Re: [Openvpn-devel] [PATCH v2] Drop recursively routed packets

Fri, 12 Aug 2016 11:27:23 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/01/16 13:43, Lev Stipakov wrote:
> v2: better method naming
> 
> On certain OSes (Windows, OS X) when network adapter is disabled
> (ethernet cable pulled off, Wi-Fi hardware switch disabled), 
> operating system starts to use tun as an external interface. 
> Outgoing packets are routed to tun, UDP encapsulated, given to 
> routing table and sent to.. tun.

Can this happen on Linux or *BSD?  Could this recursive routing
actually happen at all?

[...snip...]

> + +      /* skip ipv4 packets for ipv6 tun */ +      if
> (tun_sa.addr.sa.sa_family != AF_INET) +          return;

[...snip...]

> + +      /* skip ipv6 packets for ipv4 tun */ +      if
> (tun_sa.addr.sa.sa_family != AF_INET6) +        return;

How likely is it that these two checks will hit?  Do we truly need
them?  I'm basically concerned of the potential cost an extra check
adds.  As the link speed increases, such checks will have an impact
later on if now.  If truly needed, is it worth looking into providing
some branch prediction hints to the compiler?  (unlikely/likely hints)

> if (c->c2.buf.len > 0) { +      drop_if_recursive_routing (c,
> &c->c2.buf);

If this is truly only an issue on Windows and OSX, can we consider to
#ifdef the drop_if_recursive_routing() call?


- -- 
kind regards,

David Sommerseth
OpenVPN Technologies, Inc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iEYEARECAAYFAleuFGMACgkQDC186MBRfrphqACcCJ7UNTcaFM79njJ1HXFpw7hX
NbcAn2MgNCVh1joOOKhPo46dJ+5GAGdq
=xaHi
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to