quinn icon indicating copy to clipboard operation
quinn copied to clipboard

Published 20 hours ago verified publisher icon quinn-rs

Set IP Don't Fragment bit on all outgoing UDP datagrams

Open Ralith opened this issue 5 years ago • 14 comments

Required by the latest draft. This is very platform-specific.

  • [x] Linux - see draft-27 branch
  • [ ] Windows - winsock looks like it mirrors Linux's API here
  • [ ] MacOS - unclear if this is possible; worth checking what other implementations (applequic?) do

Ralith avatar Mar 07 '20 04:03 Ralith

Did some searching, it seems this is what's available on macOS (10.15 SDK):

netinet/ip.h
99:#define IP_DF 0x4000                    /* dont fragment flag */
netinet6/in6.h
547:#define IPV6_DONTFRAG           62 /* bool; disable IPv6 fragmentation */

djc avatar Mar 07 '20 20:03 djc

This really needs to be in a separate datagram socket library, so that other programs can use it. The BSDs also need to be supported.

Demi-Marie avatar Mar 09 '20 21:03 Demi-Marie

I'd certainly be happy to use such a lib if one existed; I don't have the resources to maintain one myself at present.

it seems this is what's available on macOS (10.15 SDK):

Word on the implementers' slack seems to be that there's no working approach yet, which is a bit confusing. Apple bug FB7597964 was mentioned; I can't see that myself.

Ralith avatar Mar 09 '20 22:03 Ralith

From Slack:

And yeah, it looks like IP_DONTFRAG isn’t there at the moment for setsockopt though, we’ve got a bug for that, should be fixed soon although I can’t say anything about timing

djc avatar Mar 10 '20 08:03 djc

I'd certainly be happy to use such a lib if one existed; I don't have the resources to maintain one myself at present.

I was thinking of splitting out the code that you are already maintaining in quinn.

it seems this is what's available on macOS (10.15 SDK):

Word on the implementers' slack seems to be that there's no working approach yet, which is a bit confusing. Apple bug FB7597964 was mentioned; I can't see that myself.

What is the consequence if this bit is not set?

Demi-Marie avatar Mar 10 '20 16:03 Demi-Marie

What is the consequence if this bit is not set?

Quinn will not be a conformant implementation on such platforms. In practice this means that when we implement #69, we'll need to disable it for IPv4 on platforms where the Don't Fragment bit can't be set and restrict ourselves to the minimum MTU (i.e. the current behavior). In principle IPv6 is unaffected because mid-path fragmentation is forbidden there regardless, but we'll need to inspect interface MTU instead to prevent fragmentation by the OS, which is another fiddly OS-specific operation.

Ralith avatar Mar 10 '20 17:03 Ralith

From Slack:

And yeah, it looks like IP_DONTFRAG isn’t there at the moment for setsockopt though, we’ve got a bug for that, should be fixed soon although I can’t say anything about timing

Isn’t IP_DF already available?

Also, how will this be exposed at the quinn-proto level? That is, how is a user of quinn-proto supposed to tell quinn-proto that a packet was rejected for being too large?

Demi-Marie avatar Mar 10 '20 17:03 Demi-Marie

Isn’t IP_DF already available?

No, that is not a sockopt.

That is, how is a user of quinn-proto supposed to tell quinn-proto that a packet was rejected for being too large?

There is no mechanism by which higher-level code can reliably determine this. Instead, we experimentally determine the MTU based on which packets get acknowledged. See the PLPMTUD draft for details.

Ralith avatar Mar 10 '20 18:03 Ralith

I'd certainly be happy to use such a lib if one existed; I don't have the resources to maintain one myself at present.

it seems this is what's available on macOS (10.15 SDK):

Word on the implementers' slack seems to be that there's no working approach yet, which is a bit confusing. Apple bug FB7597964 was mentioned; I can't see that myself.

Looks like no conformant implementation is possible on macOS yet, unless it runs as root.

Demi-Marie avatar Mar 11 '20 14:03 Demi-Marie

Yeah; Apple's got some skin in the game, it seems like, so I expect there'll eventually be a fix.

On Wed, Mar 11, 2020, 7:43 AM Demi Obenour [email protected] wrote:

I'd certainly be happy to use such a lib if one existed; I don't have the resources to maintain one myself at present.

it seems this is what's available on macOS (10.15 SDK):

Word on the implementers' slack seems to be that there's no working approach yet, which is a bit confusing. Apple bug FB7597964 was mentioned; I can't see that myself.

Looks like no conformant implementation is possible on macOS yet, unless it runs as root.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/djc/quinn/issues/664#issuecomment-597675180, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAZQ3USXVWQOUKVCK74JB3RG6PSFANCNFSM4LDMFUWQ .

Ralith avatar Mar 11 '20 15:03 Ralith

Word is that IP_DONTFRAG works in the Big Sur release of macos.

Ralith avatar Jul 30 '20 06:07 Ralith

You must define __APPLE_USE_RFC_3542 in order to use the new IPV6_DONTFRAG sockopt: https://opensource.apple.com/source/xnu/xnu-6153.141.1/bsd/netinet6/in6.h.auto.html

 * To use the new IPv6 Sockets options introduced by RFC 3542
 * the constant __APPLE_USE_RFC_3542 must be defined before
 * including <netinet/in.h>

This appears to work on my catalina box.

CamJN avatar Dec 09 '20 22:12 CamJN

As of macOS Big Sur, IP_DONTFRAG and IPV6_DONTFRAG should work, if they're not working for you, please do file a feedback and post the number -- it's super helpful!

ekinnear avatar Nov 02 '21 22:11 ekinnear

https://github.com/rust-lang/libc/pull/2613

djc avatar Jan 01 '22 21:01 djc