lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230508092548.5fc8f078@hermes.local>
Date: Mon, 8 May 2023 09:25:48 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: "Michael S. Tsirkin" <mst@...hat.com>
Cc: Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, huangml@...ur.tech,
 zy@...ur.tech, Jason Wang <jasowang@...hat.com>, "David S. Miller"
 <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski
 <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, "open list:VIRTIO CORE
 AND NET DRIVERS" <virtualization@...ts.linux-foundation.org>, "open
 list:NETWORKING DRIVERS" <netdev@...r.kernel.org>, open list
 <linux-kernel@...r.kernel.org>, Hao Chen <chenh@...ur.tech>,
 hengqi@...ux.alibaba.com
Subject: Re: [PATCH] virtio_net: set default mtu to 1500 when 'Device
 maximum MTU' bigger than 1500

On Mon, 8 May 2023 06:30:07 -0400
"Michael S. Tsirkin" <mst@...hat.com> wrote:

> > > > I don't know, in any scenario, when the hardware supports a large mtu, but we do
> > > > not want the user to use it by default.  
> > >
> > > When other devices on the same LAN have mtu set to 1500 and
> > > won't accept bigger packets.  
> > 
> > So, that depends on pmtu/tcp-probe-mtu.
> > 
> > If the os without pmtu/tcp-probe-mtu has a bigger mtu, then it's big packet
> > will lost.
> > 
> > Thanks.
> >   
> 
> pmtu is designed for routing. LAN is supposed to be configured with
> a consistent MTU.

Virtio is often used with bridging or macvlan which can't support PMTU.
PMTU only works when forwarding at layer 3 (ie routing) where there is
a IP address to send the ICMP response. If doing L2 forwarding, the
only thin the bridge can do is drop the packet.

TCP cab recover but detecting an MTU blackhole requires retransmissions.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ