On Saturday 2012-06-16 15:18, Florian Westphal wrote: >Jan Engelhardt <jengelh@xxxxxxx> wrote: >> On Friday 2012-06-15 14:51, Hans Schillstrom wrote: >> > >> Here's another point I remember why we forced IP_DF: we want to keep >> the packet as-is. The receiver of the cloned packet (often a logger) >> has no way of autonomously knowing whether the packet was already >> fragmented originally as it came into the cloner, or whether >> fragmentation is a doing of the cloner. > >Except that, if the path mtu was too low, it doesn't even >receive that packet. If the sender does PMTUD, that might be ok >since future packets will be reduced in size. > >But if the sender doesn't do PMTUD (and 'DF not set' indicates that) >your 'clone receiver' will never get any data at all... Good thing IPv4 is being phased out ;-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
