ipv4: introduce hardened ip_no_pmtu_disc mode

This new ip_no_pmtu_disc mode only allowes fragmentation-needed errors to be honored by protocols which do more stringent validation on the ICMP's packet payload. This knob is useful for people who e.g. want to run an unmodified DNS server in a namespace where they need to use pmtu for TCP connections (as they are used for zone transfers or fallback for requests) but don't want to use possibly spoofed UDP pmtu information. Currently the whitelisted protocols are TCP, SCTP and DCCP as they check if the returned packet is in the window or if the association is valid. Cc: Eric Dumazet <eric.dumazet@gmail.com> Cc: David Miller <davem@davemloft.net> Cc: John Heffner <johnwheffner@gmail.com> Suggested-by: Florian Weimer <fweimer@redhat.com> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Hannes Frederic Sowa <hannes@stressinduktion.org> 2014-01-09 04:01:17 -0500
committer: David S. Miller <davem@davemloft.net> 2014-01-13 14:22:55 -0500
commit: 8ed1dc44d3e9e8387a104b1ae8f92e9a3fbf1b1e (patch)
tree: 4a8093c0dfa1507ce234754a54db8a95399955a4 /Documentation
parent: 0954cf9c6141d597929a292b93a2dca2c1f29159 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 0d71fa962d8a..c97932c88ea3 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -26,7 +26,18 @@ ip_no_pmtu_disc - INTEGER
        discarded. Outgoing frames are handled the same as in mode 1,
        implicitly setting IP_PMTUDISC_DONT on every created socket.
-        Possible values: 0-2
+        Mode 3 is a hardend pmtu discover mode. The kernel will only
+        accept fragmentation-needed errors if the underlying protocol
+        can verify them besides a plain socket lookup. Current
+        protocols for which pmtu events will be honored are TCP, SCTP
+        and DCCP as they verify e.g. the sequence number or the
+        association. This mode should not be enabled globally but is
+        only intended to secure e.g. name servers in namespaces where
+        TCP path mtu must still work but path MTU information of other
+        protocols should be discarded. If enabled globally this mode
+        could break other protocols.
+        Possible values: 0-3
        Default: FALSE
 min_pmtu - INTEGER
author	Hannes Frederic Sowa <hannes@stressinduktion.org>	2014-01-09 04:01:17 -0500
committer	David S. Miller <davem@davemloft.net>	2014-01-13 14:22:55 -0500
commit	8ed1dc44d3e9e8387a104b1ae8f92e9a3fbf1b1e (patch)
tree	4a8093c0dfa1507ce234754a54db8a95399955a4 /Documentation
parent	0954cf9c6141d597929a292b93a2dca2c1f29159 (diff)

diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 0d71fa962d8a..c97932c88ea3 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt
@@ -26,7 +26,18 @@ ip_no_pmtu_disc - INTEGER
26	discarded. Outgoing frames are handled the same as in mode 1,	26	discarded. Outgoing frames are handled the same as in mode 1,
27	implicitly setting IP_PMTUDISC_DONT on every created socket.	27	implicitly setting IP_PMTUDISC_DONT on every created socket.
28		28
29	Possible values: 0-2	29	Mode 3 is a hardend pmtu discover mode. The kernel will only
		30	accept fragmentation-needed errors if the underlying protocol
		31	can verify them besides a plain socket lookup. Current
		32	protocols for which pmtu events will be honored are TCP, SCTP
		33	and DCCP as they verify e.g. the sequence number or the
		34	association. This mode should not be enabled globally but is
		35	only intended to secure e.g. name servers in namespaces where
		36	TCP path mtu must still work but path MTU information of other
		37	protocols should be discarded. If enabled globally this mode
		38	could break other protocols.
		39
		40	Possible values: 0-3
30	Default: FALSE	41	Default: FALSE
31		42
32	min_pmtu - INTEGER	43	min_pmtu - INTEGER