[bind10-dev] #1534, IPV6_USE_MIN_MTU and similar

JINMEI Tatuya / 神明達哉 jinmei at isc.org
Tue Feb 14 19:03:10 UTC 2012 

At Tue, 14 Feb 2012 12:53:04 +0100,
Michal 'vorner' Vaner <michal.vaner at nic.cz> wrote:

> I took the #1534 ticket and discovered that the IPV6_USE_MIN_MTU is not
> supported on linux (this is actually in the linux/in6.h header:
> #if 0 /* not yet */
> #define IPV6_USE_MIN_MTU 63
> #endif
> ).
> 
> Looking into bind9, there's a whole bunch of options to work around things that
> are missing here and there (IPV6_USE_MIN_MTU, IPV6_MTU, IPV6_MTU_DISCOVER, some
> workaround for IPV6_PKTINFO). This looks pretty complicated. How should we
> proceed? Port the whole thing? Try to find something easier that works
> everywhere? Never send packets that are that large?

NSD seems to use IPV6_MIN_MTU.  We can probably do the same:
# if defined(IPV6_USE_MIN_MTU)
[...]
# elif defined(IPV6_MTU)
			/*
			 * On Linux, PMTUD is disabled by default for datagrams
			 * so set the MTU equal to the MIN MTU to get the same.
			 */
			on = IPV6_MIN_MTU;
			if (setsockopt(nsd->udp[i].s, IPPROTO_IPV6, IPV6_MTU, 
				&on, sizeof(on)) < 0)
			{
				log_msg(LOG_ERR, "setsockopt(..., IPV6_MTU, ...) failed: %s",
					strerror(errno));
				return -1;
			}
			on = 1;
# endif

> Also, I believe that not all possible applications need this setting (if we ever
> have a tftp module, it probably doesn't want this enabled). And it looks
> complicated to be inside socket creator. I propose we set these options inside
> the modules that use the socket, not in socket creator.

IMO using the minimum MTU for UDP/IPv6 is the most reasonable default
behavior (I don't know how a tftp could be an exception, but even if
it could be it seems to be very unlikely we have it in BIND 10), so it
makes more sense to do it by default.  If an application specifically
wants to perform PMTU discovery for UDP/IPv6 itself (IMO which will be
very, very unlikely), that specific application can then disable
USE_MIN_MTU, set IPV6_RECVPATHMTU and follow MTU change from ancillary
data, etc (again, only very, very few apps would bother to do that).

As for where to set the option (assuming "do it by default" is
agreed), I personally don't think it too much for the socket creator.
It basically just a single call to setsockopt (unfortunately with a
couple of ifdefs due to the non compliant systems), and we do it
unconditionally (the behavior doesn't change based on the apps
request).  If we even don't want to add that amount of code to sock
creator, we could do it in the boss, probably with a small C/C++
wrapper module.

---
JINMEI, Tatuya
Internet Systems Consortium, Inc.

More information about the bind10-dev mailing list