Rollback setting IP_DONTFRAG option on the UDP sockets

In DNS Flag Day 2020, the development branch started setting the
IP_DONTFRAG option on the UDP sockets.  It turned out, that this
code was incomplete leading to dropping the outgoing UDP packets.
Henceforth this commit rolls back this setting until we have a
proper fix that would send back empty response with TC flag set.

diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c
index fb8b1fa701837261454817250867962e6bad3d93..5ec2ea07074b127095508655d062f15a93fe2148 100644 (file)
--- a/lib/isc/netmgr/netmgr.c
+++ b/lib/isc/netmgr/netmgr.c
@@ -2202,6 +2202,9 @@ isc__nm_closesocket(uv_os_sock_t sock) {
 #define setsockopt_on(socket, level, name) \
        setsockopt(socket, level, name, &(int){ 1 }, sizeof(int))
 
+#define setsockopt_off(socket, level, name) \
+       setsockopt(socket, level, name, &(int){ 1 }, sizeof(int))
+
 isc_result_t
 isc__nm_socket_freebind(uv_os_sock_t fd, sa_family_t sa_family) {
        /*
@@ -2327,14 +2330,22 @@ isc__nm_socket_dontfrag(uv_os_sock_t fd, sa_family_t sa_family) {
         */
        if (sa_family == AF_INET6) {
 #if defined(IPV6_DONTFRAG)
-               if (setsockopt_on(fd, IPPROTO_IPV6, IPV6_DONTFRAG) == -1) {
+               if (setsockopt_off(fd, IPPROTO_IPV6, IPV6_DONTFRAG) == -1) {
+                       return (ISC_R_FAILURE);
+               } else {
+                       return (ISC_R_SUCCESS);
+               }
+#elif defined(IPV6_MTU_DISCOVER) && defined(IP_PMTUDISC_OMIT)
+               if (setsockopt(fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
+                              &(int){ IP_PMTUDISC_OMIT }, sizeof(int)) == -1)
+               {
                        return (ISC_R_FAILURE);
                } else {
                        return (ISC_R_SUCCESS);
                }
-#elif defined(IPV6_MTU_DISCOVER)
+#elif defined(IPV6_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
                if (setsockopt(fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
-                              &(int){ IP_PMTUDISC_DO }, sizeof(int)) == -1)
+                              &(int){ IP_PMTUDISC_DONT }, sizeof(int)) == -1)
                {
                        return (ISC_R_FAILURE);
                } else {
@@ -2345,14 +2356,22 @@ isc__nm_socket_dontfrag(uv_os_sock_t fd, sa_family_t sa_family) {
 #endif
        } else if (sa_family == AF_INET) {
 #if defined(IP_DONTFRAG)
-               if (setsockopt_on(fd, IPPROTO_IP, IP_DONTFRAG) == -1) {
+               if (setsockopt_off(fd, IPPROTO_IP, IP_DONTFRAG) == -1) {
+                       return (ISC_R_FAILURE);
+               } else {
+                       return (ISC_R_SUCCESS);
+               }
+#elif defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_OMIT)
+               if (setsockopt(fd, IPPROTO_IP, IP_MTU_DISCOVER,
+                              &(int){ IP_PMTUDISC_OMIT }, sizeof(int)) == -1)
+               {
                        return (ISC_R_FAILURE);
                } else {
                        return (ISC_R_SUCCESS);
                }
-#elif defined(IP_MTU_DISCOVER)
+#elif defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DONT)
                if (setsockopt(fd, IPPROTO_IP, IP_MTU_DISCOVER,
-                              &(int){ IP_PMTUDISC_DO }, sizeof(int)) == -1)
+                              &(int){ IP_PMTUDISC_DONT }, sizeof(int)) == -1)
                {
                        return (ISC_R_FAILURE);
                } else {