Bug #1893015 “ping with large package size fails” : Bugs : neutron

Revision history for this message

norman shen (jshen28) wrote on 2020-08-26:

#1

iptables capture Edit (14.9 KiB, image/png)

Revision history for this message

Brian Haley (brian-haley) wrote on 2020-08-26:

#2

Packets larger than the MTU have typically always had issues traversing bridges, and there won't be any path MTU info returned to inform the sender. They're most likely being dropped "entering" the tap where the MTU is being enforced.

I guess my question is - why should a 2000 byte packet successfully traverse a network that has a 1500 byte MTU? I would actually expect it to fail. Does using the '-M want' flag to ping make it succeed, which would correctly fragment the packet on transmit? Sorry for seeming negative.

Not sure this is a bug in neutron, I think we'd see the same issue manually configuring a bridge connecting two L2 networks and sending a packets larger than the MTU.

Changed in neutron:
status:	New → Incomplete

Revision history for this message

norman shen (jshen28) wrote on 2020-08-27:

#3

Hmm... thank you very much for the quick reply. I've tried ping with -M want option but it still does not work. (btw I think pinging will be fragmented if -M do does not set)

My worry is fragmented ping should be able to transmitted through a normal 1500 byte mtu network. I have not tried UDP but I guess it will fail too, since UDP requires fragmentation to transmit large packet, I am worrying it will cause unexpected network interruption.

Revision history for this message

norman shen (jshen28) wrote on 2020-08-27:

#4

Oh, btw if I disable netfilter on bridge by setting /proc/sys/net/bridge/bridge-nf-call-iptables to 0, looks like fragmented packet could reach remote end.

Revision history for this message

norman shen (jshen28) wrote on 2020-08-27:

#5

Download full text (5.4 KiB)

root@compute34:~# conntrack -L | grep 172.20
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4123 use=1
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4122 use=1
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4121 use=1
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4118 use=1
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4116 use=1
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4117 use=1
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4101 use=1
udp 17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4100 use=1
udp 17 15 src=172.20.3.36 dst=255.255.255.255 sport=54185 dport=1947 [UNREPLIED] src=255.255.255.255 dst=172.20.3.36 sport=1947 dport=54185 mark=0 zone=4111 use=1
tcp 6 86395 ESTABLISHED src=172.20.6.170 dst=172.18.255.21 sport=59309 dport=4305 src=172.18.255.21 dst=172.20.6.170 sport=4305 dport=59309 [ASSURED] mark=0 zone=4103 use=1
icmp 1 26 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=21904 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=21904 mark=0 zone=4103 use=1
icmp 1 6 src=172.20.6.135 dst=172.20.6.140 type=8 code=0 id=34474 [UNREPLIED] src=172.20.6.140 dst=172.20.6.135 type=0 code=0 id=34474 mark=0 zone=4103 use=1
icmp 1 16 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=50471 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=50471 mark=0 zone=4103 use=1
udp 17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4123 use=1
udp 17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4122 use=1
udp 17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4121 use=1
udp 17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4118 use=1
udp 17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4116 use=1
udp 17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4117 use=1
udp 17 29 src=172.20.93.188 dst=224.0.0.102 spor...

root@compute34:~# conntrack -L | grep 172.20
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4123 use=1
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4122 use=1
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4121 use=1
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4118 use=1
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4116 use=1
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4117 use=1
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4101 use=1
udp      17 28 src=172.20.93.189 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.189 sport=1985 dport=1985 mark=0 zone=4100 use=1
udp      17 15 src=172.20.3.36 dst=255.255.255.255 sport=54185 dport=1947 [UNREPLIED] src=255.255.255.255 dst=172.20.3.36 sport=1947 dport=54185 mark=0 zone=4111 use=1
tcp      6 86395 ESTABLISHED src=172.20.6.170 dst=172.18.255.21 sport=59309 dport=4305 src=172.18.255.21 dst=172.20.6.170 sport=4305 dport=59309 [ASSURED] mark=0 zone=4103 use=1
icmp     1 26 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=21904 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=21904 mark=0 zone=4103 use=1
icmp     1 6 src=172.20.6.135 dst=172.20.6.140 type=8 code=0 id=34474 [UNREPLIED] src=172.20.6.140 dst=172.20.6.135 type=0 code=0 id=34474 mark=0 zone=4103 use=1
icmp     1 16 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=50471 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=50471 mark=0 zone=4103 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4123 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4122 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4121 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4118 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4116 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4117 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4101 use=1
udp      17 29 src=172.20.93.188 dst=224.0.0.102 sport=1985 dport=1985 [UNREPLIED] src=224.0.0.102 dst=172.20.93.188 sport=1985 dport=1985 mark=0 zone=4100 use=1
icmp     1 6 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=8549 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=8549 mark=0 zone=4103 use=1
tcp      6 86393 ESTABLISHED src=172.20.3.36 dst=10.15.4.108 sport=65533 dport=5688 src=10.15.4.108 dst=172.20.3.36 sport=5688 dport=65533 [ASSURED] mark=0 zone=4111 use=1
icmp     1 21 src=172.20.6.135 dst=172.20.6.140 type=8 code=0 id=38229 [UNREPLIED] src=172.20.6.140 dst=172.20.6.135 type=0 code=0 id=38229 mark=0 zone=4103 use=1
icmp     1 16 src=172.20.6.135 dst=172.20.6.140 type=8 code=0 id=55042 [UNREPLIED] src=172.20.6.140 dst=172.20.6.135 type=0 code=0 id=55042 mark=0 zone=4103 use=1
icmp     1 11 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=20292 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=20292 mark=0 zone=4103 use=1
icmp     1 1 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=43090 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=43090 mark=0 zone=4103 use=1
udp      17 19 src=172.20.3.36 dst=172.20.3.255 sport=54185 dport=1947 [UNREPLIED] src=172.20.3.255 dst=172.20.3.36 sport=1947 dport=54185 mark=0 zone=4111 use=1
icmp     1 21 src=172.20.6.135 dst=172.20.6.150 type=8 code=0 id=46778 [UNREPLIED] src=172.20.6.150 dst=172.20.6.135 type=0 code=0 id=46778 mark=0 zone=4103 use=1
icmp     1 26 src=172.20.6.135 dst=172.20.6.140 type=8 code=0 id=20080 [UNREPLIED] src=172.20.6.140 dst=172.20.6.135 type=0 code=0 id=20080 mark=0 zone=4103 use=1
icmp     1 11 src=172.20.6.135 dst=172.20.6.140 type=8 code=0 id=27255 [UNREPLIED] src=172.20.6.140 dst=172.20.6.135 type=0 code=0 id=27255 mark=0 zone=4103 use=1
tcp      6 482 CLOSE_WAIT src=172.20.3.34 dst=172.20.6.170 sport=53051 dport=4302 src=172.20.6.170 dst=172.20.3.34 sport=4302 dport=53051 [ASSURED] mark=0 zone=4103 use=1
icmp     1 1 src=172.20.6.135 dst=172.20.6.140 type=8 code=0 id=29856 [UNREPLIED] src=172.20.6.140 dst=172.20.6.135 type=0 code=0 id=29856 mark=0 zone=4103 use=1
conntrack v1.4.4 (conntrack-tools): 7022 flow entries have been shown.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-10-26:

#6

[Expired for neutron because there has been no activity for 60 days.]

Changed in neutron:
status:	Incomplete → Expired

neutron

ping with large package size fails

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches