Opened 5 years ago

Closed 5 years ago

Last modified 4 years ago

#12737 closed defect (wontfix)

3.3.8 Linux kernel does not update discovered PMTU after its expiry

Reported by: linus.luessing@… Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: kernel Version: Trunk
Keywords: pmtu, expiry, timer, batman-adv, fragmentation, batman-adv, packet-loss, fastd, speedport, telekom Cc:


When receiving an "ICMP Destination unreachable (Fragmentation needed)" with a "Next-Hop MTU" option the kernel correctly remembers this PMTU setting for this route and can be seen in 'ip r s cache' and correctly sets a timeout for it.

However after this timer expires only the 'expires xxx' text got removed in the 'ip r s cache' output, while still keeping and never updating/removing this MTU setting:

x.x.x.x via dev br-wan  src
    cache  used 5586207 age 0sec ipid 0x09cd mtu 596

The issue is easily reproduceable when creating such ICMP packets with the tool mausezahn, for instance.

Tests in a virtual environment showed, that the issue is only present with the 3.3.8 kernel, but is gone with the 3.6.11 one (unfortunately I wasn't able to bisect this further yet due to being unable to compile a 3.4.24 kernel for instance).

We discovered this issue with an OpenWRT router behind a Speedport W 723V (firmware version: 1.26.000) behind a DSL connection from the German Telekom. Due to the combination of various other issues this PMTU bug was a fatal one for our mesh / Freifunk setup, creating a black hole in the local neighborhood: The Speedport was regularly (about once every 2-4 days) sending a single ICMP message of the type mentioned above with a Next-Hop MTU option of 596 Bytes (probably when the Speedport's pppoe interface just got up) in response to the periodic connection attempts and packets send over a VPN tunnel (fastd). Furthermore either the Speedport router or the German Telekom was blocking IP fragments, therefore dropping any IP packet of larger sizes over this VPN tunnel. Finally, we were running batman-adv over this VPN tunnel and because batman-adv is only measuring the link quality with small packets it assumed working route over its internet connection and announced it to its local wifi neighborhood, a route which was actually not usable - ultimately resulting in a black hole.

Disabling PMTU discovery on the according OpenWRT router was a usable workaround for this issue in this real world setup for now (net.ipv4.ip_no_pmtu_disc=1 in /etc/sysctl.conf).

The real world setup was running an Attitude Adjustment version, the VM tests were done on trunk@34812, the issue could be observed in both of them with a 3.3.8 kernel.

Attachments (0)

Change History (5)

comment:1 Changed 5 years ago by nbd

I took a look at the kernel commit log between those versions, and there were some major structural changes in there that directly touch related code, e.g. the routing cache removal.
It seems to me that even if we find the commit that fixed it, it may not be applicable to older versions.

comment:2 Changed 5 years ago by anonymous

It might still be interesting to submit the problem on netdev mailing list, I guess routing subsystem experts might be able to help...

Maybe there is a problem with gc settings of the route cache leading to expired entries never getting purged... At first sight the problem seems quite important and visible so it is surprising to find it in 3.3 which is not so old. Once again getting the opinion of some kernel developers might be useful.

comment:3 Changed 5 years ago by bittorf@…

most platforms have switched to 3.7.x, so simply use the new kernel.

comment:4 Changed 5 years ago by nbd

  • Resolution set to wontfix
  • Status changed from new to closed

i don't think we're going to see a backport of the fixes, so you should probably just stick with current versions.

comment:5 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

as closed .
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.