Hi, Alexey
I'd like to give the psudo code to describe my proposed way to handle
the PMTU message for IPSec/IPv4. Welcome your comment!
1 add a new data field "u32 pmtu" to struct xfrm_state
When received "ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED" message, store mtu
to specific xfrm_state.pmtu
2 add a new data field " struct dst_entry *dst_xfrm" to struct sk_buff
to track the dst associated with transformation
When xfrm_lookup() return successfully, store dst to sk_buff.dst_xfrm
3 Propagate "ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED" message to the
originating host, the following modified code is to finish this task
static inline int dst_output(struct sk_buff *skb)
{
int err;
+ u32 mtu;
+ struct dst_entry *dst;
for (;;) {
+ if (skb->dst->xfrm)
+ mtu = skb->dst->xfrm->pmtu;
err = skb->dst->output(skb);
if (likely(err == 0))
return err;
if (unlikely(err != NET_XMIT_BYPASS))
return err;
+ if (mtu != 0 && mtu < skb->len){
+ if( (dst = __sk_dst_check(sdb->sk, 0)) == NULL){
+ if( !skb->dst_xfrm )
+ return err = ???;
+ dst = skb->dst_xfrm;
}
+ mtu = xfrm_get_mss(dst,mtu);
+ send "ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED" mtu
message to originating host;
}
}
}
4 remove the invocation to xfrm_get_mss() in function tcp_sync_mss();
Am I right? Welcome your advice!
Thanks,
Forrest
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
