| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Sep 2023 15:04:44 +0000
From: "Zekri, Ishay" <Ishay.Zekri@...l.com>
To: Jakub Kicinski <kuba@...nel.org>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"edumazet@...gle.com"
<edumazet@...gle.com>
Subject: RE: MCVLAN device do not honor smaller mtu than physical device
Hi,
I upgraded my kernel to version 5.14,
but still, I see the same issue in which the MCVLAN device do not honor smaller MTU than the physical device.
My setup includes 2 physical nics connected back to back.
When configuring IP addresses on top of the physical nics,
ping with DF bit set is not working when the message size is larger than MTU,
but when configuring IP address on top of MACVLAN device ping with DF bit set works even if the MACVLAN MTU is lower than message size.
Note:
MACVLAN device is created on top of the physical interface.
Any idea what is the root cause for that?
Please let me know if further information is required.
Thanks,
Ishay.
Internal Use - Confidential
-----Original Message-----
From: Zekri, Ishay
Sent: Tuesday, July 18, 2023 12:02 PM
To: Jakub Kicinski
Cc: netdev@...r.kernel.org; edumazet@...gle.com; Panina, Alexandra; Barcinski, Bartosz
Subject: RE: MCVLAN device do not honor smaller mtu than physical device
I gave this post as an example to the issue we are seeing.
We tried to ping from host outside of the server.
Internal Use - Confidential
-----Original Message-----
From: Jakub Kicinski <kuba@...nel.org>
Sent: Thursday, July 13, 2023 3:24 AM
To: Zekri, Ishay
Cc: netdev@...r.kernel.org; edumazet@...gle.com; Panina, Alexandra; Barcinski, Bartosz
Subject: Re: MCVLAN device do not honor smaller mtu than physical device
[EXTERNAL EMAIL]
On Wed, 12 Jul 2023 09:06:20 +0000 Zekri, Ishay wrote:
> Hi,
>
> We experiencing an issue in which MACVLAN MTU does not limit the frame
> size, i.e. the limitation is coming from the physical device MTU.
> Kernel version: 5.3.18
>
> As described in the case below:
> https://urldefense.com/v3/__https://unix.stackexchange.com/questions/7
> 08638/macvlan-device-do-not-honor-smaller-mtu-than-physical-device__;!
> !LpKI!iFTSU67fNksfVLQ4yxAk3ggSMZPw-qM4PlkTINcLKkuCbWWhnSYQV3YxsBjFDTc1
> hIIiWqVFlWFH$ [unix[.]stackexchange[.]com]
>
> it seems like this issue might have a fix.
>
> If there was a known kernel issue that was fixed, I really apricate if you can provide to me the commit in which it was fixed.
In the post above you seem to be pinging the local IP address.
129: K9AT9i1G2x@...6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether ba:c7:36:3f:9a:76 brd ff:ff:ff:ff:ff:ff
inet 192.168.15.40/21 scope global K9AT9i1G2x
^^^^^^^^^^^^^
# ping -c 3 -M do -s 8972 192.168.15.40
^^^^^^^^^^^^^
Local traffic gets routed thru the loopback interface which has the default MTU of 64k. Did you try to ping something outside of the host?
Powered by blists - more mailing lists