address pingable with interface down

address pingable with interface down

[Jon DeVree]

[-- Attachment #1: Type: text/plain, Size: 1642 bytes --]

I've noticed in the past that the address owned by an interface is still
pingable after that interface is brought down. This appears to be
because the routing table entry for the address itself is never removed
when the interface is brought down. I'm curious if this is desired
behavior or if this is a bug. I've managed to patch my kernel to remove
the leftover entry and it doesn't seem to have any ill effects but I
haven't tried any of the more advanced routing setups with it this way.

Attached is one possible patch. Its a simple one, not the best one
because like I said, I don't know if this was the desired behavior or
not. If this is the desired behavior I'm curious why.

Steps to reproduce:
# ip route show table 0 dev eth0
# ifconfig eth0 1.2.3.4
# ip route show table 0 dev eth0
1.0.0.0/8  proto kernel  scope link  src 1.2.3.4 
broadcast 1.0.0.0  table local  proto kernel  scope link  src 1.2.3.4 
local 1.2.3.4  table local  proto kernel  scope host  src 1.2.3.4 
broadcast 1.255.255.255  table local  proto kernel  scope link  src 1.2.3.4
# ifconfig eth0 down
# ip route show table 0 dev eth0
local 1.2.3.4  table local  proto kernel  scope host  src 1.2.3.4
# ping -c 1 1.2.3.4
PING 1.2.3.4 (1.2.3.4) 56(84) bytes of data.
64 bytes from 1.2.3.4: icmp_seq=1 ttl=64 time=0.104 ms

--- 1.2.3.4 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.104/0.104/0.104/0.000 ms


I asked on LKML about this when I first noticed it but didn't get an
answer, so I figured I'd try the more specific mailing list.
-- 
Jon
X(7x): A program for managing terminals. See also screen(1).

[-- Attachment #2: fib_disable_ip.diff --]
[-- Type: text/plain, Size: 348 bytes --]

--- linux-2.6.13.2-clean/net/ipv4/fib_frontend.c	2006-05-10 15:36:14.000000000 -0400
+++ linux-2.6.13.2/net/ipv4/fib_frontend.c	2006-05-10 15:36:25.000000000 -0400
@@ -629,7 +629,7 @@
 		rt_cache_flush(-1);
 		break;
 	case NETDEV_DOWN:
-		fib_disable_ip(dev, 0);
+		fib_disable_ip(dev, 1);
 		break;
 	case NETDEV_CHANGEMTU:
 	case NETDEV_CHANGE:

Re: address pingable with interface down

[David S. Miller]

From: Jon DeVree <jadevree@mtu.edu>
Date: Wed, 10 May 2006 15:48:18 -0400

> I've noticed in the past that the address owned by an interface is
> still pingable after that interface is brought down.

People bring this up all the time and this behavior is
intentional.

Linux uses a "host based" addressing model, IP addresses are owned by
the host, not individual interfaces. So as long as the IP address is
configured to some interface, we will accept packets destinated to
that IP address as our's.

This is becoming a serious FAQ and very tiresome to explain over and
over again.

Re: address pingable with interface down

[Jason Lunz]

davem@davemloft.net said:
> This is becoming a serious FAQ and very tiresome to explain over and
> over again.

So where's the linux networking faq? I've been lurking here long enough
to know that there's no shortage of faqs, but there's no canonical
netdev faq that i'm aware of. Maybe one should be started?

Jason

Re: address pingable with interface down

[Ian McDonald]

> So where's the linux networking faq? I've been lurking here long enough
> to know that there's no shortage of faqs, but there's no canonical
> netdev faq that i'm aware of. Maybe one should be started?
>
> Jason
>
http://linux-net.osdl.org/index.php/ is the linux networking canonical wiki.

I've added this FAQ under IPv4. I'm sure if this isn't the best place
someone will shift it being a wiki :-)

Ian
--
Ian McDonald
Web: http://wand.net.nz/~iam4
Blog: http://imcdnzl.blogspot.com
WAND Network Research Group
Department of Computer Science
University of Waikato
New Zealand

Re: address pingable with interface down

[Christopher Friesen]

David S. Miller wrote:
> From: Jon DeVree <jadevree@mtu.edu>

>>I've noticed in the past that the address owned by an interface is
>>still pingable after that interface is brought down.

> People bring this up all the time and this behavior is
> intentional.

> This is becoming a serious FAQ and very tiresome to explain over and
> over again.

Maybe the fact that so may people ask about or are surprised by it is a 
sign that it is counter-intuitive and should perhaps be more fully 
documented?

The fact that "ifconfig" or "ip addr" show IP addresses as specifically 
associated with individual ethernet links may contribute to this 
problem--it sure makes it look like the IP address is an attribute of 
the link rather than the host.

Chris