Re: raw sockets ignore IP_HDRINCL data
Hi Herbet, Thanks for the feedback. On Sat, 2007-06-02 at 21:07 +1000, Herbert Xu wrote: Mick McCreath [EMAIL PROTECTED] wrote: When I run traceroute -i eth1 5.4.3.2, the UDP packets are routed out eth2. Has anybody seen this behaviour with traceroute?? Well the version of traceroute here actually does a BINDTODEVICE so it will go out of the right interface. It also binds the socket so that it gets the right source address. Which traceroute are you using?? I am using version 1.4a12 by Van Jacobson downloaded from Lawrence Berkeley Labs. In this one, it only binds if IP_HDRINCL is not defined (in a #ifndef). I can see your point of view that it would be nice if the kernel read the IP headers in making its routing decision. However, the current behaviour has been there forever and it's unclear what we might break by changing it. I sort of thought that might be the case :-) Cheers, -- -- Mick McCreath Sr Engineer Secure Computing® your trusted source for enterprise security™ www.securecomputing.com NASDAQ: SCUR 61 7 3435 2803 (Direct Phone) [EMAIL PROTECTED] Secure Computing Corporation 825 Stanley Street Woolloongabba Queensland 4102 Australia The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any review, dissemination, distribution or copying is strictly prohibited. If you have received this email message in error, please notify the sender by reply email and delete the message and any attachments. - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: raw sockets ignore IP_HDRINCL data
On Mon, Jun 04, 2007 at 08:52:07AM +1000, Mick McCreath wrote:
Which traceroute are you using??
I am using version 1.4a12 by Van Jacobson downloaded from Lawrence
Berkeley Labs.
The one from Debian which is based on the same source. Hmm, it
looks like I came to the same conclusion that you did and added
a patch to it five years ago to get it to bind the interface :)
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmVHI~} [EMAIL PROTECTED]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: raw sockets ignore IP_HDRINCL data
Mick McCreath [EMAIL PROTECTED] wrote:
When I run traceroute -i eth1 5.4.3.2, the UDP packets are routed out
eth2.
Has anybody seen this behaviour with traceroute??
Well the version of traceroute here actually does a BINDTODEVICE so it
will go out of the right interface. It also binds the socket so that
it gets the right source address.
I can see your point of view that it would be nice if the kernel read
the IP headers in making its routing decision. However, the current
behaviour has been there forever and it's unclear what we might break
by changing it.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmVHI~} [EMAIL PROTECTED]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
raw sockets ignore IP_HDRINCL data
Hi, I have a multi-homed system like this: eth1: 1.2.3.4 GW: 1.2.3.1 eth2: 2.3.4.5 GW: 2.3.4.1 route ouput snippet is: default 2.3.4.1 0.0.0.0 UG 3 0 0 eth2 default 1.2.3.1 0.0.0.0 UG 4 0 0 eth1 default 2.3.4.1 0.0.0.0 UG 4 0 0 eth2 When I run traceroute -i eth1 5.4.3.2, the UDP packets are routed out eth2. Has anybody seen this behaviour with traceroute?? I have done some debugging, and believe this to be an ipv4 kernel bug. My research came up with the following: By the traceroute source code, it uses raw sockets and relies on IP_HDRINCL (which is defined in the kernel source netinet/in.h) to select the routing interface and does not bind the socket to the source IP address. I hacked the traceroute source code to do a bind if the -i option is used, and the correct GW is used. I am using a 2.4.29 kernel and have traced through the kernel and in .../net/ipv4/raw.c, raw_sendmsg() does not read the data to get the IP header and the source address, which then results in a 0.0.0.0 source address and hence the routing, ip_route_output(), pulls the default gateway with the lowest metric, in this case eth2. I have also used a 2.6.21 kernel and similiar behaviour happens. The 2.6.21 kernel source code does not read the IP header from the data either. Am I reading/interpreting the source code correctly? Any other suggestions/more information would be great. Cheers, Mick -- -- Mick McCreath Sr Engineer Secure Computing® your trusted source for enterprise security™ www.securecomputing.com NASDAQ: SCUR 61 7 3435 2803 (Direct Phone) [EMAIL PROTECTED] Secure Computing Corporation 825 Stanley Street Woolloongabba Queensland 4102 Australia The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any review, dissemination, distribution or copying is strictly prohibited. If you have received this email message in error, please notify the sender by reply email and delete the message and any attachments. - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
