Hello all,
I have a specific issue related to SCTP and MTU size and I'm not sure how it should be solved correctly.
I have this setup
Host A <---> router <---ipsec-tunnel---> router B <----> Host B
Host A is my Linux machine and has a default MTU of 1500
the IPsec tunnel reduces the MTU to a lower value (1476 or something like that)
Router-B and Host B are devices we do not control
Our software sets the MTU in Host a to reflect the maximum transmission size in the following way
1. We set the maximum transmission unit to 1412 which is a safe max value (configurable)
int _mtu = 1412;
struct sctp_paddrparams params;
socklen_t len = sizeof(params);
memset((void *)¶ms,0x00, sizeof(struct sctp_paddrparams));
if(getsockopt(_sock, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, ¶ms, &len) == 0)
{
params.spp_pathmtu = _mtu;
if(setsockopt(_sock, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, ¶ms, len) == 0)
{
/* success */
if(getsockopt(_sock, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, ¶ms, &len) == 0)
{
_mtu = params.spp_pathmtu;
}
}
}
2. We enable Path Discovery
struct sctp_paddrparams params;
socklen_t len = sizeof(params);
memset((void *)¶ms,0x00, sizeof(struct sctp_paddrparams));
if(getsockopt(_sock, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, ¶ms, &len) == 0)
{
params.spp_flags |= SPP_PMTUD_ENABLE;
params.spp_flags &= ~SPP_PMTUD_DISABLE;
if(setsockopt(_sock, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, ¶ms, len) == 0)
{
/* success */
_pathMtuDiscovery = 1;
}
}
The result is that we never seem to send any oversize packages outbound.
The problem is that the remote host doesn't get to know the MTU limitation and if big replies are being sent, the link gets killed after retries of the too big packets fail.
Is there something like tcp's mss which gets sent over to tell the other side that it should send something smaller?
What is the recommended way to avoid this issue?
The other side is a ZTE mobile switch and the partner has no way of controlling the MTU (or they have no clue).
So we can only control the Host A and Router A side.
