Date: Fri, 05 Apr 2002 01:19:25 +0100 From: Brian Somers <brian@freebsd-services.com> To: stephen macmanus <stephenm@bayarea.net> Cc: Doug Ambrisko <ambrisko@ambrisko.com>, "M. Warner Losh" <imp@village.org>, j@uriah.heep.sax.de, alan@clegg.com, luigi@FreeBSD.ORG, nsayer@FreeBSD.ORG, ryand-bsd@zenspider.com, Brian Somers <brian@freebsd-services.com>, freebsd-arch@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Your change to in.c to limit duplicate networks is causing trouble Message-ID: <200204050019.g350JPq7042133@hak.lan.Awfulhak.org> In-Reply-To: Message from stephen macmanus <stephenm@bayarea.net> of "Thu, 04 Apr 2002 13:10:44 -0800." <200204042110.NAA05062@shell4.bayarea.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > The code now avoids adding a host route if the interface address is
> > 0.0.0.0, and always treats a failure to add a host route as fatal
> > (previously, it masked EEXIST for some reason - I guessed because it
> > was trying to handle address re-assignment, but that works ok with
> > this patch).
>
>
> One effect of the masked EEXIST is to suppress the spurious error
> which occurs when adding an alias IP address (SIOCAIFADDR) on the
> same logical subnet as an existing IP address. Users have no way
> of knowing that it's actually safe to simply ignore the error in
> that situation, so the masking should probably be preserved.
Hmm, thanks for the pointer.
I think this now works - where it didn't before (although see
the new patch posted in response to Joergs mention of the sppp
problem).
The lack of the EEXIST hack in my patch means that this will work as
before:
ifconfig dc0 inet 172.16.0.5 netmask 0xffffff00
ifconfig dc0 inet 172.16.0.11 netmask 0xfffffff8
Where connections to 172.16.0.1-172.16.0.7 and 172.16.0.16-172.16.0.255
come from 172.16.0.5 and connections to 172.16.0.8-172.16.0.15 come from
172.16.0.11.
After the above however,
ifconfig dc0 inet 172.16.0.14 netmask 0xfffffff8
will (correctly) fail in the patched code. It fails because the
gateway/netmask combination produces a duplicate key in the routing
table, returning an error from rtinit(). Previously, this failure
was masked by the EEXIST hack, allowing the interface address update
without a corresponding host route.
I believe the old behaviour becomes obviously wrong when someone then
deletes the 172.16.0.11 interface address, blowing away the
associated host route and leaving no routing table entry to talk to
the 172.16.0.14 address.
So I don't think the old was was really safe after all :-/
> Stephen
> ------------------
> Stephen Macmanus #include <std_disclaimer.h>
> stephenm@bayarea.net
>
> - - - if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, flags)) == 0)
> - - - ia->ia_flags |= IFA_ROUTE;
>
> - - - if (error != 0 && ia->ia_dstaddr.sin_family == AF_INET) {
> - - - ia->ia_addr = oldaddr;
> - - - return (error);
> + /*
> + * Don't add routing table entries for interface address entries
> + * of 0.0.0.0. This makes it possible to assign several such address
> + * pairs with consistent results (no host route) and is required by
> + * BOOTP.
> + */
> + if (ia->ia_addr.sin_addr.s_addr != INADDR_ANY) {
> + if ((error = rtinit(&ia->ia_ifa, (int)RTM_ADD, flags)) != 0) {
> + ia->ia_addr = oldaddr;
> + return (error);
> + }
> + ia->ia_flags |= IFA_ROUTE;
> }
>
> - - - /* XXX check if the subnet route points to the same interface */
> - - - if (error == EEXIST)
> - - - error = 0;
>
> /*
> * If the interface supports multicast, join the "all hosts"
--
Brian <brian@freebsd-services.com> <brian@Awfulhak.org>
http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204050019.g350JPq7042133>