From: Stefan Hanreich <s.hanreich@proxmox.com>
To: Thomas Lamprecht <t.lamprecht@proxmox.com>,
Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Subject: Re: [pve-devel] [PATCH docs/manager/qemu-server v2 0/3] Make VirtIO network devices always inherit MTU from bridge
Date: Tue, 22 Apr 2025 13:33:53 +0200 [thread overview]
Message-ID: <0d965cab-3962-475a-b285-e75d86fe1183@proxmox.com> (raw)
In-Reply-To: <9ecdfff3-7458-4c37-a153-dce43a9ff93e@proxmox.com>
On 4/18/25 09:46, Thomas Lamprecht wrote:
> Am 17.04.25 um 12:48 schrieb Stefan Hanreich:
>> The current default behavior for VirtIO network devices is to default to 1500
>> MTU, unless otherwise specified. This is inconvenient in cases where the MTU is
>> not the default value (e.g. for VXLAN VNets or bridges with jumbo frames).
>> Containers already inherit the MTU of the bridge, if not set, so change the
>> behavior of VMs to be more in line with containers. This also makes using
>> non-standard MTUs more convenient and less error-prone since users do not have
>> to remember setting the MTU everytime they configure a network device on such a
>> brige.
>
> Hmm, does this have regression potential for bridges with a too high MTU?
> I.e., one where the MTU works for LAN but not for anything going beyond that,
> which is odd but can be working fine I think? At least as long as no host and
> no CT uses this bridge for communicating with endpoints outside the LAN.
In that case, traffic going outside the LAN has to go through a router,
which has to handle routing between networks with different MTU. Either
by fragmenting packets or dropping them and sending an ICMP
'fragmentation needed'. Of course that setup is far from optimal, but it
should work. Not 100% sure if that is what you meant, correct me if I
misunderstood something.
With this patch we're setting the MTU of the NIC to the MTU that is set
on the bridge already, so the bridge would have already dropped packets
that are too large.
If the MTU of the bridge was larger than 1500, but the NIC was set to
1500, then the VM was just sending packets that are too small, but the
setup would work, assuming the bridge MTU is the correct one for the
network.
A possible regression I can think of is: If the bridge was set to the
wrong MTU (e.g. 9000) at some point, but external devices in the same
LAN are still set to use a lower MTU (e.g. 1500). If users never
configured the larger MTU anywhere else besides the bridge, then this
would break.
If the MTU of the bridge was smaller than 1500, but the NIC is set to
1500 (which is the case with SDN VXLAN bridges), then this would be
discovered quite quickly in most cases since network packets would get
dropped. This change would fix such existing broken setups.
> FWIW, we could also tie this behavior to a machine version to avoid changing
> the behavior for any existing VM. But I would be fine with applying this only
> for PVE 9 then and add a notice to the pve8to9 checker script that lists all
> VMs that will change their MTU including the respective value.
I think it would be a good idea to include this in pve8to9 with warnings
at least and mention it in the release notes. It might make for some
noise and unsettle some users though. Since we cannot really tell what
MTU is set inside the VM, we'd have to show warnings for basically every
network device on a bridge with MTU != 1500.
Would also be open to tie this to a new machine version if we want to be
really careful and avoid the unnecessary warnings.
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-04-22 11:34 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-17 10:48 Stefan Hanreich
2025-04-17 10:48 ` [pve-devel] [PATCH qemu-server v2 1/1] net: pass host_mtu parameter when mtu is unset in netdev config Stefan Hanreich
2025-04-17 10:48 ` [pve-devel] [PATCH pve-manager v2 1/1] qemu: network: adjust MTU emptyText to match new default behavior Stefan Hanreich
2025-04-17 10:48 ` [pve-devel] [PATCH pve-docs v2 1/1] qm: document new default behavior for mtu setting Stefan Hanreich
2025-04-18 7:46 ` [pve-devel] [PATCH docs/manager/qemu-server v2 0/3] Make VirtIO network devices always inherit MTU from bridge Thomas Lamprecht
2025-04-22 11:33 ` Stefan Hanreich [this message]
2025-04-22 14:48 ` Thomas Lamprecht
2025-04-23 11:52 ` Stefan Hanreich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0d965cab-3962-475a-b285-e75d86fe1183@proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
--cc=t.lamprecht@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal