Fix ip4 frag bug #64
Open
Fix ip4 frag bug #64
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Can you write a unit test that fails before the bugfix and works after? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
When the MTU is set to a value other than 1500, the IPv4 fragmentation function may not work correctly. As a result, pinging packets of certain lengths may fail.
Changes
Changed the fragmentation condition from using the interface MTU minus the IP header length to using the actual maximum fragment size as the basis for determining whether fragmentation is needed.
Rationale
Using MTU - IP header size as a fragmentation condition can lead to incorrect behavior, especially when MTU is changed dynamically or set to non-default values. This change ensures that the fragmentation process uses the correct limit, avoiding oversized fragments and improving reliability across various transport scenarios.
In the current fragmentation logic, the calculations for nfb and fragsize are as follows:
const u16_t nfb = (u16_t)((netif->mtu - IP_HLEN) / 8);fragsize = LWIP_MIN(left, (u16_t)(nfb * 8));Since nfb is a u16_t type variable, the fragsize does not yield the exact value of netif->mtu - IP_HLEN, but instead a slightly smaller value. This slight discrepancy affects the subsequent fragmentation calculations, particularly when the remaining data length is small but still requires further fragmentation, leading to incorrect behavior.
For example, when a 3524-byte packet is fragmented with a 1176-byte fragment size, the second fragment will leave 1180 bytes, which should be further fragmented into 1176 bytes and 4 bytes (at this point,
fragsizeis 1176, andnetif->mtu - IP_HLENis 1180). However, due to the incorrect fragmentation condition (left < netif->mtu - IP_HLEN), the second-to-last fragment incorrectly has the last flag set to 1, leading to a fragmentation error.This fix updates the fragmentation condition to use the actual maximum fragment size rather than
netif->mtu - IP_HLEN, ensuring that the fragmentation logic correctly handles cases where remaining data still requires further fragmentation.Testing
pingcommand to test specific packet sizes (3524 bytes) under different MTU settings.pingpackets of 3524 bytes consistently dropped.pingpackets of 3524 bytes no longer dropped, successfully pinged through.