Bug 731

Summary: tcp-mss, outgoing-tcp-mss option
Product: unbound Reporter: Daisuke HIGASHI <daisuke.higashi>
Component: serverAssignee: unbound team <unbound-team>
Status: RESOLVED FIXED    
Severity: enhancement CC: cathya, wouter
Priority: P5    
Version: 1.5.7   
Hardware: All   
OS: All   
Attachments: unbound-1.5.7-tcp-mss.diff

Description Daisuke HIGASHI 2015-12-19 20:14:58 CET
Created attachment 311 [details]
unbound-1.5.7-tcp-mss.diff

Hi,

   I have created a patch to add two options, tcp-mss and outgoing-tcp-mss to set TCP MSS via setsockopt(TCP_MAXSEG). When PMTUD doesn't work correctly, setting TCP MSS to value lower than common MSS on ethernet would help.

  tcp-mss: <number>
     Maximum  segment  size  (MSS)  of TCP socket on which the server
     responds to queries.

  outgoing-tcp-mss: <number>
     Maximum segment size (MSS) of TCP socket  for  outgoing  queries
     (from  Unbound to other servers).


  PMTUD doesn't work under  ECMP server load-balancing or anycast deployment in some cases[1][2]. Reducing TCP MSS is easy and suitable method for DNS servers to address this issue.
  I have tested this patch on Ubuntu12, CentOS7, and FreeBSD10. But on FreeBSD setsockopt(TCP_MAXSEG) is implemented but it doesn't work [3].

[1]https://blog.cloudflare.com/path-mtu-discovery-in-practice/
[2]https://tools.ietf.org/html/draft-v6ops-pmtud-ecmp-problem-00
[3]https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=144000
Comment 1 Daisuke HIGASHI 2015-12-19 20:23:31 CET
I submitted same patch for NSD.
https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=732
Comment 2 Wouter Wijngaards 2016-01-05 10:11:49 CET
Hi Daisuke,

Thank you for this patch (and the NSD patch)!  I'll see about including them.

Best regards, Wouter
Comment 3 Wouter Wijngaards 2016-01-05 11:39:58 CET
Hi Daisuke,

Thank you for your patch.  I have applied it to the code repository.

Best regards, Wouter