* raw sockets ignore IP_HDRINCL data
@ 2007-06-01 5:36 Mick McCreath
2007-06-02 11:07 ` Herbert Xu
0 siblings, 1 reply; 4+ messages in thread
From: Mick McCreath @ 2007-06-01 5:36 UTC (permalink / raw)
To: netdev
Hi,
I have a multi-homed system like this:
eth1: 1.2.3.4 GW: 1.2.3.1
eth2: 2.3.4.5 GW: 2.3.4.1
route ouput snippet is:
default 2.3.4.1 0.0.0.0 UG 3 0 0 eth2
default 1.2.3.1 0.0.0.0 UG 4 0 0 eth1
default 2.3.4.1 0.0.0.0 UG 4 0 0 eth2
When I run traceroute -i eth1 5.4.3.2, the UDP packets are routed out
eth2.
Has anybody seen this behaviour with traceroute??
I have done some debugging, and believe this to be an ipv4 kernel bug.
My research came up with the following:
By the traceroute source code, it uses raw sockets and relies on
IP_HDRINCL (which is defined in the kernel source <netinet/in.h>) to
select the routing interface and does not bind the socket to the source
IP address.
I hacked the traceroute source code to do a bind if the -i option is used,
and the correct GW is used.
I am using a 2.4.29 kernel and have traced through the kernel and
in .../net/ipv4/raw.c, raw_sendmsg() does not read the data to get the
IP header and the source address, which then results in a 0.0.0.0 source
address and hence the routing, ip_route_output(), pulls the default
gateway with the lowest metric, in this case eth2.
I have also used a 2.6.21 kernel and similiar behaviour happens. The
2.6.21 kernel source code does not read the IP header from the data
either.
Am I reading/interpreting the source code correctly?
Any other suggestions/more information would be great.
Cheers,
Mick
--
--
Mick McCreath
Sr Engineer
Secure Computing®
your trusted source for enterprise security™
www.securecomputing.com
NASDAQ: SCUR
61 7 3435 2803 (Direct Phone)
mick_mccreath@securecomputing.com
Secure Computing Corporation
825 Stanley Street
Woolloongabba
Queensland 4102
Australia
The information contained in this email message may be privileged,
confidential and protected from disclosure. If you are not the intended
recipient, any review, dissemination, distribution or copying is
strictly prohibited. If you have received this email message in error,
please notify the sender by reply email and delete the message and any
attachments.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: raw sockets ignore IP_HDRINCL data
2007-06-01 5:36 raw sockets ignore IP_HDRINCL data Mick McCreath
@ 2007-06-02 11:07 ` Herbert Xu
2007-06-03 22:52 ` Mick McCreath
0 siblings, 1 reply; 4+ messages in thread
From: Herbert Xu @ 2007-06-02 11:07 UTC (permalink / raw)
To: Mick McCreath; +Cc: netdev
Mick McCreath <mick_mccreath@au.securecomputing.com> wrote:
>
> When I run traceroute -i eth1 5.4.3.2, the UDP packets are routed out
> eth2.
>
> Has anybody seen this behaviour with traceroute??
Well the version of traceroute here actually does a BINDTODEVICE so it
will go out of the right interface. It also binds the socket so that
it gets the right source address.
I can see your point of view that it would be nice if the kernel read
the IP headers in making its routing decision. However, the current
behaviour has been there forever and it's unclear what we might break
by changing it.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: raw sockets ignore IP_HDRINCL data
2007-06-02 11:07 ` Herbert Xu
@ 2007-06-03 22:52 ` Mick McCreath
2007-06-03 23:59 ` Herbert Xu
0 siblings, 1 reply; 4+ messages in thread
From: Mick McCreath @ 2007-06-03 22:52 UTC (permalink / raw)
To: Herbert Xu; +Cc: netdev
Hi Herbet,
Thanks for the feedback.
On Sat, 2007-06-02 at 21:07 +1000, Herbert Xu wrote:
> Mick McCreath <mick_mccreath@au.securecomputing.com> wrote:
> >
> > When I run traceroute -i eth1 5.4.3.2, the UDP packets are routed out
> > eth2.
> >
> > Has anybody seen this behaviour with traceroute??
>
> Well the version of traceroute here actually does a BINDTODEVICE so it
> will go out of the right interface. It also binds the socket so that
> it gets the right source address.
>
Which traceroute are you using??
I am using version 1.4a12 by Van Jacobson downloaded from Lawrence
Berkeley Labs.
In this one, it only binds if IP_HDRINCL is not defined (in a #ifndef).
> I can see your point of view that it would be nice if the kernel read
> the IP headers in making its routing decision. However, the current
> behaviour has been there forever and it's unclear what we might break
> by changing it.
I sort of thought that might be the case :-)
Cheers,
--
--
Mick McCreath
Sr Engineer
Secure Computing®
your trusted source for enterprise security™
www.securecomputing.com
NASDAQ: SCUR
61 7 3435 2803 (Direct Phone)
mick_mccreath@securecomputing.com
Secure Computing Corporation
825 Stanley Street
Woolloongabba
Queensland 4102
Australia
The information contained in this email message may be privileged,
confidential and protected from disclosure. If you are not the intended
recipient, any review, dissemination, distribution or copying is
strictly prohibited. If you have received this email message in error,
please notify the sender by reply email and delete the message and any
attachments.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2007-06-04 0:15 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-06-01 5:36 raw sockets ignore IP_HDRINCL data Mick McCreath
2007-06-02 11:07 ` Herbert Xu
2007-06-03 22:52 ` Mick McCreath
2007-06-03 23:59 ` Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).