On Thu, May 11, 2017 at 9:44 PM, Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx> wrote: > On Thu, 11 May 2017 21:10:11 +0200 > Fredrik Markström <fredrik.markstrom@xxxxxxxxx> wrote: > >> On Thu, May 11, 2017 at 6:01 PM, Stephen Hemminger >> <stephen@xxxxxxxxxxxxxxxxxx> wrote: >> > On Thu, 11 May 2017 15:46:27 +0200 >> > Fredrik Markstrom <fredrik.markstrom@xxxxxxxxx> wrote: >> > >> >> From: Fredrik Markström <fredrik.markstrom@xxxxxxxxx> >> >> >> >> is_skb_forwardable() currently checks if the packet size is <= mtu of >> >> the receiving interface. This is not consistent with most of the hardware >> >> ethernet drivers that happily receives packets larger then MTU. >> > >> > Wrong. >> >> What is "Wrong" ? I was initially skeptical to implement this patch, >> since it feels odd to have different MTU:s set on the two sides of a >> link. After consulting some IP people and the RFC:s I kind of changed >> my mind and thought I'd give it a shot. In the RFCs I couldn't find >> anything that defined when and when not a received packet should be >> dropped. >> >> > >> > Hardware interfaces are free to drop any packet greater than MTU (actually MTU + VLAN). >> > The actual limit is a function of the hardware. Some hardware can only limit by >> > power of 2; some can only limit frames larger than 1500; some have no limiting at all. >> >> Agreed. The purpose of these patches is to be able to configure an >> veth interface to mimic these different behaviors. Non of the Ethernet >> interfaces I have access to drops packets due to them being larger >> then the configured MTU like veth does. >> >> Being able to mimic real Ethernet hardware is useful when >> consolidating hardware using containers/namespaces. >> >> In a reply to a comment from David Miller in my previous version of >> the patch I attached the example below to demonstrate the case in >> detail. >> >> This works with all ethernet hardware setups I have access to: >> > > Why not just use an iptables rule to enforce what ever semantic you > want? > I think that would be ok, but I can't find anything but TCPMSS but that's only for TCP. /Fredrik
