Date: Mon, 31 Aug 2020 11:06:10 -0500 From: Kyle Evans <kevans@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>, svn-src-head <svn-src-head@freebsd.org>, Mira Ressel <aranea@aixah.de> Subject: Re: svn commit: r364982 - head/sys/netinet6 Message-ID: <CACNAnaHHhoMmAd7g_EUVs4%2BoaSQKDSW-R8a80YisJTWQ60-a%2Bg@mail.gmail.com> In-Reply-To: <202008310145.07V1jn1e003692@repo.freebsd.org> References: <202008310145.07V1jn1e003692@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 30, 2020 at 8:45 PM Kyle Evans <kevans@freebsd.org> wrote: > > Author: kevans > Date: Mon Aug 31 01:45:48 2020 > New Revision: 364982 > URL: https://svnweb.freebsd.org/changeset/base/364982 > > Log: > ipv6: quit dropping packets looping back on p2p interfaces > > To paraphrase the below-referenced PR: > > This logic originated in the KAME project, and was even controversial when > it was enabled there by default in 2001. No such equivalent logic exists in > the IPv4 stack, and it turns out that this leads to us dropping valid > traffic when the "point to point" interface is actually a 1:many tun > interface, e.g. with the wireguard userland stack. > > Even in the case of true point-to-point links, this logic only avoids > transient looping of packets sent by misconfigured applications or > attackers, which can be subverted by proper route configuration rather than > hardcoded logic in the kernel to drop packets. > > In the review, melifaro goes on to note that the kernel can't fix it, so it > perhaps shouldn't try to be 'smart' about it. Additionally, that TTL will > still kick in even with incorrect route configuration. > > PR: 247718 > Reviewed by: melifaro, rgrimes > MFC after: 1 week > Differential Revision: https://reviews.freebsd.org/D25567 > I should note that this was: Submitted by: Mira Ressel <aranea@aixah.de> It was then put into review form by Lutz Donnerhacke to help guide the patch into the correct hands. Apologies for the omission- Kyle Evans
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACNAnaHHhoMmAd7g_EUVs4%2BoaSQKDSW-R8a80YisJTWQ60-a%2Bg>