From owner-freebsd-net@FreeBSD.ORG  Tue May  1 00:46:31 2012
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7CE87106564A
	for <freebsd-net@freebsd.org>; Tue,  1 May 2012 00:46:31 +0000 (UTC)
	(envelope-from prabhakar.lakhera@gmail.com)
Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com
	[209.85.213.182])
	by mx1.freebsd.org (Postfix) with ESMTP id 364F48FC0C
	for <freebsd-net@freebsd.org>; Tue,  1 May 2012 00:46:31 +0000 (UTC)
Received: by yenl9 with SMTP id l9so2035178yen.13
	for <freebsd-net@freebsd.org>; Mon, 30 Apr 2012 17:46:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:date:message-id:subject:from:to:content-type;
	bh=JOFkYGMyX1T3dh67qXEeR4FGbbXtg77S4UwqCM3/iuw=;
	b=L6fDnaKUtEZN60EsuDU0im0bJl1yszBTUtgx67ZzVyuWR7Ya9eME5bWovmrMTTGNtK
	tGbCln+6rGNxWLai+QDYSK6X6iUMxeppp+iVKpy2zxDuB8jrmoOF1W5cd11s4uXe+3a3
	mgbCj/hNrvN/HXVh5MPl5HeMY6aiMLsHyBhriKCn1UCyjeMLRU669ttAdy6ZeIJWdWAz
	KDymbXQfkJMQiiJNWG/5ui89i+ySgZUrJzAuu+9hwfnxFjMb+YlHBqWikLZdBvOyjitH
	/L5Ayu0zK+j1HlkUNR2tu8QDBXeVVTJc2rrPkZ14v2VulJg8mN+TNcOguSaQwiyCbrxf
	mZFA==
MIME-Version: 1.0
Received: by 10.236.78.74 with SMTP id f50mr23969259yhe.26.1335833190523; Mon,
	30 Apr 2012 17:46:30 -0700 (PDT)
Received: by 10.100.205.10 with HTTP; Mon, 30 Apr 2012 17:46:30 -0700 (PDT)
Date: Mon, 30 Apr 2012 17:46:30 -0700
Message-ID: <CALg+rhW1_PPT++w0B4JGHLGXf+48KYyGaxQ6MjrVE0=_V=C_=w@mail.gmail.com>
From: prabhakar lakhera <prabhakar.lakhera@gmail.com>
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Question on rtredirect code
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 May 2012 00:46:31 -0000

Hi,

The rtredirect code has the following code lines:

*/* verify the gateway is directly reachable */*
  521 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L521>
      if ((ifa = ifa_ifwithnet
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=ifa_ifwithnet>(gateway
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=gateway>,
0)) == NULL <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=NULL>)
{
  522 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L522>
              error
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=error> =
ENETUNREACH <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=ENETUNREACH>;
  523 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L523>
              goto out
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=out>;
  524 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L524>         }


Later on we check for the validity of the redirect message. One of the
criteria is the comparison of rt_ifa with ifa:

  */**
  527 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L527> *
        * If the redirect isn't from our current router for this dst,*
  528 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L528> *
        * it's either old or wrong.  If it redirects us to ourselves,*
  529 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L529> *
        * we have a routing loop, perhaps as a result of an interface*
  530 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L530> *
        * going down recently.*
  531 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L531> *
        */*
  532 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L532>
      if (!(flags
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=flags> &
RTF_DONE <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=RTF_DONE>)
&& rt <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=rt> &&
  533 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L533>
           (!sa_equal
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=sa_equal>(src
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=src>, rt
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=rt>->rt_gateway)
|| rt <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=rt>->rt_ifa
!= ifa))
  534 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L534>
              error
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=error> =
EINVAL <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=EINVAL>;

TCP IP illustrated vol 2 comments on the code:

"The interface for the new gateway (the fia returned by ifa_ifwithnet)
must equal the curent interface for destination (rt_ifa), that is new
gateway must be on the same network as the current gateway."

One thing to note here is that we are comparing ifa to compare for
interface (ifp). It could be that the code was not revisited in later
BSD releases but it seems to suggest that when the code was written
hosting multiple ifa in same ifp or different ifp was not thought
of/supported. Does the above code still stand good? To me it seems
that it needs to be corrected. Comments are welcome.


Best,


Prabhakar