NetBSD Problem Report #34908

From www@NetBSD.org  Wed Oct 25 14:42:45 2006
Return-Path: <www@NetBSD.org>
Received: by narn.NetBSD.org (Postfix, from userid 31301)
	id F3EC263B9FB; Wed, 25 Oct 2006 14:42:44 +0000 (UTC)
Message-Id: <20061025144244.F3EC263B9FB@narn.NetBSD.org>
Date: Wed, 25 Oct 2006 14:42:44 +0000 (UTC)
From: tbeadle@nexthop.com
Reply-To: tbeadle@nexthop.com
To: gnats-bugs@NetBSD.org
Subject: Forwarding multicast packets changes source port in udp header
X-Send-Pr-Version: www-1.0

>Number:         34908
>Category:       kern
>Synopsis:       Forwarding multicast packets changes source port in udp header
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    kern-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Oct 25 14:45:00 +0000 2006
>Closed-Date:    Sat Feb 10 07:17:43 +0000 2018
>Last-Modified:  Sat Feb 10 07:17:43 +0000 2018
>Originator:     Tommy Beadle
>Release:        3.0
>Organization:
Nexthop.com
>Environment:
NetBSD rack3-boxb 3.0 NetBSD 3.0 (NEXTHOP-PIM-2) #2: Tue Oct 24 11:25:51 EDT 2006  root@labtest:/usr/src/sys/arch/i386/compile/NEXTHOP-PIM-2 i386
>Description:
Assume multicast routing is enabled and the multicast forwarding cache has been populated so an S,G entry exists with an iif and oiflist.

When a udp packet arrives for that S,G, the source port in the udp header is changed to an incorrect value and the checksum becomes invalid.
>How-To-Repeat:
Given the following topology:

               +--+       +--+     +--+
        S -----|RP|-------|P1|-----|P2|----- R
           N2  +--+  N1   +--+  N3 +--+  N4

Configure RP as a PIM-SM rendezvous point and P2 with IGMP running on N4.  PIM-SM is running on N1, N2, and N3.  Start a multicast receiver for group G on R so that P2 joins to the RP tree.  Start sending data from S to G.  When the data is forwarded from RP, the udp source port has been corrupted (and the checksum is invalid).

It appears that in_delayed_chksum was getting called and was writing a checksum in to the first 2 bytes of the packet after the IP header, which is the UDP source port in the case of a udp packet.

This only happens when the outgoing interface has UDP4CSUM as a capability listed in ifconfig but has that capability disabled.  If either the capability is not present or if it is present and enabled, then the corruption does not occur.
>Fix:
--- netinet/ip_mroute.c.old     2005-02-26 17:45:12.000000000 -0500
+++ netinet/ip_mroute.c 2006-10-20 11:39:55.000000000 -0400
@@ -1418,6 +1418,11 @@
        int s;
        vifi_t vifi;

+       /*
+        * Clear any in-bound checksum flags for this packet.
+        */
+       m->m_pkthdr.csum_flags = 0;
+
        if (mrtdebug & DEBUG_FORWARD)
                log(LOG_DEBUG, "ip_mforward: src %x, dst %x, ifp %p\n",
                    ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr), ifp);

>Release-Note:

>Audit-Trail:
From: Mail Delivery Subsystem <MAILER-DAEMON@epita.fr>
To: undisclosed-recipients: ;
Cc: 
Subject: Re: kern/34908: Forwarding multicast packets changes source port in udp header
Date: Wed, 25 Oct 2006 16:45:11 +0200 (CEST)

 	Désolé, 
         le compte de epibug est actuellement indisponible.
 	Votre e-mail a été délivré mais le destinataire risque temporairement 
         de ne  pas pouvoir y acceder.

         Sorry,
         epibug's account is currently unavailable.
         Your email has been delivered. The recipient may temporarily
         be unable to read it.

State-Changed-From-To: open->closed
State-Changed-By: maxv@NetBSD.org
State-Changed-When: Sat, 10 Feb 2018 07:17:43 +0000
State-Changed-Why:
This bug was fixed in ip_mroute.c::rev1.113.


>Unformatted:

Home	PR Database Search