[Netkit.users] Issue with vlan/mtu

Cedric Foll cedric.foll a laposte.net
Ven 23 Nov 2007 11:06:23 CET


> An ICMP "fragmentation needed" can only be sent by an L3 router who
> drops the packet becouse L3 fragmentation is not allowed and it can't
> fit on the next L2 link. Your bridge is definately not one of these.
> Instead, you have an L2 network in which on side (PC1) can't send frames
> to the other side (FW), even if the size of the frame is within the
> allowed limits, at least according to PC1. I don't know of any
> automatism at L2 level that should discover the right max frame size, so
> you are stuck.


> This was the theory, as I see it. Now, what can be done:
> - Making the "bridge" more intelligent" let's call it an L3 switch
> (anyway it was at least a switch already before). I suppose some of
> those boxes that are called L3 switches can throw back an ICMP
> fragmentation needed.

Yes but i don't want to do that.
I want to route on my FW box by a 801.1q link.

> - Reducing MTU on the PC1 side: seems to work
yes, same on pc2.

> - Increasing MTU on the other side: did you find out why it doesn't
> work? If frames are not going out, you can still easily debug the whole
> kernel of your bridge virtual machine. See later ..

Yes don't work.
Would be the best solution (ie ifconfig eth2 mtu 1504 on bridge and
ifconfig eth0 mtu 1504 on fw).

> Regarding the idea of some card drivers handling MTU wrong:
> We have seen something similar: we were adding our own protocol header,
> and from that point we had problems with some cards, but not with
> others. Unfortunately I did not manage to reproduce it on my  PCs, but
> my collegues traced it back to some card dependent kernel code at quite
> a low level.
> Finally, we have solved the issue not by fixing the driver code, but by
> fixing the reported header size of our protocol ...
> If you want to look at what is happening with your frames inside the
> kernel, you can debug the whole kernel with Netkit quite easily. Here is
> a tutorial:
> http://minerva.netgroup.uniroma2.it/discreet/wiki/kernel_debugging_UML

Great, thanks. I'll have a look.


Maggiori informazioni sulla lista Netkit.users