Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.

[bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Thomas Jarosch <hidden> · 2014-11-29
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Herbert Xu <herbert@gondor.apana.org.au> · 2014-12-01
Re: Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Thomas Jarosch <hidden> · 2014-12-01
tcp: Do not apply TSO segment limit to non-TSO packets · Herbert Xu <herbert@gondor.apana.org.au> · 2014-12-31
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Herbert Xu <herbert@gondor.apana.org.au> · 2014-12-31
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Eric Dumazet <hidden> · 2015-01-02
Re: tcp: Do not apply TSO segment limit to non-TSO packets · David Miller <davem@davemloft.net> · 2015-01-02
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Herbert Xu <herbert@gondor.apana.org.au> · 2015-01-02
Re: tcp: Do not apply TSO segment limit to non-TSO packets · David Miller <davem@davemloft.net> · 2015-01-02
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Herbert Xu <herbert@gondor.apana.org.au> · 2015-01-02
Re: tcp: Do not apply TSO segment limit to non-TSO packets · David Miller <davem@davemloft.net> · 2015-01-02
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Thomas Jarosch <hidden> · 2015-01-16
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Herbert Xu <herbert@gondor.apana.org.au> · 2015-01-16
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Thomas Jarosch <hidden> · 2015-01-16
Re: tcp: Do not apply TSO segment limit to non-TSO packets · Thomas Jarosch <hidden> · 2015-01-19
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Wolfgang Walter <hidden> · 2014-12-01
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Wolfgang Walter <hidden> · 2014-12-01
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Wolfgang Walter <hidden> · 2014-12-05
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Eric Dumazet <hidden> · 2014-12-05
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Wolfgang Walter <hidden> · 2014-12-08
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3.12+ · Thomas Jarosch <hidden> · 2014-12-09
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Eric Dumazet <hidden> · 2014-12-09
Re: Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Thomas Jarosch <hidden> · 2014-12-09
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-09
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Eric Dumazet <hidden> · 2014-12-09
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-10
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Eric Dumazet <hidden> · 2014-12-10
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-11
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-12
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Eric Dumazet <hidden> · 2014-12-12
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-12
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Thomas Jarosch <hidden> · 2014-12-12
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Eric Dumazet <hidden> · 2014-12-12
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-12
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Eric Dumazet <hidden> · 2014-12-13
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-13
Re: [bisected] xfrm: TCP connection initiating PMTU discovery stalls on v3. · Wolfgang Walter <hidden> · 2014-12-15

From: Wolfgang Walter <hidden>
Date: 2014-12-12 20:31:44

Am Freitag, 12. Dezember 2014, 09:27:05 schrieb Eric Dumazet:

On Fri, 2014-12-12 at 17:58 +0100, Wolfgang Walter wrote:

quoted

This fixes hangs of local tcp connections over ipsec tunnels where
pmtu is lower than the mtu of the interface.

Again this is a work around, the one liner patch is not a clean patch.

Something is wrong, we should fix GSO path instead.

Why ? Because we can queue a GSO packet in a qdisc, then later call
sk_setup_caps() (too late)

Hmm. Do you think that sk_setup_caps should not disable GSO later at all? Or 
only that it should not influence already queued packets?

In the case of an ipsec tunnel GSO gets disabled later (for tcp connections) 
because dst->header_len() is zero at first and non-zero later. tcp connections 
initiated not to long afterwards start with GSO disabled from the beginning.


dst->header_len() being non zero for ipsec tunnels seems to be the case with 
or without an adjustment via PMTU. It seems that routing only does not know it 
from the beginning on (for incomimg connections) :-).

Why does a non zero dst->header_len() disable GSO? Is it just an optimization 
or does GSO not work in that case? If dst->header_len() being non zero signals 
that ipsec tunnel mode can't handle GSO at all then the problem would not lay 
in the gso path.


There is one thing which indicates that there is also a problen in the GSO 
path, though. As my tests demonstrated disabling GSO on the physical interface 
serving the ipsec tunnel does not prevent the hangs. It does, though, if sk-

sk_gso_max_segs = 1 in sk_setup_caps() if sk_can_gso(sk) returns false. This

was the first variation of the patch where sk->sk_gso_max_segs was not set if 
dst->header_len() is non zero.


Concering qdisc: an ipsec tunnel doesn't have a "tunnel-device" so it does not 
have qdisc? The ipsec tunnel transforms packets and the results are (in case 
of ipsec esp tunnel) esp packets which cannot be resgmented. Only these 
transformed packets are finally queued to a qdisc of a network device then.


Regards,
-- 
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help