From owner-freebsd-hackers  Fri Aug  3 18:26:35 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3C03937B401; Fri,  3 Aug 2001 18:26:28 -0700 (PDT)
	(envelope-from jinmei@isl.rdc.toshiba.co.jp)
Received: from localhost ([3ffe:501:100f:13ff::a])
	by shuttle.wide.toshiba.co.jp (8.9.1+3.1W/8.9.1) with ESMTP id KAA01541;
	Sat, 4 Aug 2001 10:28:44 +0900 (JST)
Date: Sat, 04 Aug 2001 08:11:34 +0900
Message-ID: <y7vn15gg2mx.wl@condor.jinmei.org>
From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isl.rdc.toshiba.co.jp>
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc: Andre Oppermann <oppermann@telehouse.ch>,
	freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG
Subject: Re: 303,000 routes in kernel 
In-Reply-To: <93100.996790166@critter>
References: <3B69CE3F.1BCCB280@telehouse.ch>
	 <93100.996790166@critter>
User-Agent: Wanderlust/2.5.8 (Smooth) Emacs/21.0 Mule/5.0 (SAKAKI)
Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan.
MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu")
Content-Type: text/plain; charset=US-ASCII
X-Dispatcher: imput version 980905(IM100)
Lines: 29
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

>>>>> On Fri, 03 Aug 2001 00:09:26 +0200, 
>>>>> Poul-Henning Kamp <phk@critter.freebsd.dk> said:

>> The problem I've got now is that for every packet I get the kernel is
>> making one host entry in the routing table. Because of the many UDP
>> DNS requests from all over the world I've got 303'000 (yes, three-
>> hundredthreethousand) entries in the kernel routing table which have
>> not expired yet. So I'm getting error messages like this now:

> Hmm, I wasn't aware that we cloned routes for UDP packets, are you sure
> that is what is causing the routes to exists ?   (Just to mention the
> obvious: it's not CodeRed probes ?)

Since udp_output calls in_pcbconnect(), which is shared with TCP and
makes cloned host routes, unbound UDP socket can have such routes.

However, I guess DNS server implementations do bind(2) specific
addresses to UDP sockets, because they have to ensure an query's
destination equals to a corresponding reply's source.  So, I'd like to
see the result of

% netstat -f inet -an | grep 53

on the server node to see if the DNS server binds specific addresses.

					JINMEI, Tatuya
					Communication Platform Lab.
					Corporate R&D Center, Toshiba Corp.
					jinmei@isl.rdc.toshiba.co.jp

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message