今天遇到的网络问题,对端回包过大,超过mtu,这时NAT网关(linux)转发包失败,提示进入gso,gre不能分片。
wireshark查看报文:内层IP的DF设置了,这是不是不能分片的原因?
外层IP是运行分片的,但实际没有分片
两层IP的DF flag不一致,是否是这个原因,还需要继续定位。
今天准备在对端抓包,看看是否超过了MTU限制,估计是对端问题。
这两天查的资料链接,记录一下:
https://docs.kernel.org/networking/segmentation-offloads.html
Generic Segmentation Offload - GSO
https://datatracker.ietf.org/doc/rfc5508/
df flag,nat
https://www.wireshark.org/download.html
https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/13725-56.html
gre df flag
https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html#toc-hId-1275057576
gre mtu
https://www.rfc-editor.org/rfc/rfc7588#section-3.3.2
https://www.rfc-editor.org/rfc/rfc7588#section-3.2
gre fragment
https://networkengineering.stackexchange.com/questions/28357/more-fragment-flag-and-frag-offset-field-after-gre-fragmentation
gre fragment
https://support.huawei.com/enterprise/en/doc/EDOC1100034238/a1bd518c/optional-configuring-the-df-flag-bit-for-gre-packets
https://support.huawei.com/enterprise/zh/doc/EDOC1100033731/a1bd518c
gre df flag
https://man7.org/linux/man-pages/man1/stap.1.html
Linux打点的方法
https://redwingz.blog.csdn.net/article/details/83280247?spm=1001.2101.3001.6650.4&utm_medium=distribute.pc_relevant.none-task-blog-2%7Edefault%7EBlogCommendFromBaidu%7ERate-4-83280247-blog-118711994.235%5Ev43%5Epc_blog_bottom_relevance_base9&depth_1-utm_source=distribute.pc_relevant.none-task-blog-2%7Edefault%7EBlogCommendFromBaidu%7ERate-4-83280247-blog-118711994.235%5Ev43%5Epc_blog_bottom_relevance_base9&utm_relevant_index=9
GRE报文头
https://docs.kernel.org/networking/segmentation-offloads.html
TCP Segmentation Offload - TSO
UDP Fragmentation Offload - UFO
Generic Segmentation Offload - GSO
https://luckymrwang.github.io/2022/07/27/SmartNIC-%E2%80%94-TSO%E3%80%81GSO%E3%80%81LRO%E3%80%81GRO-%E6%8A%80%E6%9C%AF/
TSO,GSO的关系
https://blog.csdn.net/wangquan1992/article/details/109018488
TSO,GSO
https://www.cnblogs.com/dream397/p/14500939.html
GSO