ip_route_output bug 2

From: Valentijn Sessink (valentyn+killspam@nospam.openoffice.nl)
Date: Fri Mar 31 2000 - 16:53:19 EST

Next message: Brian Macy: "Bug in eepro100.c? NETDEV_WATCHDOG"
Previous message: Anders Öhrt: "Misc errors"
In reply to: Valentijn Sessink: "ip_route_output bug?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There's a bug in the output address of masq'ed packets.

The output addresses for masqueraded networks in my kernel 2.2.14 are
"sometimes" wrong. AFAICT this happens if two UDP packets close to one
another have an identical source but different destinations - for
different interfaces.

Short info:
yangtse:~# ip link l
3: eth1: 24.132.71.96/23 brd 24.132.71.255 scope global eth1
6: ppp0: 195.190.229.42/32 local 10.66.2.1 scope global ppp0

yangtse:~# ip ru l
32766: from all lookup main

yangtse:~# ip ro l table main
default via 24.132.70.1 dev eth1 src 24.132.71.96

In error:
tcpdump: listening on eth1
22:21:33.459562 10.66.2.1.61025 > 62.108.1.71.3130: udp 73
^^^^^^^^^^^^^^^ wrong, eth1 != 10.etcetera.

Setup: yangtse masq's for 192.168.112.0/24 to two networks:
24.132.70.0/23 and a silly PPTP network (an invention of the local
telco) with a 10.66.2.1 address, pointopoint and NAT'ed to eventually
become 194.109.240.55. For some reason the output addresses are wrong.
They seem to go out random if they come close to another; like this:
yellowstone:/etc# tcpdump -n -p -i eth0 udp
23:15:42.276099 192.168.112.11.3130 > 62.108.1.71.3130: udp 80
23:15:42.276139 192.168.112.11.3130 > 194.109.6.96.3130: udp 80

... now the output *for both interfaces* become the "10.... " address at
yangtse, although that should have only been the case for the ppp0
interface; the other should have gotten "24.132.71.96" but it doesn't.
Sometimes they change: then the ppp0 interface is in trouble but the
eth1 is not.

The exact settings:

yangtse:~# ip link l
1: lo: <LOOPBACK,UP> mtu 3924 qdisc noqueue
    link/LOOPBACK 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
    link/ETHER 00:60:08:79:37:16 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.101/24 brd 10.0.0.255 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
    link/ETHER 00:e0:29:57:37:bd brd ff:ff:ff:ff:ff:ff
    inet 24.132.71.96/23 brd 24.132.71.255 scope global eth1
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
    link/ETHER 00:e0:29:40:53:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.112.1/24 brd 192.168.112.255 scope global eth2
6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast
    link/PPP
    inet 195.190.229.42/32 local 10.66.2.1 scope global ppp0

yangtse:~# ip ro l table all
10.128.1.6 dev ppp0 scope link
195.190.229.42 dev ppp0 proto kernel scope link src 10.66.2.1
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.101
192.168.112.0/24 dev eth2 proto kernel scope link src 192.168.112.1
24.132.70.0/23 dev eth1 proto kernel scope link src 24.132.71.96
194.109.0.0/16 dev ppp0 scope link src 10.66.2.1
default via 24.132.70.1 dev eth1 src 24.132.71.96
broadcast 127.255.255.255 dev lo table local proto kernel scope link
src 127.0.0.1
local 10.0.0.101 dev eth0 table local proto kernel scope host src
10.0.0.101
local 10.66.2.1 dev ppp0 table local proto kernel scope host src
10.66.2.1
local 192.168.112.1 dev eth2 table local proto kernel scope host src
192.168.112.1
broadcast 10.0.0.0 dev eth0 table local proto kernel scope link src
10.0.0.101
broadcast 192.168.112.0 dev eth2 table local proto kernel scope link
src 192.168.112.1
local 24.132.71.96 dev eth1 table local proto kernel scope host src
24.132.71.96
broadcast 24.132.70.0 dev eth1 table local proto kernel scope link
src 24.132.71.96
broadcast 10.0.0.255 dev eth0 table local proto kernel scope link
src 10.0.0.101
broadcast 24.132.71.255 dev eth1 table local proto kernel scope link
src 24.132.71.96
broadcast 192.168.112.255 dev eth2 table local proto kernel scope
link src 192.168.112.1
broadcast 127.0.0.0 dev lo table local proto kernel scope link src
127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src
127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src
127.0.0.1

yangtse:~# ip ru l
0: from all lookup local
100: from 192.168.112.10 lookup main
120: from 192.168.112.0/24 to 194.109.0.0 lookup 10
32766: from all lookup main
32767: from all lookup default

tcpdump: listening on eth1
22:21:33.459562 10.66.2.1.61025 > 62.108.1.71.3130: udp 73
^^^^^^^^^^^^^^^

Ipchains builds a firewall with lots of input/output rules, but it has
only one masq'ing rule: ipchains -A forward -s 192.168.112.0/24 -j MASQ

This is a 2.2.14 kernel with
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_RTNETLINK=y
CONFIG_NETLINK=y
CONFIG_IP_MULTIPLE_TABLES=y
# CONFIG_IP_ROUTE_MULTIPATH is not set
CONFIG_IP_ROUTE_TOS=y
CONFIG_IP_ROUTE_VERBOSE=y
# CONFIG_IP_ROUTE_LARGE_TABLES is not set
# CONFIG_IP_ROUTE_NAT is not set
# CONFIG_IP_PNP is not set
CONFIG_IP_FIREWALL=y
# CONFIG_IP_FIREWALL_NETLINK is not set
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_TRANSPARENT_PROXY=y
CONFIG_IP_MASQUERADE=y

Best regards,

Valentijn

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Brian Macy: "Bug in eepro100.c? NETDEV_WATCHDOG"
Previous message: Anders Öhrt: "Misc errors"
In reply to: Valentijn Sessink: "ip_route_output bug?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Mar 31 2000 - 21:00:30 EST