Date: Mon, 29 Sep 2003 11:40:32 +0200 From: "Shaun D. Jurrens" <shamz@nevada.skoleetaten.oslo.no> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/57344: KMEM exhaustion from cloned routes Message-ID: 1064828432@nevada Resent-Message-ID: <200309290950.h8T9oL3i004611@freefall.freebsd.org>
| raw e-mail | index | archive | help
>Number: 57344 >Category: kern >Synopsis: KMEM exhaustion from cloned routes >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Sep 29 02:50:20 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Shaun D. Jurrens >Release: FreeBSD 4.8-RELEASE-p9 i386 >Organization: >Environment: System: FreeBSD centurion 4.8-RELEASE-p9 FreeBSD 4.8-RELEASE-p9 #1: Fri Sep i386 >Description: Use of static routes on routing firewall causes cloned routes to be created to next hop router. These routes do not time-out nor is kernel memory freed, eventually resulting in kernel memory exhaustion and routing failures. This problem has existed for some time. See also: http://www.freebsd.org/cgi/getmsg.cgi?fetch=38493+45748+/usr/local/www/db/text/2003/freebsd-net/20030518.freebsd-net >How-To-Repeat: set up a box with sufficient hosts to cause routing table to be filled with cloned routes. Deleting cloned routes does not free memory. This is a potential source for DoS attacks. >Fix: unknown. net.inet.ip.rtexpire: 2 net.inet.ip.rtminexpire: 2 seem to have no effect. suggest closer examination of the contents of /usr/src/sys/net/route.c and friends... >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1064828432>