A virtio-net device can receive a packet larger than the MTU

Solution Verified - Updated -

Issue

  • A virtio-net device can receive a packet larger than the MTU
  • If a KVM virtio NIC is set to a smaller MTU than the underlying network (eg: MTU 1500 network with MTU 1200 device) then a large Do Not Fragment packet is still delivered to the small-MTU device and received successfully:
receiver # ip link set mtu 1200 dev netX

receiver # ip a
netX: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1200

sender # ping -c1 -M do -s 1472 receiver
PING receiver 1472(1500) bytes of data.
...
 1 packets transmitted, 1 received, 0% packet loss, time 0ms
  • Changing the bridge and net/tap MTU to the smaller number does successfully restrict the packet size

Environment

  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 7
  • qemu KVM virtualization
  • virtio-net network interface
  • MTU changes from underlying network

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content