cvs commit: src/sys/net if_bridge.c
Andrew Thompson
thompsa at freebsd.org
Wed Oct 25 18:11:53 UTC 2006
On Wed, Oct 25, 2006 at 05:53:02PM +0000, Darren Reed wrote:
> On Sat, Apr 29, 2006 at 05:37:25AM +0000, Andrew Thompson wrote:
> > thompsa 2006-04-29 05:37:25 UTC
> >
> > FreeBSD src repository
> >
> > Modified files:
> > sys/net if_bridge.c
> > Log:
> > Add support for fragmenting ipv4 packets.
> >
> > The packet filter may reassemble the ip fragments and return a packet that is
> > larger than the MTU of the sending interface. There is no check for DF or icmp
> > replies as we can only get a large packet to fragment by reassembling a
> > previous fragment, and this only happens after a call to pfil(9).
>
> I'm a long time in catching up with this change, but architecturally,
> this change is very very wrong.
>
> A bridge should have _no_ part in fragmenting up an IP packet
> regardless of what options are set (or not set) in an IP header.
Its not really the bridge that is fragmenting packets. The packet filter
may reassemble fragments and return a packet larger than we can send,
the fragmenting is done in the layer between bridge<->pfil. As long as
we may be returned a large packet this is unavoidable.
I agree that a bridge should not have anything to do with IP, and
technically it isn't.
Andrew
More information about the cvs-src
mailing list