From owner-freebsd-net@FreeBSD.ORG Wed Sep 21 14:05:21 2005 Return-Path: X-Original-To: freebsd-net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2365616A41F for ; Wed, 21 Sep 2005 14:05:21 +0000 (GMT) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 16E2843D48 for ; Wed, 21 Sep 2005 14:05:19 +0000 (GMT) (envelope-from andre@freebsd.org) Received: (qmail 17064 invoked from network); 21 Sep 2005 13:39:16 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.53]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 21 Sep 2005 13:39:16 -0000 Message-ID: <4331689F.FF450404@freebsd.org> Date: Wed, 21 Sep 2005 16:05:19 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Robert Watson References: <20050918212110.61962.qmail@web54501.mail.yahoo.com> <20050920134408.Y34322@fledge.watson.org> <43313924.9050009@wm-access.no> <20050921114511.D34322@fledge.watson.org> <4331539D.9030204@wm-access.no> <20050921134029.M34322@fledge.watson.org> <43315E6F.1020003@wm-access.no> <20050921142903.J34322@fledge.watson.org> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: freebsd-net@FreeBSD.org, Sten Daniel =?iso-8859-1?Q?S=F8rsdal?= Subject: Re: UDP dont fragment bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Sep 2005 14:05:21 -0000 Robert Watson wrote: > > On Wed, 21 Sep 2005, Sten Daniel Sørsdal wrote: > > > Your assumption is that you can rely on routers in your path to inform > > you that you that your packet size is causing fragments. > > > > Consider a client connected to an isp's network(1). The isp drops all > > ICMP packets. That network is then connected to a third network(2) which > > has a data path that has an MTU of 1400 bytes but also mangles tcp mss > > to 1360, udp packets must get fragmented. On server size the firewall > > must reassemble all udp fragments before passing them on to server. > > > > I hope my pseudo-code works for you, the example is over simplified. > > With DF set: > > While the below is perfectly valid and useful and should be easy to > implement with andre's proposed change, would you prefer an interface that > allowed you to query the TCP connection and ask it what pathwise MTU it > had already probed for the route? The kernel host cache already maintains > a number of paramaters associated with built TCP connections to a host, > such as the probed PMTU, estimated RTT and variance, estimated bandwidth, > congestion window, and so on. While it wouldn't necessarily replace logic > to reprobe connection conditions, it seems as though if you're going to go > to the trouble of building a separate control TCP connection, you might as > well benefit from what it finds. > > You can find a list of current host cache properties in > src/sys/netinet/tcp_hostcache.c, struct hc_metrics. The tcp hostcache only gets updated when a TCP connection closes. BTW: I have written the socket option to enable IP_DF on UDP packets. It is at least useful to get notified when the packet is larger than the local interface MTU. All functionality on top of this is left to the application programmer. -- Andre