diff options
author | Patrick McHardy <kaber@trash.net> | 2012-08-26 19:13:55 +0200 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2012-08-26 19:13:55 +0200 |
commit | 5f2d04f1f9b52604fca6ee08a77972c0df67e082 (patch) | |
tree | f4caa0aa602f6044f1fc20c6dfa89527183803d1 /include/net/inet_frag.h | |
parent | 0fa7fa98dbcc2789409ed24e885485e645803d7f (diff) | |
download | op-kernel-dev-5f2d04f1f9b52604fca6ee08a77972c0df67e082.zip op-kernel-dev-5f2d04f1f9b52604fca6ee08a77972c0df67e082.tar.gz |
ipv4: fix path MTU discovery with connection tracking
IPv4 conntrack defragments incoming packet at the PRE_ROUTING hook and
(in case of forwarded packets) refragments them at POST_ROUTING
independent of the IP_DF flag. Refragmentation uses the dst_mtu() of
the local route without caring about the original fragment sizes,
thereby breaking PMTUD.
This patch fixes this by keeping track of the largest received fragment
with IP_DF set and generates an ICMP fragmentation required error during
refragmentation if that size exceeds the MTU.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/inet_frag.h')
-rw-r--r-- | include/net/inet_frag.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/net/inet_frag.h b/include/net/inet_frag.h index 2431cf8..5098ee7 100644 --- a/include/net/inet_frag.h +++ b/include/net/inet_frag.h @@ -29,6 +29,8 @@ struct inet_frag_queue { #define INET_FRAG_COMPLETE 4 #define INET_FRAG_FIRST_IN 2 #define INET_FRAG_LAST_IN 1 + + u16 max_size; }; #define INETFRAGS_HASHSZ 64 |