lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Thu,  7 May 2020 12:32:28 +0200
From:   Michael Braun <>
Cc:     Michael Braun <>,
        Li RongQing <>
Subject: [PATCH] bridge: increase mtu to 64K

A linux bridge always adopts the smallest MTU of the enslaved devices.
When no device are enslaved, it defaults to a MTU of 1500 and refuses to
use a larger one. This is problematic when using bridges enslaving only
virtual NICs (vnetX) like it's common with KVM guests.

Steps to reproduce the problem

1) sudo ip link add br-test0 type bridge # create an empty bridge
2) sudo ip link set br-test0 mtu 9000 # attempt to set MTU > 1500
3) ip link show dev br-test0 # confirm MTU

Here, 2) returns "RTNETLINK answers: Invalid argument". One (cumbersome)
way around this is:

4) sudo modprobe dummy
5) sudo ip link set dummy0 mtu 9000 master br-test0

Then the bridge's MTU can be changed from anywhere to 9000.

This is especially annoying for the virtualization case because the
KVM's tap driver will by default adopt the bridge's MTU on startup
making it impossible (without the workaround) to use a large MTU on the
guest VMs.

Signed-off-by: Michael Braun <>
Reported-by: Li RongQing <>

If found
but I am missing any follow up. So here comes a refresh patch that
addresses the issue raised.
 net/bridge/br_if.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
index 4fe30b182ee7..f14e7d2329bd 100644
--- a/net/bridge/br_if.c
+++ b/net/bridge/br_if.c
@@ -496,7 +496,7 @@ static int br_mtu_min(const struct net_bridge *br)
 		if (!ret_mtu || ret_mtu > p->dev->mtu)
 			ret_mtu = p->dev->mtu;
-	return ret_mtu ? ret_mtu : ETH_DATA_LEN;
+	return ret_mtu ? ret_mtu : (64 * 1024);
 void br_mtu_auto_adjust(struct net_bridge *br)

Powered by blists - more mailing lists