• Stefano Brivio's avatar
    ipv4: route: Ignore output interface in FIB lookup for PMTU route · df23bb18
    Stefano Brivio authored
    Currently, processes sending traffic to a local bridge with an
    encapsulation device as a port don't get ICMP errors if they exceed
    the PMTU of the encapsulated link.
    
    David Ahern suggested this as a hack, but it actually looks like
    the correct solution: when we update the PMTU for a given destination
    by means of updating or creating a route exception, the encapsulation
    might trigger this because of PMTU discovery happening either on the
    encapsulation device itself, or its lower layer. This happens on
    bridged encapsulations only.
    
    The output interface shouldn't matter, because we already have a
    valid destination. Drop the output interface restriction from the
    associated route lookup.
    
    For UDP tunnels, we will now have a route exception created for the
    encapsulation itself, with a MTU value reflecting its headroom, which
    allows a bridge forwarding IP packets originated locally to deliver
    errors back to the sending socket.
    
    The behaviour is now consistent with IPv6 and verified with selftests
    pmtu_ipv{4,6}_br_{geneve,vxlan}{4,6}_exception introduced later in
    this series.
    
    v2:
    - reset output interface only for bridge ports (David Ahern)
    - add and use netif_is_any_bridge_port() helper (David Ahern)
    Suggested-by: default avatarDavid Ahern <dsahern@gmail.com>
    Signed-off-by: default avatarStefano Brivio <sbrivio@redhat.com>
    Reviewed-by: default avatarDavid Ahern <dsahern@gmail.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    df23bb18
netdevice.h 157 KB