lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 25 Apr 2012 07:32:40 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Maciej Żenczykowski <maze@...gle.com>
Cc:	Tore Anderson <tore@....no>, David Miller <davem@...emloft.net>,
	netdev <netdev@...r.kernel.org>,
	Tom Herbert <therbert@...gle.com>
Subject: Re: [PATCH net-next] ipv6: RTAX_FEATURE_ALLFRAG causes inefficient
 TCP segment sizing

On Tue, 2012-04-24 at 14:50 -0700, Maciej Żenczykowski wrote:
> On Tue, Apr 24, 2012 at 1:10 PM, Eric Dumazet <eric.dumazet@...il.com> wrote:
> > On Tue, 2012-04-24 at 12:49 -0700, Maciej Żenczykowski wrote:
> >> Why do we refuse to set ipv6 mtu's below 1280?
> >> how is what we do any better?
> >
> > I guess you didnt read Tore use case.
> >
> > Thats the standard : http://tools.ietf.org/html/rfc2460#section-5
> >
> >   In response to an IPv6 packet that is sent to an IPv4 destination
> >   (i.e., a packet that undergoes translation from IPv6 to IPv4), the
> >   originating IPv6 node may receive an ICMP Packet Too Big message
> >   reporting a Next-Hop MTU less than 1280.  In that case, the IPv6 node
> >   is not required to reduce the size of subsequent packets to less than
> 
> ... is not required to reduce...
> 
> but doesn't that mean it _may_ reduce anyway?
> and thus make life easier on the guy who will have to fragment (and
> thus he won't have to fragment).
> 
> [of course you'd still need to lose 8 bytes for the frag header...]
> 
> >   1280, but must include a Fragment header in those packets so that the
> >   IPv6-to-IPv4 translating router can obtain a suitable Identification
> >   value to use in resulting IPv4 fragments.  Note that this means the
> >   payload may have to be reduced to 1232 octets (1280 minus 40 for the
> >   IPv6 header and 8 for the Fragment header), and smaller still if
> >   additional extension headers are used.
> 
> I just don't see what not decreasing mtu below 1280 buys us.

But we chose to _not_ decrease mtu and adhere to the specs.

Current linux chose to implement the allfragfeature, so match RFC 2460
specs.

If you want to reduce size of subsequent packets, its a lot more work in
linux stack, for small gain, if any.

We only need to properly generate the fragment header, that means
reducing the _payload_ by 8 bytes. Not reducing the _mtu_ that still is
1280, as allowed.

IPv6 must cohabit with IPv4 for the next years, there is no hope
thinking it can ignore tunnelings issues, since tunneling is part of the
global IPv6 transition that is currently happening.



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ