Florian Westphal says:
====================
net: ip: push gso skb forwarding handling down the stack
Turns out doing the segmentation in forwarding was not a bright idea,
there are corner-cases where this has unintended side-effects.
This patch pushes the segmentation downwards.
After this, netif_skb_dev_features() function can be removed
again, it was only added to fetch the features of the output device,
we can just use skb->dev after the pushdown.
Tested with following setup:
host -> kvm_router -> kvm_host
mtu 1500 mtu1280
- 'host' has route to kvm_host with locked mtu of 1500
- gso/gro enabled on all interfaces
Did tests with all of following combinations:
- netfilter conntrack off and on on kvm_router
- virtio-net and e1000 driver on kvm_router
- tcp and udp bulk xmit from host to kvm_host
for tcp, I added TCPMSS mangling on kvm_host to make it lie about tcp mss.
Also added a dummy '-t mangle -A POSTROUTING -p udp -f'
rule to make sure no udp fragments are seen in the 'conntrack on'
and 'virtio-net' case.
Also checked (with ping -M do -s 1400)' that it still sends the wanted
icmp error message when size exceeds 1280.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>