Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 19 Aug 2000 02:25:26 -0700 (PDT)
From:      markm68k@yahoo.com
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   misc/20712: errant traceroute output from behind natd
Message-ID:  <20000819092526.0749637B43F@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         20712
>Category:       misc
>Synopsis:       errant traceroute output from behind natd
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Aug 19 02:30:02 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Mark Miller
>Release:        4.1-RELEASE
>Organization:
>Environment:
FreeBSD myhost 4.1-RELEASE FreeBSD 4.1-RELEASE #7: Mon Aug 14 21:32:29 PDT 2000     me@myhost:/usr/src/sys/compile/MYHOST  i386

>Description:
When running traceroute from a computer which is connected to a FreeBSD 4.1-RELEASE box via a natd alias internal interface, the output report is not correct.  This is the output of traceroute to www.freebsd.org:

traceroute to freefall.freebsd.org (216.136.204.21), 30 hops max, 40 byte packets
 1  freefall.freebsd.org (216.136.204.21)  4.164 ms  3.092 ms  3.053 ms
 2  freefall.freebsd.org (216.136.204.21)  34 ms  31.441 ms  33.467 ms
 3  freefall.freebsd.org (216.136.204.21)  27.402 ms  19.899 ms  19.829 ms
 4  freefall.freebsd.org (216.136.204.21)  19.527 ms  37.497 ms  21.049 ms
 5  freefall.freebsd.org (216.136.204.21)  20.22 ms  33.82 ms  30.611 ms
 6  freefall.freebsd.org (216.136.204.21)  21.973 ms  21.07 ms  32.729 ms
 7  freefall.freebsd.org (216.136.204.21)  38.95 ms  22.33 ms  21.103 ms
 8  freefall.freebsd.org (216.136.204.21)  23.571 ms  21.945 ms  22.781 ms
 9  freefall.freebsd.org (216.136.204.21)  33.078 ms  32.007 ms  35.327 ms
10  freefall.freebsd.org (216.136.204.21)  48.748 ms  32.419 ms  33.242 ms
11  freefall.freebsd.org (216.136.204.21)  32.552 ms  31.183 ms  33.039 ms
12  freefall.freebsd.org (216.136.204.21)  33.113 ms  36.89 ms  35.685 ms
13  freefall.freebsd.org (216.136.204.21)  31.588 ms  35.64 ms  37.114 ms
14  freefall.freebsd.org (216.136.204.21)  34.84 ms  46.235 ms  42.252 ms

Some testing has resulted in the following conclusions:

1. Problems are very likely related to the natd code.

2. It appears to be limited to udp traffic.

3. It corrupts any icmp packets sent in response to a udp packet by changing the source of the icmp to be the destination of the udp packet.

>How-To-Repeat:
1. install FreeBSD 4.1-RELEASE
2. configure an "open" firewall
3. configure natd with a single NIC, and an alias internal interface.
4. run "traceroute www.freebsd.org" from a different computer connected via natd to the freebsd box.
5. watch the errant output from traceroute.

>Fix:
unknown.


>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000819092526.0749637B43F>