summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHannes Frederic Sowa <hannes@stressinduktion.org>2013-12-14 05:13:45 +0100
committerDavid S. Miller <davem@davemloft.net>2013-12-18 16:58:20 -0500
commitcd174e67a6b312fce9bab502ba2b0583e11f537f (patch)
tree992dc562f0562abdf9d549c1d06725f001270570
parent974eda11c54290a1be8f8b155edae7d791e5ce57 (diff)
ipv4: new ip_no_pmtu_disc mode to always discard incoming frag needed msgs
This new mode discards all incoming fragmentation-needed notifications as I guess was originally intended with this knob. To not break backward compatibility too much, I only added a special case for mode 2 in the receiving path. Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--Documentation/networking/ip-sysctl.txt10
-rw-r--r--net/ipv4/icmp.c4
2 files changed, 11 insertions, 3 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index f76d177895d9..d71afa8bd828 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -15,12 +15,18 @@ ip_default_ttl - INTEGER
forwarded) IP packets. Should be between 1 and 255 inclusive.
Default: 64 (as recommended by RFC1700)
-ip_no_pmtu_disc - BOOLEAN
- Disable Path MTU Discovery. If enabled and a
+ip_no_pmtu_disc - INTEGER
+ Disable Path MTU Discovery. If enabled in mode 1 and a
fragmentation-required ICMP is received, the PMTU to this
destination will be set to min_pmtu (see below). You will need
to raise min_pmtu to the smallest interface MTU on your system
manually if you want to avoid locally generated fragments.
+
+ In mode 2 incoming Path MTU Discovery messages will be
+ discarded. Outgoing frames are handled the same as in mode 1,
+ implicitly setting IP_PMTUDISC_DONT on every created socket.
+
+ Possible values: 0-2
Default: FALSE
min_pmtu - INTEGER
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 1a4ee84ca3f3..fb3c5637199d 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -705,7 +705,9 @@ static void icmp_unreach(struct sk_buff *skb)
case ICMP_PORT_UNREACH:
break;
case ICMP_FRAG_NEEDED:
- if (net->ipv4.sysctl_ip_no_pmtu_disc) {
+ if (net->ipv4.sysctl_ip_no_pmtu_disc == 2) {
+ goto out;
+ } else if (net->ipv4.sysctl_ip_no_pmtu_disc) {
LIMIT_NETDEBUG(KERN_INFO pr_fmt("%pI4: fragmentation needed and DF set\n"),
&iph->daddr);
} else {