Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Mar 2001 21:36:54 -0500 (EST)
From:      Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
To:        Jonathan Lemon <jlemon@FreeBSD.org>
Cc:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/netinet ip_input.c
Message-ID:  <200103020236.VAA06356@khavrinen.lcs.mit.edu>
In-Reply-To: <15006.61041.727634.597339@nomad.yogotech.com>
References:  <200103012339.f21NdW309088@freefall.freebsd.org> <15006.60555.97100.465265@nomad.yogotech.com> <20010301184258.T25974@prism.flugsvamp.com> <15006.61041.727634.597339@nomad.yogotech.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
<<On Thu, 1 Mar 2001 17:50:57 -0700 (MST), Nate Williams <nate@yogotech.com> said:

> }   When iterating over our list of interface addresses in order to determine
> }   if an arriving packet belongs to us, also check that the packet arrived
> }   through the correct interface.  Skip this check if the packet was locally
> }   generated.

This change is bogus and breaks multihomed hosts.  Please back it
out.  While RFC 1122 states (3.3.4.2):

            (A)  A host MAY silently discard an incoming datagram whose
                 destination address does not correspond to the physical
                 interface through which it is received.

...modern practice follows what is described in that section as the
``Weak ES model'', wherein ``MUST NOT'' is substituted for ``MAY'' in
the requirement above.

In any case, the ``Strong ES model'' is not applicable to ``hosts with
embedded gateway functionality'' -- which FreeBSD unquestionably is.
Furthermore, RFC 1122 is dated and its analysis is incomplete; it is
not uncommon for a multi-homed, non-gateway system to receive packets
on the ``wrong'' interface as a result of explicit routes introduced
by the network administrator to direct traffic intended for a
particular host to a particular interface.  (For example, ten years
ago at UVM we had a network of SGI machines connected by a FDDI ring,
which were also multi-homed on an Ethernet.  We configured a host
route on each of the machines to intentionally direct traffic between
these machines to the FDDI regardless of which address was used.)

(Oh, and have I mentioned how much I despise the Q_FOREACH() macros?)

-GAWollman


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103020236.VAA06356>