From owner-freebsd-net@FreeBSD.ORG Tue Jan 31 23:52:54 2012 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 30B20106564A for ; Tue, 31 Jan 2012 23:52:54 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id 8C68D8FC08 for ; Tue, 31 Jan 2012 23:52:53 +0000 (UTC) Received: (qmail 57170 invoked from network); 31 Jan 2012 22:13:14 -0000 Received: from c00l3r.networx.ch (HELO [127.0.0.1]) ([62.48.2.2]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 31 Jan 2012 22:13:14 -0000 Message-ID: <4F287ED0.70804@freebsd.org> Date: Wed, 01 Feb 2012 00:52:48 +0100 From: Andre Oppermann User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 MIME-Version: 1.0 To: Guido van Rooij References: <20120131202741.GA4335@gvr.gvr.org> In-Reply-To: <20120131202741.GA4335@gvr.gvr.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Difference in address selection between ICMP and TCP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Jan 2012 23:52:54 -0000 On 31.01.2012 21:27, Guido van Rooij wrote: > > Consider the following: > ifconfig em0 inet 1.2.3.4/24 > ping 1.2.3.4 > > Then a tcpdump on lo0 shows: > 21:15:56.641571 IP 127.0.0.1> 1.2.3.4: ICMP echo request, id 36105, seq 10, length 64 > 21:15:56.641582 IP 1.2.3.4> 127.0.0.1: ICMP echo reply, id 36105, seq 10, length 64 > > I think that the address used should have been 1.2.3.4 and not 127.0.0.1. > > Now when I do a telnet 1.2.3.4 22, I see: > 21:17:55.955475 IP 1.2.3.4.38534> 1.2.3.4.22: Flags [S], seq 904951907, win 65535, options [mss 16344,nop,wscale 3,sackOK,TS val 1850412 ecr 0], length 0 > 21:17:55.955487 IP 1.2.3.4.22> 1.2.3.4.38534: Flags [R.], seq 0, ack 904951908, win 0, length 0 > > So in this case we actually do use 1.2.3.4! > > This is on a 8.1 system. A 8.2 system shows the same behaviour and a 7.4 > system behaves correctly (i.e.: uses the same address for icmp as for > tcp). > > I tried to investigate the souce code, but my knwoledge about it is a > bit rusty :-( The way the source address is determined is different between ping-icmp and TCP. For ping-icmp the source address is filled in ip_output() based on the outgoing interface. For all local addresses, including those on real interfaces the loopback interface is used. You can see that by doing a "netstat -ran". > -Guido > > NB: perhaps related: When I do the ping in a vimage on a different > VIMAGE-kernel, the ping fails because the source address is never > filled in (i.e. is 0.0.0.0) The loopback interface is inaccessible from a jail and thus the source address is never filled in and stays at INADDR_ANY. A fix for either issue is not entirely trivial and fraught with other potential undesired side effects. -- Andre