• Alexey Kodanev's avatar
    ip6_vti: adjust vti mtu according to mtu of lower device · 2fe832c6
    Alexey Kodanev authored
    
    [ Upstream commit 53c81e95 ]
    
    LTP/udp6_ipsec_vti tests fail when sending large UDP datagrams over
    ip6_vti that require fragmentation and the underlying device has an
    MTU smaller than 1500 plus some extra space for headers. This happens
    because ip6_vti, by default, sets MTU to ETH_DATA_LEN and not updating
    it depending on a destination address or link parameter. Further
    attempts to send UDP packets may succeed because pmtu gets updated on
    ICMPV6_PKT_TOOBIG in vti6_err().
    
    In case the lower device has larger MTU size, e.g. 9000, ip6_vti works
    but not using the possible maximum size, output packets have 1500 limit.
    
    The above cases require manual MTU setup after ip6_vti creation. However
    ip_vti already updates MTU based on lower device with ip_tunnel_bind_dev().
    
    Here is the example when the lower device MTU is set to 9000:
    
      # ip a sh ltp_ns_veth2
          ltp_ns_veth2@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 ...
            inet 10.0.0.2/24 scope global ltp_ns_veth2
            inet6 fd00::2/64 scope global
    
      # ip li add vti6 type vti6 local fd00::2 remote fd00::1
      # ip li show vti6
          vti6@NONE: <POINTOPOINT,NOARP> mtu 1500 ...
            link/tunnel6 fd00::2 peer fd00::1
    
    After the patch:
      # ip li add vti6 type vti6 local fd00::2 remote fd00::1
      # ip li show vti6
          vti6@NONE: <POINTOPOINT,NOARP> mtu 8832 ...
            link/tunnel6 fd00::2 peer fd00::1
    Reported-by: default avatarPetr Vorel <pvorel@suse.cz>
    Signed-off-by: default avatarAlexey Kodanev <alexey.kodanev@oracle.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    Signed-off-by: default avatarSasha Levin <alexander.levin@microsoft.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    2fe832c6
ip6_vti.c 28.4 KB