Hello!
> > So unless I'm missing something, we should get rid of dst->path and
> > store the MTU in the xfrm dst's directly.
Yes, this is absolutely true. BTW we talked about this already.
The problem here is pure technical. In any case pmtu on path
going through tunnel is _lower_ than dst_path() and has to be
recalculated when dst_path() changes. Because we do not hold
any back references for dst's using dst->path, we cannot do this
actively. dst_path() is enough to do this.
But it is definitely not enough when pmtu is lowered on some
policies by another reasons.
So, holding pmtu at all the dst's is necessary and we have to sync
those mtus with dst_path instead using it directly.
> Now the problem with all this is that it looks pretty complicated.
I am afraid I still did not understand your troubles completely.
Actually, the last time when we discussed this we had only one
but _damn_ ugly problem. We have to remember original packet content
to reply with ICMP correctly, when encapsulating. Is it possible
that you are confused with this? We do send invalid ICMP_FRAG_NEEDED
from ip_fragment. PMTU discovery will work only if we reply to original,
not transofrmed packet. See?
Alexey
|