From owner-freebsd-bugs  Thu Nov 29 20: 0:12 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 0474437B416
	for <freebsd-bugs@hub.freebsd.org>; Thu, 29 Nov 2001 20:00:04 -0800 (PST)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id fAU403m50997;
	Thu, 29 Nov 2001 20:00:03 -0800 (PST)
	(envelope-from gnats)
Date: Thu, 29 Nov 2001 20:00:03 -0800 (PST)
Message-Id: <200111300400.fAU403m50997@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Igor M Podlesny <poige@morning.ru>
Subject: Re[2]: misc/31575: wrong src ip address for some ICMPs
Reply-To: Igor M Podlesny <poige@morning.ru>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR misc/31575; it has been noted by GNATS.

From: Igor M Podlesny <poige@morning.ru>
To: Ruslan Ermilov <ru@FreeBSD.org>
Cc: bug-followup@FreeBSD.org, freebsd-hackers@FreeBSD.org
Subject: Re[2]: misc/31575: wrong src ip address for some ICMPs
Date: Fri, 30 Nov 2001 11:01:56 +0700

 > On Sun, Oct 28, 2001 at 08:10:25PM -0800, Igor M Podlesny wrote:
 hm.. it seems somebody has multiplied my timezone by -1 ;-)
 
 >>
 >> You might observe this bug doing traceroute while standing behind
 >> a GW's interface with several IP-addresses (aliases).  In this case
 >> you always got ICMP.TIMXCEED (time exceeded) coming from IP-address
 >> which is usually the first on the interface, even if your box is
 >> not using this IP-address as its next-hop.  Despite of the code
 >> selecting right IP-address for this purpose is working well it's
 >> being confused by wrong argument it is being given.  This patch
 >> (http://www.morning.ru/~poige/patchzone/ip_icmp.c.diff) fixes namely
 >> this problem.
 >> 
 > Let me see if I took you correctly.  Suppose you have a gateway, GW:
 
 > rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
 >         inet 192.168.4.115 netmask 0xffffff00 broadcast 192.168.4.255
 >         inet 192.168.4.200 netmask 0xffffffff broadcast 192.168.4.200
 
 > And another host H on the network has the following routing table
 > entry:
 
 > 10                 192.168.4.200      UGSc        0    16030   fxp0
 
 > And you are complaining that when H sends an IP packet to the 10
 > network, with TTL <= 1, gateway replies with an ICMP time exceeded
 > from 192.168.4.115 instead of expected 192.168.4.200, like this:
 
 > traceroute to 10.0.0.1 (10.0.0.1), 1 hops max, 40 byte packets
 >  1  192.168.4.115  0.448 ms
 
 > Right?  But if that's the case (and I just checked for sure that
 > your patch doesn't make any difference), the GW doesn't know
 > which of the 192.168.4.115 or 192.168.4.220 addresses have been
 > used by H, because they both map to the same MAC address on H,
 > and the MAC address is what's used when forwarding:
 
 > ? (192.168.4.115) at 0:c0:df:3:2d:79 on fxp0 [ethernet]
 > ? (192.168.4.200) at 0:c0:df:3:2d:79 on fxp0 [ethernet]
 
 >> >How-To-Repeat:
 >> You should have several ip-address on interface of NEXT-HOP router
 >> running FreeBSD, then invoke traceroute some.where.
 >> 
 > Yeah, that's exactly how I did it, and didn't notice any
 > difference after applying your patch...
 
 Ruslan,  sorry,  I'm  very  busy  for an unpredictable amount of time,
 cause  I'm a system administrator of ISP and recently I got a bunch of
 deeds  to  do,  so I can't respond to your analyze shown before in all
 its  details...  and  (sorry  for that) I don't feel that it is really
 needed  --  I  changed  the code in ip_icmp.c because I saw myself how
 really  were  routers  acting  before and after applying the patch. In
 addition, I suggest you to look at this
 
 http://www.sigmasoft.com/~openbsd/archive/openbsd-bugs/200110/msg00146.html
 
 P.S. The description of bug once more:
 
 
 [router]
   |
   X---->|backbone|-->
   |
   |
   Yip1----|the same media|------[some another ip-network]
   |ip2----|the same media|------|some box|
 
 Here  is "router" with FreeBSD (OpenBSD, and, probably *BSD) and "Some
 box"  doing traceroute to (for e.g.) a host which is _reachable_ _via_
 _backbone_.   X,  Y  --  NICs.  Y  has  several  IPs,  making  several
 ip-networks on "the same media".
 
 The  problem: traceroute being run on "somebox" will hear respond from
 "router"  coming  from  Y.ip1  address  which  isn't  on its (somebox)
 IP-network.  (well,  I  deem  icmp.echoreply isn't alone in this.) And
 this happens because wrong IP-addr is passed to ifaof_ifpforaddr(). My
 patch  fixes  namely  this problem -- I have worked out and applied it
 and  I  believe  I know what I'm talking about. Look at it, and you'll
 realize what I mean...
 
 You  may  ask  me  for  details,  but,  please,  don't  make different
 situations  asking  me  how  does  it  correlate  with -- damn lack of
 time...
 
 -- 
  Igor                            mailto:poige@morning.ru
                                  http://morning.ru/~poige
 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message