From patchwork Wed Feb 17 07:08:05 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffen Klassert X-Patchwork-Id: 8335101 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 2C0FBC02AA for ; Wed, 17 Feb 2016 07:31:00 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 3F30B20117 for ; Wed, 17 Feb 2016 07:30:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id E97D120108 for ; Wed, 17 Feb 2016 07:30:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756728AbcBQHa4 (ORCPT ); Wed, 17 Feb 2016 02:30:56 -0500 Received: from a.mx.secunet.com ([62.96.220.36]:36154 "EHLO a.mx.secunet.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756450AbcBQHay (ORCPT ); Wed, 17 Feb 2016 02:30:54 -0500 X-Greylist: delayed 1365 seconds by postgrey-1.27 at vger.kernel.org; Wed, 17 Feb 2016 02:30:54 EST Received: from localhost (alg1 [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 4CF241A04AE; Wed, 17 Feb 2016 08:08:08 +0100 (CET) X-Virus-Scanned: by secunet Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id YSxDGyDd_GEa; Wed, 17 Feb 2016 08:08:07 +0100 (CET) Received: from mail-essen-01.secunet.de (unknown [10.53.40.204]) by a.mx.secunet.com (Postfix) with ESMTP id 3BCD11A04AD; Wed, 17 Feb 2016 08:08:07 +0100 (CET) Received: from gauss.dd.secunet.de (10.182.7.102) by mail-essen-01.secunet.de (10.53.40.204) with Microsoft SMTP Server id 14.3.266.1; Wed, 17 Feb 2016 08:08:06 +0100 Received: by gauss.dd.secunet.de (Postfix, from userid 1000) id D8D085C0642; Wed, 17 Feb 2016 08:08:05 +0100 (CET) Date: Wed, 17 Feb 2016 08:08:05 +0100 From: Steffen Klassert To: Mark McKinstry CC: "linux-crypto@vger.kernel.org" , "alexander.h.duyck@redhat.com" , "herbert@gondor.apana.org.au" , "davem@davemloft.net" Subject: Re: [PATCH] vti6: Add pmtu handling to vti6_xmit. Message-ID: <20160217070805.GA316@gauss.secunet.com> References: <20150529182709.2147.78230.stgit@ahduyck-vm-fedora22> <56BA975D.2040706@alliedtelesis.co.nz> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <56BA975D.2040706@alliedtelesis.co.nz> User-Agent: Mutt/1.5.21 (2010-09-15) X-Originating-IP: [10.182.7.102] X-EXCLAIMER-MD-CONFIG: 2c86f778-e09b-4440-8b15-867914633a10 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On Wed, Feb 10, 2016 at 01:50:20AM +0000, Mark McKinstry wrote: > > > > So this version is slightly modified to cover the IPv4 case in addition to > > the IPv6 case. With this patch I was able to run netperf over either an > > IPv4 or IPv6 address routed over the ip6_vti tunnel. > We have the same issue. When we do a local ping to a remote device over > a v4 vti tunnel and an intermediate device has a low mtu, pmtu > discovery reduces the route's pmtu, and ping fails because it does not > handle the local error message generated by xfrm4_tunnel_check_size(). > Your patch fixes our issue for v6 vti tunnels, but the issue still > exists for v4 tunnels. Is there any particular reason this patch was > not delivered for v4 tunnels too - i.e. in vti_xmit()? I don't remember why we fixed it just for ipv6, we probably need a similar patch for ipv4. Does the patch below help (compile tested only)? Subject: [PATCH] vti: Add pmtu handling to vti_xmit. We currently rely on the PMTU discovery of xfrm. However if a packet is localy sent, the PMTU mechanism of xfrm tries to to local socket notification what might not work for applications like ping that don't check for this. So add pmtu handling to vti_xmit to report MTU changes immediately. Signed-off-by: Steffen Klassert --- net/ipv4/ip_vti.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c index 5cf10b7..6862305 100644 --- a/net/ipv4/ip_vti.c +++ b/net/ipv4/ip_vti.c @@ -156,6 +156,7 @@ static netdev_tx_t vti_xmit(struct sk_buff *skb, struct net_device *dev, struct dst_entry *dst = skb_dst(skb); struct net_device *tdev; /* Device to other host */ int err; + int mtu; if (!dst) { dev->stats.tx_carrier_errors++; @@ -196,6 +197,18 @@ static netdev_tx_t vti_xmit(struct sk_buff *skb, struct net_device *dev, skb_dst_set(skb, dst); skb->dev = skb_dst(skb)->dev; + mtu = dst_mtu(dst); + if (!skb->ignore_df && skb->len > mtu) { + skb_dst(skb)->ops->update_pmtu(dst, NULL, skb, mtu); + if (skb->protocol == htons(ETH_P_IP)) + icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, + htonl(mtu)); + else + icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu); + + return -EMSGSIZE; + } + err = dst_output(tunnel->net, skb->sk, skb); if (net_xmit_eval(err) == 0) err = skb->len;