Re: [PATCH] xfrm: fix tunnel model fragmentation behavior

[Lina Wang]

On Mon, 2022-02-21 at 12:04 +0100, Steffen Klassert wrote:
> On Mon, Feb 21, 2022 at 01:16:48PM +0800, Lina Wang wrote:
> > in tunnel mode, if outer interface(ipv4) is less, it is easily to
We have two commits in the ipsec tree that address a very similar
> issue. That is:
> 
> commit 6596a0229541270fb8d38d989f91b78838e5e9da
> xfrm: fix MTU regression
> 
> and
> 
> commit a6d95c5a628a09be129f25d5663a7e9db8261f51
> Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
> 
> Can you please doublecheck that the issue you are fixing still
> exist in the ipsec tree?

Yes, I know the two patches, which didnot help for my scenary. Whatever 
commit a6d95c5a62 exist or not, there still is double fragment issue. From
commit 6596a022's mail thread, owner has met double fragment issue, I am 
not sure if it is the same with mine.

My scenary is very simple, set up ipsec0, create default route, set 
transport mode for ipsec0 and tunnel mode for wlan0.

ip link add ipsec0 type xfrm dev xfrm dev wlan0 if_id xx
ip link set mtu 1400 dev ipsec0
ip link set mtu 1300 dev wlan0

ping6 -s 1300 xx will always reproduce such issue.

Thanks!