[IPSec]Psudo code for handling PMTU message for IPSec/IPv4

From: Zhao, Forrest (forrest.zhao@intel.com)
Date: Thu Jul 31 2003 - 03:41:30 EST


Hi, Alexey

I'd like to give the psudo code to describe my proposed way to handle
the PMTU message for IPSec/IPv4. Welcome your comment!

1 add a new data field "u32 pmtu" to struct xfrm_state
  When received "ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED" message, store mtu
to specific xfrm_state.pmtu
2 add a new data field " struct dst_entry *dst_xfrm" to struct sk_buff
to track the dst associated with transformation
  When xfrm_lookup() return successfully, store dst to sk_buff.dst_xfrm
3 Propagate "ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED" message to the
originating host, the following modified code is to finish this task
static inline int dst_output(struct sk_buff *skb)
{
        int err;
+ u32 mtu;
+ struct dst_entry *dst;

        for (;;) {
+ if (skb->dst->xfrm)
+ mtu = skb->dst->xfrm->pmtu;

                err = skb->dst->output(skb);

                if (likely(err == 0))
                        return err;
                if (unlikely(err != NET_XMIT_BYPASS))
                        return err;

+ if (mtu != 0 && mtu < skb->len){
+ if( (dst = __sk_dst_check(sdb->sk, 0)) == NULL){
+ if( !skb->dst_xfrm )
+ return err = ???;
+ dst = skb->dst_xfrm;
                     }
+ mtu = xfrm_get_mss(dst,mtu);
+ send "ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED" mtu
message to originating host;

            }
        }
}
4 remove the invocation to xfrm_get_mss() in function tcp_sync_mss();

Am I right? Welcome your advice!

Thanks,
Forrest
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html



This archive was generated by hypermail 2b29 : Thu Jul 31 2003 - 22:00:02 EST