Canonical network has non-working PTMU, add MSS clamping
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Auto Package Testing |
Fix Released
|
Undecided
|
Martin Pitt |
Bug Description
Apparently lxdbr0 gets set up with the standard MTU of 1500 by default. However, in our data center interfaces have a lower one: Scalingstack instances have eth0 with MTU 1400, and on my local laptop the OpenVPN tun0 even has 1194 only.
This leads to the network in lxd containers being broken by default; while ping and mtr work, apt-get update is hanging forever. The main issue with this is that very few people are even aware of an MTU impedance mismatch, so debugging this always takes ages. It took me a while until I added this to my own autopkgtest stuff (https:/
lxc profile device remove default eth0
lxc profile device add default eth0 nic nictype=bridged parent=lxdbr0 mtu=1400
and Michael just ran into it again with juju tests in bug 1571082.
Can we be more clever here and configure a default MTU on lxdbr0 which matches the one from the host's default route?
That's not how MTU works.
Your host should fragment as needed when routing, in fact it does that perfectly well for me.
The only case where you need to lower your bridge MTU is if you were to bridge your host's eth0 or tun0 into lxdbr0, but based on the above, that's not what you're doing at all.
It is perfectly normal for there to be varying MTU on the internet, in fact when accessing a lot of websites, the target server is using a lower MTU than your machine's, yet everything still works fine and you don't have to lower your eth0 MTU to whatever MTU the website you're trying to reach is using.
root@snappy:~# tracepath vorash.stgraber.org lan.mtl. stgraber. net 0.313ms lan.mtl. stgraber. net 0.392ms pmtu 1486 bdr01-tor2. teksavvy. com 14.568ms bdr01-tor. teksavvy. com 14.771ms asymm 4 bhs-g2- a9.qc.ca 30.082ms g2-a75. qc.ca 22.711ms bhs-3a- a9.qc.ca 23.463ms
1?: [LOCALHOST] pmtu 1500
1: 10.178.150.1 0.075ms
1: 10.178.150.1 0.056ms
2: sateda.
3: sateda.
3: 206.248.154.104 15.269ms asymm 4
4: ae2-2150-
5: ae1-2170-
6: no reply
7: be10-1215.
8: vl20.bhs-
9: be50-7.
10: vorash.stgraber.org 22.773ms reached
Resume: pmtu 1486 hops 10 back 10
As you can see, lxdbr0 is 1500, an intermediary router sets it to 1486 and everything works.