ipv4: new ip_no_pmtu_disc mode to always discard incoming frag needed msgs
This new mode discards all incoming fragmentation-needed notifications as I guess was originally intended with this knob. To not break backward compatibility too much, I only added a special case for mode 2 in the receiving path. Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
974eda11c5
commit
cd174e67a6
|
@ -15,12 +15,18 @@ ip_default_ttl - INTEGER
|
|||
forwarded) IP packets. Should be between 1 and 255 inclusive.
|
||||
Default: 64 (as recommended by RFC1700)
|
||||
|
||||
ip_no_pmtu_disc - BOOLEAN
|
||||
Disable Path MTU Discovery. If enabled and a
|
||||
ip_no_pmtu_disc - INTEGER
|
||||
Disable Path MTU Discovery. If enabled in mode 1 and a
|
||||
fragmentation-required ICMP is received, the PMTU to this
|
||||
destination will be set to min_pmtu (see below). You will need
|
||||
to raise min_pmtu to the smallest interface MTU on your system
|
||||
manually if you want to avoid locally generated fragments.
|
||||
|
||||
In mode 2 incoming Path MTU Discovery messages will be
|
||||
discarded. Outgoing frames are handled the same as in mode 1,
|
||||
implicitly setting IP_PMTUDISC_DONT on every created socket.
|
||||
|
||||
Possible values: 0-2
|
||||
Default: FALSE
|
||||
|
||||
min_pmtu - INTEGER
|
||||
|
|
|
@ -705,7 +705,9 @@ static void icmp_unreach(struct sk_buff *skb)
|
|||
case ICMP_PORT_UNREACH:
|
||||
break;
|
||||
case ICMP_FRAG_NEEDED:
|
||||
if (net->ipv4.sysctl_ip_no_pmtu_disc) {
|
||||
if (net->ipv4.sysctl_ip_no_pmtu_disc == 2) {
|
||||
goto out;
|
||||
} else if (net->ipv4.sysctl_ip_no_pmtu_disc) {
|
||||
LIMIT_NETDEBUG(KERN_INFO pr_fmt("%pI4: fragmentation needed and DF set\n"),
|
||||
&iph->daddr);
|
||||
} else {
|
||||
|
|
Loading…
Reference in New Issue