View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0007505||CentOS-7||kernel||public||2014-08-15 12:22||2014-08-16 02:04|
|Reporter||Tom Horsley||Assigned To|
|Summary||0007505: UDP forwarding does not work for fragmented NFS packets|
|Description||This mailing list thread has more details: http://lists.centos.org/pipermail/centos/2014-August/145056.html|
I have a system acting as a KVM host as well as a gateway to the separate subnet where all the virtual machines run on a bridge network setup.
Inside the virtual machines, I have NFS mounts, some of which are to old servers that only talk nfsvers=3 and UDP protocol.
When I do something like a "ls" command that will cause a readdir on the NFS filesystem which will require several UDP packets worth of a response, the NFS server generates a reply with several 1500 byte responses linked together (1500 is the MTU of absolutely every single interface involved in this process). These packets are all marked as "Don't Fragment", however, the centos7 system acting as the gateway always generates an ICMP error saying the packet is too big and needs to be fragmented.
This was all happening with the kernel-3.10.0-123.6.3.el7.x86_64 rpm.
After much desperate poking around, I tried copying the 3.15.8-200.fc20.x86_64
kernel from my Fedora 20 desktop to the centos7 KVM host machine. When I boot it, all the UDP forwarding started working perfectly. My virtual machines can all access NFS mounts, etc. This led me to believe a kernel bug is involved :-).
|Steps To Reproduce||Try to mount nfsvers=3, proto=udp NFS filesystems inside a virtual machine which has a centos 7 machine acting as a gateway to forward the UDP traffic. Watch all large NFS packets be immediately followed by a ICMP error about fragmentation.|
|Tags||No tags attached.|
I am afraid you'll need to create yet another bugzilla account :)
Please be as kind as to report this issue at bugzilla.redhat.com ( against RHEL 7=> kernel component). CentOS just rebuilds the kernel package from the sources provided by RH (and is bound to replicate everything, bug for bug) so (short of identifying the issue and maybe providing a temporary solution - for instance a patched kernel package via people.centos.org ) there is nothing we can do to fix your problem. Please crosslink the bugzilla report with this one ( use the External Bug Tracker => CentOS => 7505 ). And given that all bugs opened against the kernel at bugzilla.r.c are automatically marked as private, we rely on you to keep us posted :)