From owner-freebsd-net@freebsd.org  Sun Feb 25 20:33:08 2018
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 17EDDF26740
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Sun, 25 Feb 2018 20:33:08 +0000 (UTC)
 (envelope-from jschauma@netmeister.org)
Received: from panix.netmeister.org (panix.netmeister.org
 [IPv6:2001:470:30:84:e276:63ff:fe72:3900])
 by mx1.freebsd.org (Postfix) with ESMTP id 3AF946F482
 for <freebsd-net@freebsd.org>; Sun, 25 Feb 2018 20:33:07 +0000 (UTC)
 (envelope-from jschauma@netmeister.org)
Received: by panix.netmeister.org (Postfix, from userid 1000)
 id C6B4E6513F; Sun, 25 Feb 2018 15:33:06 -0500 (EST)
Date: Sun, 25 Feb 2018 15:33:06 -0500
From: Jan Schaumann <jschauma@netmeister.org>
To: freebsd-net@freebsd.org
Subject: tcpmux port opened for dual-stack results
Message-ID: <20180225203306.GL8306@netmeister.org>
Mail-Followup-To: jschauma@netmeister.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.24 (2015-08-30)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Feb 2018 20:33:08 -0000

Hi,

I just encountered something that befuddles me:

On an AWS EC2 instance (ami-d0b520b8, FreeBSD 10.1-RELEASE), I noticed
that 'telnet www.google.com 80' first opens a UDP socket to google's
addresses on port 1, then closes it without sending any data before
opening the TCP socket.

Sample (trimmed) ktrace output:

  1098 telnet   RET   socket 3
  1098 telnet   CALL  connect(0x3,0xbfbfe8c8,0x1c)
  1098 telnet   STRU  struct sockaddr { AF_INET6, [2607:f8b0:4004:807::2004]:1 }
  1098 telnet   RET   connect -1 errno 65 No route to host
  1098 telnet   CALL  close(0x3)
  1098 telnet   RET   close 0
  1098 telnet   CALL  socket(PF_INET,SOCK_CLOEXEC|SOCK_DGRAM,IPPROTO_UDP)
  1098 telnet   RET   socket 3
  1098 telnet   CALL  connect(0x3,0xbfbfe8c8,0x10)
  1098 telnet   STRU  struct sockaddr { AF_INET, 172.217.12.228:1 }
  1098 telnet   RET   connect 0
  1098 telnet   CALL  getsockname(0x3,0x28c311dc,0xbfbfe8c4)
  1098 telnet   STRU  struct sockaddr { AF_INET, 10.234.105.225:22661 }
  1098 telnet   RET   getsockname 0
  1098 telnet   CALL  close(0x3)
[...]
  1098 telnet   GIO   fd 1 wrote 25 bytes
       "Trying 172.217.12.228...
       "
  1098 telnet   RET   write 25/0x19
  1098 telnet   CALL  socket(PF_INET,SOCK_STREAM,IPPROTO_TCP)
  1098 telnet   RET   socket 3
[...]
  1098 telnet   CALL  connect(0x3,0x28c0f0f0,0x10)
  1098 telnet   STRU  struct sockaddr { AF_INET, 172.217.12.228:80 }
  1098 telnet   RET   connect 0


I don't see this happening when the destination host in question has
either only an IPv6 record or only an IPv4 record.  In those cases,
telnet will try to open the TCP socket to port 80.  In the case of
dual-stack addresses, however, I see the above behaviour.

(I also see the same behavior in e.g. nc(1), so this is not a telnet(1)
specific thing.)

Anybody have any idea why this is done?

-Jan