-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MTU handling #61
Comments
How would you obtain the MTU from the IP layer?
I think that is a reasonable approach. |
I'm not too sure. It looks like TCP has some kind of "PMTU probe." but I think that may be too complicated for our purposes. Instead, I think we need only implement this:
We can change setsockopt(MTU) to take a MTU and return MTU - KTLS_DTLS_OVERHEAD from getsockopt(MTU), and let userspace decide how big the records should be. |
The current implementation is performing such thing for Note however that UDP (DTLS) is quiet tricky in this case. If we split a message "AABB" into "AA" + "BB" because of MTU transparently to user space, a receiver can read "BBAA" since DTLS is not dealing with out of order delivery. Personally I would stick with returning an error code (such as E2BIG) and let user space deal with possible fragmentation (which could be in many cases application specific) - the user space should explicitly know about the risk here. IIRC, GnuTLS is doing something similar.
That's also an argument why we should leave such
Yes, that was the purpose of letting userspace to set MTU (according to possible MTU discovery). |
That's correct, but note that Lance was proposing sending the larger packet as a singleton and let IP framentation work in the middle routers. The end host will defragment such packets and thus the whole packet will be received in the correct order/size by the peer. However letting the lower layer know is important as you mention. Currently in UDP this is done by applications setting the MTU discovery setsockopt() in the fd, informing the kernel to return EMSGSIZE if something is larger than the known MTU. I guess we could rely on the userspace app to set that option to the original fd, and propagate any error? For sure we need quite some tests around that. |
I'm in favor of removing setsockopt MTU, and just dealing with it using MSG_MORE flag |
Setting MTU was useful mostly for sendfile() where you get up to page size bytes in a one call. Without setting MTU it would be not possible to use DLTS - you would send up to 4096B+DTLS overhead in a one single UDP datagram, which is not doable on most networks. |
I don't understand why not? IP fragmentation exists for the purpose of sending large datagrams. UDP can send up to 65k messages using fragmentation, and like Nikos said, the end host can defragment the packets and thus the application layer receives packets as a whole. See the frag_list field in struct sk_buff. |
Ah, ok. We can then use IP fragmentation and get rid of MTU setsockopt as Dave pointed out. |
After chatting with Fridolin and reading RFC 6347, I notice a discrepancy between the specs and MTU handling in KTLS, which I would like to discuss.
Right now in KTLS, if the MTU is 1500, and the user tries to send a message of length 1501 over UDP, only 1500 bytes is transmitted in order to avoid IP fragmentation. In other words, KTLS is actively cutting down the size of records to avoid fragmentation.
However, RFC 6347 says this.
It's saying that the application using DTLS is responsible for avoiding IP fragmentation, not the DTLS implementation itself.
Additionally, it goes on to say:
As a solution to the above problems, it says DTLS should provide the following:
My recommended changes:
The text was updated successfully, but these errors were encountered: