Bug 510454 - [IPv6] No fragment header in ICMPv6 reply after packet_too_big message
[IPv6] No fragment header in ICMPv6 reply after packet_too_big message
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
All Linux
medium Severity medium
: rc
: ---
Assigned To: Cong Wang
Hangbin Liu
Depends On:
  Show dependency treegraph
Reported: 2009-07-09 06:55 EDT by Tomas Smetana
Modified: 2013-09-29 22:09 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-02-16 10:56:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Testing program (2.91 KB, text/plain)
2009-07-09 06:56 EDT, Tomas Smetana
no flags Details
Proposed patch (5.85 KB, patch)
2009-07-09 06:58 EDT, Tomas Smetana
no flags Details | Diff

  None (edit)
Description Tomas Smetana 2009-07-09 06:55:22 EDT
Description of problem:
Node can not include a fragment header in packets sent after receiving icmpv6 packet_too_big message.

 RFC1981:4 Protocol Requirements
     A node may receive a Packet Too Big message reporting a
     next-hop MTU that is less than the IPv6 minimum link MTU.  In that
     case, the node is not required to reduce the size of subsequent
     packets sent on the path to less than the IPv6 minimun link MTU,
     but rather must include a Fragment header in those packets.

According to RFC1981, after the Packet Too Big message is received, a node must include a fragment header in subsequent packets sent on the path. But RHEL4.8 does not.

Version-Release number of selected component:

How reproducible:

Steps to Reproduce:
Test environment:
       _______                                _______
       |      |eth0                      eth0 |      |
       |______|                               |______|
 MAC:   xx:xx:xx:xx:xx:xx                   yy:yy:yy:yy:yy:yy
 ipaddr:3ffe:501:ffff:100:2xx:xxff:fexx:xx  3ffe:501:ffff:100:2yy:yyff:feyy:yyyy

Compile the attached program on the Tester:

       # gcc -o sendtoobig sendtoobig.c
       program usage:
       ./sendtoobig saddr daddr
       saddr :source ipv6 global address
       daddr :destination ipv6 global address

   Target: execute tcpdump to capture packets
       # tcpdump -i eth0 -s0 -w tcpdump.pcap
   Tester: send packet too big message to NUT
       # ./sendtoobig 3ffe:501:ffff:100:2xx:xxff:fexx:xxxx 3ffe:501:ffff:100:2yy:yyff:feyy:yyyy
   Tester: ping6 NUT in order to see if the echo reply include fragment header
       # ping6 -c1 -I eth0 3ffe:501:ffff:100:2yy:yyff:feyy:yyyy
   Target: stop the tcpdump      
   Target: Investigate 'tcpdump.pcap' file to check if a fragment header is included on the echo reply packet.
Actual results:
There is no fragment header.

Expected results:
Fragment header is present in the IPv6 part of the ICMPv6 echo reply.

Additional info:
This has been already fixed in the upstream and RHEL-5 kernels.
Comment 1 Tomas Smetana 2009-07-09 06:56:18 EDT
Created attachment 351035 [details]
Testing program
Comment 2 Tomas Smetana 2009-07-09 06:58:07 EDT
Created attachment 351036 [details]
Proposed patch

Tested with kernel-2.6.9-89.5.EL and it fixed the problem in the description.
Comment 3 Cong Wang 2009-07-14 06:15:24 EDT
Hello, Tomas.

How do you get that patch? I can't find it in upstream (2.6.31-rc3), so probably it has been changed.

Comment 4 Tomas Smetana 2009-07-14 07:11:28 EDT
  this patch has been provided by the customer and I can see the code in the RHEL-5 and the recent upstream kernels (with slight differences caused by the fact that we're patching 2.6.9).  Apparently it's a backport.  I don't know whether there exists 1-1 mapping of the proposed patch with some that has been submitted upstream.
Comment 6 Cong Wang 2009-07-15 04:51:12 EDT
Hi, thanks,  Moritoshi and Tomas.

I compiled the patched kernel, but I don't find a proper RHEL4 machine to test (I need to have two machine in the same IPV6 subnet).

Could any of you give me a hand?

The complied kernel is here:

i686: https://brewweb.devel.redhat.com/taskinfo?taskID=1891664
x86_64: https://brewweb.devel.redhat.com/taskinfo?taskID=1891503
Comment 11 Vivek Goyal 2009-07-28 13:23:34 EDT
Committed in 89.7.EL . RPMS are available at http://people.redhat.com/vgoyal/rhel4/
Comment 17 errata-xmlrpc 2011-02-16 10:56:44 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.