On Mon, 2012-08-20 at 05:39 +0200, Patrick McHardy wrote: > IPv4 conntrack defragments incoming packet at the PRE_ROUTING hook and > (in case of forwarded packets) refragments them at POST_ROUTING > independant of the IP_DF flag. Refragmentation uses the dst_mtu() of > the local route without caring about the original fragment sizes, > thereby breaking PMTUD. > > This patch fixes this by keeping track of the largest received fragment > with IP_DF set and generates an ICMP fragmentation required error during > refragmentation if that size exceeds the MTU. > > Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx> > --- Acked-by: Eric Dumazet <edumazet@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
