Preventing packet reassembly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi All,
I'm having some issues with my bridge reassembling fragmented packets, with disastrous results.
I have a simple bridge set up:
 
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
 
Simple enough. The MTU on each interface is 1500, and so is the MTU on the bridge itself.
I have the bridge connected something like this:
 
PC A----Switch A---eth0 (bridge) eth1---Switch B---PC B.
 
The Switches are adding VLAN headers and the like, but this seems to be irrelevant to the problem.
If i ping from PC A to PC B, all is OK. But, when I ping using a 1500-byte payload (or larger), the ping doesn't get through. Removing the linux bridge and just going switch-switch works OK.
 
Watching the ethernet ports on the bridge indicate that the ping is entering the bridge on eth0, but not coming out of eth1. A packet sniffer shows that the ping is being fragmented by PC A, and two packets enter eth0. I then increased the MTU on eth0, eth1 and br0 to 1600, to see if this was an MTU issue. I then see packets coming out of eth1, but my switch is dropping them, because they are oversized.
Connecting eth1 straight to a packet sniffer shows that when two packets enter eth0, the bridge is reassembling them into a single, larger packet, which it then either drops because it is larget than the MTU of eth1, or it passes a large packet (in this case, 1560 bytes or so). Obviously, this packet is then dropped by other equipment in the network, because it is too large for a proper ethernet packet.
 
I am seeing this behaviour with any IP packets, not just ICMP. The result is that anything which has a large-ish payload is being dropped after it leaves the bridge.
 
The question is, then: How do I stop the bridge from reassembling fragmented packets?
 
 
 
Regards,
             Leigh
 
Leigh Sharpe
Network Systems Engineer
Pacific Wireless
Ph +61 3 9584 8966
Mob 0408 009 502
Helpdesk 1300 300 616
email lsharpe@xxxxxxxxxxxxxxxxxxxxxx
web www.pacificwireless.com.au
 
_______________________________________________
Bridge mailing list
Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/bridge
[Index of Archives]     [Netdev]     [AoE Tools]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux