[CentOS] UDP de-fragmentation problem

Sat Apr 9 19:40:41 UTC 2016
Marcelo Ricardo Leitner <marcelo.leitner at gmail.com>


Em 07-04-2016 12:19, Volker escreveu:
> Hi all.
> I have a strange problem at hand regarding UDP fragmentation on Centos7:
> Applications are unable to receive UDP packets which have undergone
> fragmentation UNLESS the netfilter modules are loaded.
> The problem arose on a application which would run fine on OpenSuse but
> does not work on Centos7. The application processes UDP data and on
> Centos only small packets are received and processed, packets below the
> fragmentation size limit of about 1500 bytes. UDP packets which have
> undergone fragmentation are not received by the application.
> The application in question uses Qt, which opens the UDP socket in
> non-blocking mode - apparently that's an issue because reading from the
> socket in blocking mode does not cause the problem.
> By chance I hit on the fact that once the netfilter kernel-modules
> (nf_nat, iptable_nat, nf_nat ...) are loaded the problem disappears and
> UDP packets of all sizes are correctly delivered and processed.
> - I'm not using netfilter. My iptables are empty, firewalld is not running.
> - Other networking applications -at least tcp- are working fine:
> webbrowsing, ssh, nfs etc even DNS
> - Does not happen on Opensuse regardless if netfilter modules are loaded
> or not.
> - Does not happen on Opensuse on the same machine. Does happen on
> different machines on Centos7. So it's not HW dependend
> - There is AFAIK nothing special about my Centos7 installation. Out of
> the box install, simple network config, latest updates applied.

Which kernel are you using?
And as you have trimmed it down to a reproducer, can you share it please?