bridges cannot have a mtu > 1500 by themselves

This change was made by a bot.

Did this issue occur in a previous version of Ubuntu, or is this a new issue?

Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v3.18 kernel[0].

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

If you are unable to test the mainline kernel, for example it will not boot, please add the tag: 'kernel-unable-to-test-upstream'.
Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".

Thanks in advance.

[0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.18-rc7-vivid/

On 12/04/2014 01:44 PM, Joseph Salisbury wrote:
> Did this issue occur in a previous version of Ubuntu, or is this a new
> issue?

This is reproducible on 12.04 too.

> Would it be possible for you to test the latest upstream kernel? Refer
> to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest
> v3.18 kernel[0].

Also reproducible with:

$ uname -a
Linux xeon 3.18.0-031800rc7-generic #201411302035 SMP Mon Dec 1 01:36:38
UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

Thanks

This issue appears to be an upstream bug, since you tested the latest upstream kernel. Would it be possible for you to open an upstream bug report[0]? That will allow the upstream Developers to examine the issue, and may provide a quicker resolution to the bug.

Please follow the instructions on the wiki page[0]. The first step is to email the appropriate mailing list. If no response is received, then a bug may be opened on bugzilla.kernel.org.

Once this bug is reported upstream, please add the tag: 'kernel-bug-reported-upstream'.

[0] https://wiki.ubuntu.com/Bugs/Upstream/kernel

Looking at the current mainline code, when you set the MTU is it clamped by the bridge wide "lowest" mtu:

  static int br_change_mtu(struct net_device *dev, int new_mtu)
  {
        struct net_bridge *br = netdev_priv(dev);
        if (new_mtu < 68 || new_mtu > br_min_mtu(br))
                return -EINVAL;
  [...]
  }

Which is calculated rather simplistically where there are no attached devices:

  int br_min_mtu(const struct net_bridge *br)
  {
  [...]
        if (list_empty(&br->port_list))
                mtu = ETH_DATA_LEN;
  [...]

It is not entirely clear why we care to clamp the MTU artificially at this level, as we will reevaluate the mtu and lower it when we do add a new bridge port.

All of that said, if the MTU was set on the KVM tap before it was added then the bridge MTU should follow that device, and that appears to be the expected use model from the way the code is written.

On 12/05/2014 01:20 AM, Andy Whitcroft wrote:
> Which is calculated rather simplistically where there are no attached
> devices:
>
> int br_min_mtu(const struct net_bridge *br)
> {
> [...]
> if (list_empty(&br->port_list))
> mtu = ETH_DATA_LEN;
> [...]
>
> It is not entirely clear why we care to clamp the MTU artificially at
> this level, as we will reevaluate the mtu and lower it when we do add a
> new bridge port.

Thanks for diving in the code Andy. IMHO, having the MTU defaulting to
1500 for an empty bridge makes sense but one should be able to manually
set it to a higher MTU.

> All of that said, if the MTU was set on the KVM tap before it was added
> then the bridge MTU should follow that device, and that appears to be
> the expected use model from the way the code is written.

Indeed, if the tap's MTU was bigger when it was enslaved it would just
work. Currently it works the other way around: the tap adopts the
bridge's MTU [1]

Regards,
Simon

[1]: https://www.redhat.com/archives/libvir-list/2008-December/msg00083.html

Also affects Linux 3.19 on Ubuntu Trusty (linux-generic-lts-vivid).

It seems that the only way to create a bridge with MTU=9000 is by creating it on top of a dummy interface, with mtu 9000 already configured... Very annoying...

I am wondering if there has been any progress on this, and if a bug report has been opened to the kernel devs.
This is impacting kvm deployments, and while there are workarounds, they are all rather ugly (read: scripts that adjust tun MTUs after VMs boot).

We ran into this while training for NOC. Deploying on our laptop labs so not sure of greater implications but it's tied us up for a good bit so I figured I'd bump this thread.

so:
**** BUMP ****

If any one runs into this issue in the future, be sure you are using virtio for your network interfaces for the vm's.

LXC displays similar behavious in Xenial. The "solution" was to set the MTUs for all the slave interfaces, and all the interfaces within the guests, then finally set the bridge MTU, otherwise it will simply refuse. Worked fine.

Haven't yet looked into the configs to see if I can do this permanently.

64bit xenial, same issue here;

it's sad, not able to use jumbo frames with in lxd guests.

This has been fixed, I'm not entirely sure when, but you can create a bridge with a specific MTU.

Additionally since v4.17 when you set the MTU, the bridge will stop automatically changing it when interfaces are added/removed:
https://github.com/torvalds/linux/commit/804b854d374e39f5f8bff9638fd274b9a9ca7d33

However until a commit I'm pushing now, that worked if you set the MTU after creation (ip link set br0 mtu 9000) but failed if the MTU was set during creation (ip link add br0 type bridge mtu 9000) - which is also the equivalent to how systemd-networkd does it. So the MTU may shrink if you accidentally add lower MTU interfaces to the bridge. But LXC/LXD/etc typically set the MTU to match the MTU the bridge currently has so mostly this should work as desired since about 2018/v4.17 at least.