From d5b56bbba56480b5565ffb38496175a7c1df60ac Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Mon, 9 Mar 2009 13:48:54 +0100 Subject: [PATCH] Disable PMTUDiscovery in switch and hub modes. In switch and hub modes, tinc does not generate ICMP packets in response to packets that are larger than the path MTU. However, if PMTUDiscovery is enabled, the IP_MTU_DISCOVER and IPV6_MTU_DISCOVER option is set on the UDP sockets, which causes all UDP packets to be sent with the DF bit set, causing large packets to be dropped, even if they would otherwise be routed fine. --- src/net_setup.c | 7 ++++--- src/net_socket.c | 20 ++++++-------------- src/protocol_auth.c | 6 +++++- 3 files changed, 15 insertions(+), 18 deletions(-) diff --git a/src/net_setup.c b/src/net_setup.c index 70992f6b..256fdf78 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -286,9 +286,6 @@ bool setup_myself(void) if(get_config_bool(lookup_config(myself->connection->config_tree, "TCPOnly"), &choice) && choice) myself->options |= OPTION_TCPONLY; - if(!get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) || choice) - myself->options |= OPTION_PMTU_DISCOVERY; - if(myself->options & OPTION_TCPONLY) myself->options |= OPTION_INDIRECT; @@ -309,6 +306,10 @@ bool setup_myself(void) } else routing_mode = RMODE_ROUTER; + if(routing_mode == RMODE_ROUTER) + if(!get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) || choice) + myself->options |= OPTION_PMTU_DISCOVERY; + get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance); #if !defined(SOL_IP) || !defined(IP_TOS) diff --git a/src/net_socket.c b/src/net_socket.c index 8a7a617c..82213e91 100644 --- a/src/net_socket.c +++ b/src/net_socket.c @@ -193,24 +193,16 @@ int setup_vpn_in_socket(const sockaddr_t *sa) #endif #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO) - { - bool choice; - - if(!get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) || choice) { - option = IP_PMTUDISC_DO; - setsockopt(nfd, SOL_IP, IP_MTU_DISCOVER, &option, sizeof(option)); - } + if(myself->options & OPTION_PMTU_DISCOVERY) { + option = IP_PMTUDISC_DO; + setsockopt(nfd, SOL_IP, IP_MTU_DISCOVER, &option, sizeof(option)); } #endif #if defined(SOL_IPV6) && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO) - { - bool choice; - - if(!get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) || choice) { - option = IPV6_PMTUDISC_DO; - setsockopt(nfd, SOL_IPV6, IPV6_MTU_DISCOVER, &option, sizeof(option)); - } + if(myself->options & OPTION_PMTU_DISCOVERY) { + option = IPV6_PMTUDISC_DO; + setsockopt(nfd, SOL_IPV6, IPV6_MTU_DISCOVER, &option, sizeof(option)); } #endif diff --git a/src/protocol_auth.c b/src/protocol_auth.c index af8efd14..5e453600 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -483,7 +483,7 @@ bool send_ack(connection_t *c) if((get_config_bool(lookup_config(c->config_tree, "TCPOnly"), &choice) && choice) || myself->options & OPTION_TCPONLY) c->options |= OPTION_TCPONLY | OPTION_INDIRECT; - if((!get_config_bool(lookup_config(c->config_tree, "PMTUDiscovery"), &choice) || choice) && (myself->options & OPTION_PMTU_DISCOVERY)) + if(myself->options & OPTION_PMTU_DISCOVERY) c->options |= OPTION_PMTU_DISCOVERY; get_config_int(lookup_config(c->config_tree, "Weight"), &c->estimated_weight); @@ -561,6 +561,10 @@ bool ack_h(connection_t *c) n->connection = c; c->node = n; + if(!(c->options & options & OPTION_PMTU_DISCOVERY)) { + c->options &= ~OPTION_PMTU_DISCOVERY; + options &= ~OPTION_PMTU_DISCOVERY; + } c->options |= options; if(get_config_int(lookup_config(c->config_tree, "PMTU"), &mtu) && mtu < n->mtu) -- 2.39.5