner will limit setting IP_PMTU_DISCOVER on sockets
to only those of the SOCK_STREAM type, which is what the documentation
says should happen (as would be logical, as other sockets need the
application to explicitly handle the size adjustments). It should
apply cleanly to 2.4.20 and 2.4.21-pre8, and shouldn't be hard to
adapt to 2.5.x.

I don't know enough about ipv6 to understand if this behaviour should
be the same there, but net/ipv6/af_inet6.c contains mostly the same
logic, and should probably be fixed as well.

-Harald

-- 
Harald Nordgerd-Hansen, Linpro AS <>< http://harald.nordgard-hansen.net/
Pancoveien 7, NO-1624 Gressvik, Norway  ><>  Phone/Fax: +47 6935 2424/25

--=_courier-18686-1055448796-0001-2
Content-Type: text/x-patch; charset=iso-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=af_inet.c.patch
Content-Description: IP_PMTU_DISCOVER fix for af_inet.c

--- net/ipv4/af_inet.c.orig	2003-06-12 21:18:05.000000000 +0200
+++ net/ipv4/af_inet.c	2003-06-12 21:18:41.000000000 +0200
@@ -369,7 +369,7 @@
 			sk->protinfo.af_inet.hdrincl = 1;
 	}
 
-	if (ipv4_config.no_pmtu_disc)
+	if (SOCK_STREAM != sock->type || ipv4_config.no_pmtu_disc)
 		sk->protinfo.af_inet.pmtudisc = IP_PMTUDISC_DONT;
 	else
 		sk->protinfo.af_inet.pmtudisc = IP_PMTUDISC_WANT;

--=_courier-18686-1055448796-0001-2--

Next message: Torrey Hoffman: "[OOPS] 2.5.70-bk15: SBP2 unmount"
Previous message: Bill Nottingham: "Re: Pentium M (Centrino) cpufreq device driver (please test me)"