Module Name:    src
Committed By:   knakahara
Date:           Fri Apr  6 10:31:35 UTC 2018

Modified Files:
        src/sys/netipsec: ipsecif.c

Log Message:
Add IPv4 ID when the ipsecif(4) packet can be fragmented. Implemented by 
hsuenaga@IIJ and ohishi@IIJ, thanks.

This modification reduces packet loss of fragmented packets on a
network where reordering occurs.

Alghough this modification has been applied, IPv4 ID is not set for
the packet smaller then IP_MINFRAGSIZE. According to RFC 6864, that
must not cause problems.

XXX pullup-8


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/sys/netipsec/ipsecif.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netipsec/ipsecif.c
diff -u src/sys/netipsec/ipsecif.c:1.5 src/sys/netipsec/ipsecif.c:1.6
--- src/sys/netipsec/ipsecif.c:1.5	Tue Mar 13 03:05:12 2018
+++ src/sys/netipsec/ipsecif.c	Fri Apr  6 10:31:35 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsecif.c,v 1.5 2018/03/13 03:05:12 knakahara Exp $  */
+/*	$NetBSD: ipsecif.c,v 1.6 2018/04/06 10:31:35 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.5 2018/03/13 03:05:12 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.6 2018/04/06 10:31:35 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -135,7 +135,10 @@ ipsecif4_prepend_hdr(struct ipsec_varian
 	ip = mtod(m, struct ip *);
 	ip->ip_v = IPVERSION;
 	ip->ip_off = htons(0);
-	ip->ip_id = 0;
+	if (m->m_pkthdr.len < IP_MINFRAGSIZE)
+		ip->ip_id = 0;
+	else
+		ip->ip_id = ip_newid(NULL);
 	ip->ip_hl = sizeof(*ip) >> 2;
 	if (ip_ipsec_copy_tos)
 		ip->ip_tos = tos;

Reply via email to