[Bridge] Preventing packet reassembly

Sun, 27 Apr 2008 17:01:08 -0700 

Hi All, 
I'm having some issues with my bridge reassembling fragmented packets,
with disastrous results.
I have a simple bridge set up:
 
brctl addbr br0
brctl addif br0 eth0 
brctl addif br0 eth1
 
Simple enough. The MTU on each interface is 1500, and so is the MTU on
the bridge itself. 
I have the bridge connected something like this:
 
PC A----Switch A---eth0 (bridge) eth1---Switch B---PC B.
 
The Switches are adding VLAN headers and the like, but this seems to be
irrelevant to the problem.
If i ping from PC A to PC B, all is OK. But, when I ping using a
1500-byte payload (or larger), the ping doesn't get through. Removing
the linux bridge and just going switch-switch works OK.
 
Watching the ethernet ports on the bridge indicate that the ping is
entering the bridge on eth0, but not coming out of eth1. A packet
sniffer shows that the ping is being fragmented by PC A, and two packets
enter eth0. I then increased the MTU on eth0, eth1 and br0 to 1600, to
see if this was an MTU issue. I then see packets coming out of eth1, but
my switch is dropping them, because they are oversized.
Connecting eth1 straight to a packet sniffer shows that when two packets
enter eth0, the bridge is reassembling them into a single, larger
packet, which it then either drops because it is larget than the MTU of
eth1, or it passes a large packet (in this case, 1560 bytes or so).
Obviously, this packet is then dropped by other equipment in the
network, because it is too large for a proper ethernet packet.
 
I am seeing this behaviour with any IP packets, not just ICMP. The
result is that anything which has a large-ish payload is being dropped
after it leaves the bridge.
 
The question is, then: How do I stop the bridge from reassembling
fragmented packets?
 
 
 
Regards,
             Leigh
 
Leigh Sharpe
Network Systems Engineer
Pacific Wireless
Ph +61 3 9584 8966
Mob 0408 009 502
Helpdesk 1300 300 616
email [EMAIL PROTECTED]
<blocked::mailto:[EMAIL PROTECTED]> 
web www.pacificwireless.com.au
<blocked::http://www.pacificwireless.com.au/> 
 

_______________________________________________
Bridge mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/bridge

Reply via email to