NetBSD Problem Report #57676

From www@netbsd.org  Wed Oct 25 19:18:41 2023
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 4CC731A9238
	for <gnats-bugs@gnats.NetBSD.org>; Wed, 25 Oct 2023 19:18:41 +0000 (UTC)
Message-Id: <20231025191840.3F6B31A9239@mollari.NetBSD.org>
Date: Wed, 25 Oct 2023 19:18:40 +0000 (UTC)
From: anthony.mallet@laas.fr
Reply-To: anthony.mallet@laas.fr
To: gnats-bugs@NetBSD.org
Subject: Document sysctl net.inet6.ip6.gifpmtu for gif(4)
X-Send-Pr-Version: www-1.0

>Number:         57676
>Category:       kern
>Synopsis:       Document sysctl net.inet6.ip6.gifpmtu for gif(4)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Oct 25 19:20:01 +0000 2023
>Originator:     Anthony Mallet
>Release:        -current
>Organization:
>Environment:
NetBSD cactus 10.99.7 NetBSD 10.99.7 (CACTUS) #11: Wed Oct  4 22:23:03 CEST 2023  troot@cactus:/usr/obj/sys/arch/amd64/compile/CACTUS amd64

>Description:
I stuggled a bit to figure out why my egress gif(4) packets would always be fragmented to what seemed to be a 1280 MTU, even though I had configured a 1460 one.

The attached doc patch would have saved me a bit of UTSL. I guess it's worth mentionning that gif(4) does not do PMTU discovery but instead uses 
net.inet6.ip6.gifpmtu to either always use the minimum 1280 MTU or trust the one configured.

Please feel free to rephrase or rewrite my proposal.

Best,

>How-To-Repeat:

>Fix:
Index: share/man/man4/gif.4
===================================================================
RCS file: /cvsroot/src/share/man/man4/gif.4,v
retrieving revision 1.34
diff -u -r1.34 gif.4
--- share/man/man4/gif.4        14 Aug 2018 06:27:44 -0000      1.34
+++ share/man/man4/gif.4        25 Oct 2023 19:11:49 -0000
@@ -140,6 +140,12 @@
 When the inner packet is IPv6, the protocol field of the outer packet
 is 41
 .Dv ( IPPROTO_IPV6 ) .
+.Ss Path MTU discovery
+When the outer packet is IPv6, path MTU discovery is not done. Instead, the
+net.inet6.ip6.gifpmtu
+.Xr sysctl 7
+variable controls the MTU used for egress packets. When set to 0, the minimum
+MTU (1280) is always used. When set to 1, the interface MTU is trusted.
 .Ss Security
 Malicious party may try to circumvent security filters by using
 tunneled packets.
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2023 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.