From owner-cvs-src@FreeBSD.ORG  Wed Oct 25 18:11:52 2006
Return-Path: <owner-cvs-src@FreeBSD.ORG>
X-Original-To: cvs-src@freebsd.org
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E0F3B16A47B
	for <cvs-src@freebsd.org>; Wed, 25 Oct 2006 18:11:52 +0000 (UTC)
	(envelope-from thompsa@freebsd.org)
Received: from grunt14.ihug.co.nz (grunt14.ihug.co.nz [203.109.254.61])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CCD2143DA1
	for <cvs-src@freebsd.org>; Wed, 25 Oct 2006 18:10:19 +0000 (GMT)
	(envelope-from thompsa@freebsd.org)
Received: from 203-109-251-39.static.bliink.ihug.co.nz (heff.fud.org.nz)
	[203.109.251.39] 
	by grunt14.ihug.co.nz with esmtp (Exim 3.35 #1 (Debian))
	id 1GcnCk-0004Lx-00; Thu, 26 Oct 2006 07:10:18 +1300
Received: by heff.fud.org.nz (Postfix, from userid 1001)
	id A25821CC23; Thu, 26 Oct 2006 07:10:17 +1300 (NZDT)
Date: Thu, 26 Oct 2006 07:10:17 +1300
From: Andrew Thompson <thompsa@freebsd.org>
To: Darren Reed <darrenr@hub.freebsd.org>
Message-ID: <20061025181017.GA62176@heff.fud.org.nz>
References: <200604290537.k3T5bPXC071830@repoman.freebsd.org>
	<20061025175302.GB94866@hub.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20061025175302.GB94866@hub.freebsd.org>
User-Agent: Mutt/1.5.11
Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/net if_bridge.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2006 18:11:53 -0000

On Wed, Oct 25, 2006 at 05:53:02PM +0000, Darren Reed wrote:
> On Sat, Apr 29, 2006 at 05:37:25AM +0000, Andrew Thompson wrote:
> > thompsa     2006-04-29 05:37:25 UTC
> > 
> >   FreeBSD src repository
> > 
> >   Modified files:
> >     sys/net              if_bridge.c 
> >   Log:
> >   Add support for fragmenting ipv4 packets.
> >   
> >   The packet filter may reassemble the ip fragments and return a packet that is
> >   larger than the MTU of the sending interface. There is no check for DF or icmp
> >   replies as we can only get a large packet to fragment by reassembling a
> >   previous fragment, and this only happens after a call to pfil(9).
> 
> I'm a long time in catching up with this change, but architecturally,
> this change is very very wrong.
> 
> A bridge should have _no_ part in fragmenting up an IP packet
> regardless of what options are set (or not set) in an IP header.

Its not really the bridge that is fragmenting packets. The packet filter
may reassemble fragments and return a packet larger than we can send,
the fragmenting is done in the layer between bridge<->pfil. As long as
we may be returned a large packet this is unavoidable.

I agree that a bridge should not have anything to do with IP, and
technically it isn't.

Andrew