[Bridge] Re: Any way of knowing a packet's been defragmented

Eble, Dan DanE at aiinet.com
Thu Aug 5 07:35:14 PDT 2004


> -----Original Message-----
> From: bridge-bounces at lists.osdl.org 
> [mailto:bridge-bounces at lists.osdl.org] On Behalf Of Henrik Nordstrom
> 
> Eh.. I do not claim to be a bridge guru, but won't such bridge cause 
> serious havoc on the network much like PMTU blackholes does?
> 
> You should either reject creating such bridge,

IMO, the driver should not bridge any packets from a device with a
larger MTU to a device with a smaller MTU, which I suppose is almost the
same as forbidding such a bridge to be created, but I seem to remember
Stephen's commenting that the 802 bridge spec says it should be done the
way it is now.

> or make sure to fragment packets including ICMP MUST
> FRAGMENT generation when not allowed (which requires an IP).

The ethernet bridge driver is the wrong place to do IP or any other
higher-layer protocol.  Its job is to be a LAN in a box.  If a device
claims that it can only send packets up to a certain size, the bridge
honors that claim.

If connection tracking is coalescing ethernet packets into a size
greater than would otherwise be received from a device, then connection
tracking should be responsible for undoing that damage (where and when,
I don't know), otherwise the ethernet bridge driver will become a
monstrosity of stuff unrelated to ethernet.




More information about the Bridge mailing list