From owner-freebsd-bugs@FreeBSD.ORG Wed Jul 19 12:20:19 2006 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D8C5A16A4DF for ; Wed, 19 Jul 2006 12:20:19 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25A1D43D53 for ; Wed, 19 Jul 2006 12:20:17 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k6JCKGSD048392 for ; Wed, 19 Jul 2006 12:20:16 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k6JCKGUW048388; Wed, 19 Jul 2006 12:20:16 GMT (envelope-from gnats) Resent-Date: Wed, 19 Jul 2006 12:20:16 GMT Resent-Message-Id: <200607191220.k6JCKGUW048388@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Bohus Plucinsky Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7300F16A4E1 for ; Wed, 19 Jul 2006 12:19:06 +0000 (UTC) (envelope-from plk@fw-bck-new.in.nextra.sk) Received: from fw-bck-new.in.nextra.sk (fw-bck-new.nextra.sk [195.168.29.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 810C643D46 for ; Wed, 19 Jul 2006 12:19:05 +0000 (GMT) (envelope-from plk@fw-bck-new.in.nextra.sk) Received: from fw-bck-new.in.nextra.sk (localhost [127.0.0.1]) by fw-bck-new.in.nextra.sk (8.13.6/8.13.6) with ESMTP id k6JCJ3Cv004633; Wed, 19 Jul 2006 14:19:03 +0200 (CEST) (envelope-from plk@fw-bck-new.in.nextra.sk) Received: (from plk@localhost) by fw-bck-new.in.nextra.sk (8.13.6/8.13.6/Submit) id k6JCJ3vf004632; Wed, 19 Jul 2006 14:19:03 +0200 (CEST) (envelope-from plk) Message-Id: <200607191219.k6JCJ3vf004632@fw-bck-new.in.nextra.sk> Date: Wed, 19 Jul 2006 14:19:03 +0200 (CEST) From: Bohus Plucinsky To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: plk@gtsnextra.sk Subject: kern/100532: Conflict between CARP and multicast routing on FreeBSD 6.1 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Bohus Plucinsky List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jul 2006 12:20:19 -0000 >Number: 100532 >Category: kern >Synopsis: Conflict between CARP and multicast routing on FreeBSD 6.1 >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Jul 19 12:20:16 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Bohus Plucinsky >Release: FreeBSD 6.1-RELEASE i386 >Organization: GTS Nextra, Slovakia >Environment: >Description: Because of wrong initialization of carp_softc structure in carp_clone_create function (/sys/netinet/ip_carp.c), after multicast routing is started and any interface is added to vif table, the CARP starts send packets with source IP addresss of this interface on all interfaces. >How-To-Repeat: I've FreeBSD 6.1-RELEASE box with 2 NICs (em0, em1) : ifconfig em0 10.0.0.1 netmask 255.255.255.0 ifconfig em1 192.168.61.1 netmask 255.255.255.0 I've configured CARP interface: ifconfig carp1 create ifconfig carp1 vhid 10 pass blabla advskew 50 192.168.61.3 255.255.255.0 (Make sure the CARP is allowed) sysctl -a | grep carp net.inet.ip.same_prefix_carp_only: 0 net.inet.carp.allow: 1 net.inet.carp.preempt: 1 net.inet.carp.log: 1 net.inet.carp.arpbalance: 0 net.inet.carp.suppress_preempt: 0 After multicast routing is started (setsockopt(socket, IPPROTO_IP, MRT_INIT, ...) and a vif is added to the vif table (setsockopt(socket, IPPROTO_IP, MRT_ADD_VIF, ...) the CARP starts send packets with a wrong source IP address. (It uses the IP address of the first interface in vif table. (The short dirty C code to start multicast routing is attached) Here is the tcpdump on em1 interface. Until mrouter is not runing, the CARP sends packets with correct IP address (192.168.61.1) after that the source IP address is changed to IP address of first VIF added to vif_table. When the mrouter terminates, the source IP address comes back: # tcpdump -n -i em1 proto 112 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em1, link-type EN10MB (Ethernet), capture size 96 bytes 08:54:15.921662 IP 192.168.61.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 08:54:17.118790 IP 192.168.61.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 08:54:18.315948 IP 10.0.0.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 08:54:19.513083 IP 10.0.0.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 08:54:20.710212 IP 10.0.0.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 08:54:21.907341 IP 10.0.0.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 08:54:23.090169 IP 192.168.61.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 08:54:24.287288 IP 192.168.61.1 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 50, authtype none, intvl 1s, length 36 ^C C code to start multicast routing: --------------------------------- /* mrouter_start.c Dirty code to start mrouter. */ #include #include #include #include #include #include #include #include #define MRT_INIT 100 #define MRT_ADD_VIF 102 typedef u_short vifi_t; /* type of a vif index */ struct vifctl { vifi_t vifc_vifi; /* the index of the vif to be added */ u_char vifc_flags; /* VIFF_ flags defined below */ u_char vifc_threshold; /* min ttl required to forward on vif */ u_int vifc_rate_limit; /* max rate */ struct in_addr vifc_lcl_addr; /* local interface address */ struct in_addr vifc_rmt_addr; /* remote address (tunnels only) */ }; int main () { int s, i; int mrouter_version = 1; struct vifctl vc; int num_of_ifs = 2; /* number of interfaces */ char *if_addr[] = {"10.0.0.1", "192.168.61.1" }; if ( (s=socket(PF_INET,SOCK_RAW,IPPROTO_IGMP)) < 0) { perror ("Cannot open socket. Error "); exit (-1); } if (setsockopt(s, IPPROTO_IP, MRT_INIT, (void*)&mrouter_version, sizeof(int)) < 0) { close(s); perror ("Cannot set socket option. Error:"); exit (-1); } memset(&vc, 0, sizeof(vc)); for (i=0; i< num_of_ifs ; i++) { vc.vifc_flags = 0; vc.vifc_vifi = i; vc.vifc_threshold = 1; vc.vifc_rate_limit = 0; vc.vifc_lcl_addr.s_addr = inet_addr(if_addr[i]); if (setsockopt(s, IPPROTO_IP, MRT_ADD_VIF, (void *)&vc, sizeof(vc)) < 0) { close(s); perror ("Cannot add VIF. Error "); exit (-1); } } fprintf (stdout,"Waiting 5s before terminate.\n"); sleep(5); close(s); return (0); } /* End of mrouter_start.c */ Kernel config: ------------- machine i386 cpu I586_CPU cpu I686_CPU ident FW-SMP maxusers 64 makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols makeoptions KERNEL=kernel-fw-20060718-01 options SCHED_4BSD # 4BSD scheduler options PREEMPTION # Enable kernel thread preemption options INET # InterNETworking # options INET6 # IPv6 communications protocols options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support options UFS_ACL # Support for access control lists options UFS_DIRHASH # Improve performance on big directories options NFSCLIENT # Network Filesystem Client options NFSSERVER # Network Filesystem Server options NFS_ROOT # NFS usable as /, requires NFSCLIENT options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS # Pseudo-filesystem framework options GEOM_GPT # GUID Partition Tables. options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] options COMPAT_FREEBSD4 # Compatible with FreeBSD4 options COMPAT_FREEBSD5 # Compatible with FreeBSD5 options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI options KTRACE # ktrace(1) support options SYSVSHM # SYSV-style shared memory options SYSVMSG # SYSV-style message queues options SYSVSEM # SYSV-style semaphores options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions options KBD_INSTALL_CDEV # install a CDEV entry in /dev options AHC_REG_PRETTY_PRINT # Print register bitfields in debug # output. Adds ~128k to driver. options AHD_REG_PRETTY_PRINT # Print register bitfields in debug # output. Adds ~215k to driver. options MROUTING # Multicast routing options PIM options IPSTEALTH #support for stealth forwarding options TCPDEBUG options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN options INCLUDE_CONFIG_FILE # Include this file in kernel options IPSEC #IP security options IPSEC_ESP #IP security (crypto; define w/ IPSEC) options IPSEC_DEBUG #debug for IP security options DEVICE_POLLING options ALTQ options ALTQ_CBQ # Class Bases Queueing options ALTQ_RED # Random Early Detection options ALTQ_RIO # RED In/Out options ALTQ_HFSC # Hierarchical Packet Scheduler options ALTQ_CDNR # Traffic conditioner options ALTQ_PRIQ # Priority Queueing options ALTQ_NOPCC # Required for SMP build options ALTQ_DEBUG options SMP # Symmetric MultiProcessor Kernel # Devices device apic # I/O APIC device vlan #VLAN support (needs miibus) device gre #IP over IP tunneling device pf #PF OpenBSD packet-filter firewall device pflog #logging support interface for PF device pfsync #synchronization interface for PF device carp #Common Address Redundancy Protocol ... >Fix: I've very little developer skills, so this is only a HINT. I'm not sure if this not brings some other problems: diff -u ip_carp.c.org ip_carp.c: ================================ --- ip_carp.c.org Sun Dec 25 21:59:20 2005 +++ ip_carp.c Tue Jul 18 18:15:09 2006 @@ -1,4 +1,4 @@ -/* $FreeBSD: src/sys/netinet/ip_carp.c,v 1.27.2.6 2005/12/25 21:59:20 mlaier Exp $ */ +/* $FreeBSD: src/sys/netinet/ip_carp.c,v 1.27.2.6 2005/12/25 21:59:20 mlaier (with change) Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff. All rights reserved. @@ -369,6 +369,8 @@ sc->sc_advskew = 0; sc->sc_init_counter = 1; sc->sc_naddrs = sc->sc_naddrs6 = 0; /* M_ZERO? */ + sc->sc_imo.imo_multicast_vif=-1; /* inicialize to not existing index */ + #ifdef INET6 sc->sc_im6o.im6o_multicast_hlim = CARP_DFLTTL; #endif >Release-Note: >Audit-Trail: >Unformatted: