Disable IP fragmentation on the UDP sockets

In DNS Flag Day 2020, we started setting the DF (Don't Fragment socket
option on the UDP sockets.  It turned out, that this code was incomplete
leading to dropping the outgoing UDP packets.

This has been now remedied, so it is possible to disable the
fragmentation on the UDP sockets again as the sending error is now
handled by sending back an empty response with TC (truncated) bit set.

This reverts commit 66eefac78c92b64b6689a1655cc677a2b1d13496.

(cherry picked from commit b9414110722cf60615c872551f42b99378724392)

diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c
index cdb4536820a5c05b853e4c123f043e656d62e9d9..c6bcaea16db73c171467fd1b70a9ee71bbc64176 100644 (file)
--- a/lib/isc/netmgr/netmgr.c
+++ b/lib/isc/netmgr/netmgr.c
@@ -2944,22 +2944,14 @@ isc__nm_socket_dontfrag(uv_os_sock_t fd, sa_family_t sa_family) {
         */
        if (sa_family == AF_INET6) {
 #if defined(IPV6_DONTFRAG)
-               if (setsockopt_off(fd, IPPROTO_IPV6, IPV6_DONTFRAG) == -1) {
+               if (setsockopt_on(fd, IPPROTO_IPV6, IPV6_DONTFRAG) == -1) {
                        return (ISC_R_FAILURE);
                } else {
                        return (ISC_R_SUCCESS);
                }
-#elif defined(IPV6_MTU_DISCOVER) && defined(IP_PMTUDISC_OMIT)
+#elif defined(IPV6_MTU_DISCOVER)
                if (setsockopt(fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
-                              &(int){ IP_PMTUDISC_OMIT }, sizeof(int)) == -1)
-               {
-                       return (ISC_R_FAILURE);
-               } else {
-                       return (ISC_R_SUCCESS);
-               }
-#elif defined(IPV6_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
-               if (setsockopt(fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
-                              &(int){ IP_PMTUDISC_DONT }, sizeof(int)) == -1)
+                              &(int){ IP_PMTUDISC_DO }, sizeof(int)) == -1)
                {
                        return (ISC_R_FAILURE);
                } else {
@@ -2970,22 +2962,14 @@ isc__nm_socket_dontfrag(uv_os_sock_t fd, sa_family_t sa_family) {
 #endif
        } else if (sa_family == AF_INET) {
 #if defined(IP_DONTFRAG)
-               if (setsockopt_off(fd, IPPROTO_IP, IP_DONTFRAG) == -1) {
-                       return (ISC_R_FAILURE);
-               } else {
-                       return (ISC_R_SUCCESS);
-               }
-#elif defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_OMIT)
-               if (setsockopt(fd, IPPROTO_IP, IP_MTU_DISCOVER,
-                              &(int){ IP_PMTUDISC_OMIT }, sizeof(int)) == -1)
-               {
+               if (setsockopt_on(fd, IPPROTO_IP, IP_DONTFRAG) == -1) {
                        return (ISC_R_FAILURE);
                } else {
                        return (ISC_R_SUCCESS);
                }
-#elif defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
+#elif defined(IP_MTU_DISCOVER)
                if (setsockopt(fd, IPPROTO_IP, IP_MTU_DISCOVER,
-                              &(int){ IP_PMTUDISC_DONT }, sizeof(int)) == -1)
+                              &(int){ IP_PMTUDISC_DO }, sizeof(int)) == -1)
                {
                        return (ISC_R_FAILURE);
                } else {