From owner-freebsd-bugs Thu Jun 29 3:23:51 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from sophia.inria.fr (sophia.inria.fr [138.96.32.20]) by hub.freebsd.org (Postfix) with ESMTP id 14C0A37BFDF for ; Thu, 29 Jun 2000 03:23:46 -0700 (PDT) (envelope-from Emmanuel.Duros@UDcast.com) Received: from UDcast.com by sophia.inria.fr (8.8.8/8.8.5) with ESMTP id MAA23698; Thu, 29 Jun 2000 12:23:43 +0200 (MET DST) X-Authentication-Warning: sophia.inria.fr: Host chouette.inria.fr [138.96.24.103] claimed to be UDcast.com Message-ID: <395B23AF.143F5D58@UDcast.com> Date: Thu, 29 Jun 2000 12:23:43 +0200 From: Emmanuel Duros Organization: UniDirectional broadcast corp X-Mailer: Mozilla 4.73 [en] (X11; I; SunOS 5.6 sun4u) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-bugs@freebsd.org Cc: Patrick Cipiere Subject: mrouted and tcpdump (igmp reports) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dear all, tcpdump outputs weird (inexistent) packets when using mrouted. I have noticed this behaviour with FreeBSD 3.4-R and 2.2.7-R. I do not know if it also occurs with 4.x-R (this might be good to check). Basically, tcpdump shows packets with unknown Ethernet types and wrong dst and src Ethernet addresses. Furthermore these packets are not sent over the lan itself. I you feel like reproducing this, here is what to do: - start mrouted on a multi-homed station - start tcpdump displaying the link layer level (let's say fxp0) - start mtest and join a Mcast group on fxp0 Every time there is an IGMP report sent via fxp0 we have an extra badly-formated packet displayed with tcpdump. This packet does not go through the lan (other hosts do not see it). Here is an example: $ tcpdump -n -e -i fxp0 11:43:40.604722 0:d0:c1:1:59:76 1:0:5e:0:0:4 0800 46: 193.48.223.27 > 224.0.0.4: igmp dvmrp Probe [tos 0xc0] [ttl 1] 11:43:50.604750 0:d0:c1:1:59:76 1:0:5e:0:0:4 0800 46: 193.48.223.27 > 224.0.0.4: igmp dvmrp Probe [tos 0xc0] [ttl 1] 11:43:58.249665 0:0:1:2:44:3a 46:0:0:20:5f:4f c130 32: df1b e001 0101 9404 0000 1600 08fd e001 0101 11:43:58.249708 0:d0:c1:1:59:76 1:0:5e:1:1:1 0800 46: 193.48.223.27 > 224.1.1.1: igmp v2 report 224.1.1.1 [ttl 1] 11:44:01.274806 0:d0:c1:1:59:76 1:0:5e:0:0:4 0800 46: 193.48.223.27 > 224.0.0.4: igmp dvmrp Probe [tos 0xc0] [ttl 1] 11:44:02.434710 0:0:1:2:44:2f 46:0:0:20:5f:5a c130 32: df1b e001 0101 9404 0000 1600 08fd e001 0101 11:44:02.434754 0:d0:c1:1:59:76 1:0:5e:1:1:1 0800 46: 193.48.223.27 > 224.1.1.1: igmp v2 report 224.1.1.1 [ttl 1] The first 2 lines show dvmrp probes, all is ok. Then I start mtest and I join 224.1.1.1 on fxp0 The weird output comes up, the ethernet header (src and dst addr, ether type) is completely wrong. The following line shows the igmp report. There are several things to note here: 1- the weird line always appears right before the igmp report with *very short* time in between. 2- the weird ethernet frame is in fact the payload of the correctly formated Ehternet (igmp report) ! It is like the IP igmp packet was delivered the berkley package filter without layer 2 encapsulation. Let's have a look at the Eth frame.: The Eth type is c130 followed by df1b that is the IP addr 193.48.223.27 We also have the sequence e001 0101 that is 224.1.1.1 We can easily conclude that the IP packet is mapped onto an Ethernet header... I though this was a bug with the fxp0 driver, I made this test with different drivers and I got the same result: it is not directly related to drivers. This *ONLY* occures when using mrouted AND for IGMP repports. Without mrouted IGMP reports are correctly displayed. My understanding is that the pb might be in some related code to Mcast routing and not with drivers. I tried to find some bpf code in /sys/netinet but this was unsuccessful. I also had a look at /sys/net, same result. I hope my investigation will be of some use for you. Please, keep me inform if you fix this ! Regards Emmanuel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message