Hi, Nevermind, i reported this to the kernel team and it was fixed upstream. Fixed in 5.4.68 You can close this.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1890131 Title: Kernel 5.4.44 PMTUD broken inside LXC with multipath routing Status in linux package in Ubuntu: Expired Bug description: Hi, I have discovered that with the Ubuntu 5.4.44 kernel, PMTUD (Path MTU discovery) is broken inside LXC (network namespace) if using multipath routing. This breaks TCP, because it keeps trying to send oversized packets. Host test: ---------- root@host1:~# ip route add 192.168.247.100/32 dev vmbr2 nexthop via 192.168.252.250 dev vmbr2 nexthop via 192.168.252.252 dev vmbr2 root@host1:~# ip route | grep -A2 192.168.247.100 192.168.247.100 nexthop via 192.168.252.250 dev vmbr2 weight 1 nexthop via 192.168.252.252 dev vmbr2 weight 1 root@host1:~# ping -M do -s 1380 192.168.247.100 PING 192.168.247.100 (192.168.247.100) 1380(1408) bytes of data. From 192.168.252.252 icmp_seq=1 Frag needed and DF set (mtu = 1406) ping: local error: Message too long, mtu=1406 ping: local error: Message too long, mtu=1406 ping: local error: Message too long, mtu=1406 ping: local error: Message too long, mtu=1406 ^C --- 192.168.247.100 ping statistics --- 5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 80ms root@host1:~# ip route get 192.168.247.100 192.168.247.100 via 192.168.252.250 dev vmbr2 src 192.168.252.15 uid 0 cache expires 583sec mtu 1406 LXC container inside that host: ------------------------------- [root@lxctest ~]# ip route add 192.168.247.100/32 dev eth0 nexthop via 192.168.252.250 dev eth0 nexthop via 192.168.252.252 dev eth0 [root@lxctest ~]# ip route default via 192.168.252.100 dev eth0 proto static metric 100 192.168.247.100 nexthop via 192.168.252.250 dev eth0 weight 1 nexthop via 192.168.252.252 dev eth0 weight 1 192.168.252.0/24 dev eth0 proto kernel scope link src 192.168.252.207 metric 100 [root@lxctest ~]# ping -M do -s 1380 192.168.247.100 PING 192.168.247.100 (192.168.247.100) 1380(1408) bytes of data. From 192.168.252.252 icmp_seq=1 Frag needed and DF set (mtu = 1406) From 192.168.252.252 icmp_seq=2 Frag needed and DF set (mtu = 1406) From 192.168.252.252 icmp_seq=3 Frag needed and DF set (mtu = 1406) From 192.168.252.252 icmp_seq=4 Frag needed and DF set (mtu = 1406) [root@lxctest ~]# ip route get 192.168.247.100 192.168.247.100 via 192.168.252.252 dev eth0 src 192.168.252.207 uid 0 cache What seems to be happening, is that when multipath routing is used inside LXC (or any network namespace), the kernel doesn't generate a routing exception to force the lower MTU. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1890131/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
