Bug#411839: linux-2.6: IPv6 PMTU table not garbage collected?

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#411839: linux-2.6: IPv6 PMTU table not garbage collected?
From: Lionel Elie Mamane <lionel@mamane.lu>
Date: Wed, 21 Feb 2007 11:49:44 +0100
Message-id: <[🔎] 20070221104944.GA26308@capsaicin.mamane.lu>
Reply-to: Lionel Elie Mamane <lionel@mamane.lu>, 411839@bugs.debian.org

Package: linux-2.6
Version: 2.6.18-8
Severity: normal

Symptoms: After a few weeks/months of uptime, my IPv6 machines whose
IPv6 "first hop" link MTU is more than the minimum (1280) stop
reacting to ICMPv6 "too big" packets and keep sending TCP packets
above the MTU of the path to other hosts.

Expected behaviour: After getting an ICMPv6 "too big" packet, send only
packets smaller than the MTU in given in that ICMPv6 packet to this
host.

Analysis:

I get the impression that the table where the kernel keeps the PMTU to
the IPv6 hosts it communicates with overflows over time, after a few
weeks or months of uptime. It looks like entries in that table expire
(because I do get the too big packets problem with hosts my hosts
communicate with a lot, they certainly were in the table in the past),
but that the place taken by expired entries is not freed up. Thus the
table doesn't get new entries added when the ICMPv6 "too big" packet
comes in and the TCP stack doesn't go back to smaller packets.

The symptoms seen by the users is that e.g. a SSH or SMTP connection
gets established OK, but once they start doing something "big" with it
(like the DATA phase of the SMTP dialogue or doing an ls of a big
directory in a ssh session), the connexion freezes. Once that effect
kicks in, it affects all new IPv6 connections/hosts. A tcpdump shows
that ICMPv6 "too big" packets come in, but that my host keeps sending
too big packets. A reboot cures it.

I vaguely remember that the first time this happened, I found some
statistics file in /proc/ or /sys/ where one line said some table had
4095 entries, which led me to this analysis. Alas, when it happened
again I could not remember what file that was and can't find it again
now. I didn't report it at the time because the kernel run by this
machine is rather old. But now it happened on a machine running
2.6.18-3-amd64, and "echo 8192 > /proc/sys/net/ipv6/route/max_size"
seems to have helped the problem.

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-amd64
Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)

Reply to:

Prev by Date: Bug#411135: linux-image-2.6.18-4-sparc64-smp: Unknown symbol execve in module bbc
Next by Date: Processing of linux-2.6_2.6.18.dfsg.1-11_powerpc.changes
Previous by thread: Processed: Re: access to large RAID arrays on Adaptec 2400A RAID controller with dpt_i2o module causes system hang
Next by thread: Processing of linux-2.6_2.6.18.dfsg.1-11_powerpc.changes
Index(es):
- Date
- Thread