lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 04 Dec 2012 22:04:13 +0100 From: Christopher Schramm <netdev@...kaweb.org> To: netdev@...r.kernel.org Subject: ip_rt_min_pmtu Hi, I'm looking into an interesting detail of the Linux IPv4 implementation I stumbled upon during a University course. In route.c there's a value ip_rt_min_pmtu, defined as 512 + 20 + 20, that tells Linux a minimum PMTU to use, even if e. g. an ICMP message tells it to set a smaller one. Of course, this is not a problem in real world, but not standard-compliant, since RFC 791 defines a minimum MTU of 68 for IPv4. So I wonder what's the reason for the restriction. I looked into it and found that it appeared in Linux 2.3.15 with the following ID in route.c: v 1.71 1999/08/20 11:05:58 davem While it was not present in Linux 2.3.14 with: v 1.69 1999/06/09 10:11:02 davem I couldn't find any related discussion or patch on the LKML around that dates, so I'm asking you for any hints to find out the reason for implementing this lower bound. What I've found on the LKML is a topic around February 15th, 2001, titled "MTU and 2.4.x kernel", where Alexey Kuznetsov points out that the handling of "DF on syn frames" is broken for MTUs smaller than 128 and "Preventing DoSes requires to block pmtu discovery at 576 or at least 552". Does anybody know the actual reason for the change in 2.3.15? I first thought it's the common misinterpretation that 576 would be the lower bound for MTUs in IPv4, but I wonder why it was put in place as a patch years after the IPv4 implementation was already done. There seems to have been some clear reason for it. I also wonder why it has never been removed up to today if it's really nothing more than a mistake. Would be great if someone could help me shed some light on this. Regards -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists