NetBSD Problem Report #34908
From www@NetBSD.org Wed Oct 25 14:42:45 2006
Return-Path: <www@NetBSD.org>
Received: by narn.NetBSD.org (Postfix, from userid 31301)
id F3EC263B9FB; Wed, 25 Oct 2006 14:42:44 +0000 (UTC)
Message-Id: <20061025144244.F3EC263B9FB@narn.NetBSD.org>
Date: Wed, 25 Oct 2006 14:42:44 +0000 (UTC)
From: tbeadle@nexthop.com
Reply-To: tbeadle@nexthop.com
To: gnats-bugs@NetBSD.org
Subject: Forwarding multicast packets changes source port in udp header
X-Send-Pr-Version: www-1.0
>Number: 34908
>Category: kern
>Synopsis: Forwarding multicast packets changes source port in udp header
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: kern-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Oct 25 14:45:00 +0000 2006
>Closed-Date: Sat Feb 10 07:17:43 +0000 2018
>Last-Modified: Sat Feb 10 07:17:43 +0000 2018
>Originator: Tommy Beadle
>Release: 3.0
>Organization:
Nexthop.com
>Environment:
NetBSD rack3-boxb 3.0 NetBSD 3.0 (NEXTHOP-PIM-2) #2: Tue Oct 24 11:25:51 EDT 2006 root@labtest:/usr/src/sys/arch/i386/compile/NEXTHOP-PIM-2 i386
>Description:
Assume multicast routing is enabled and the multicast forwarding cache has been populated so an S,G entry exists with an iif and oiflist.
When a udp packet arrives for that S,G, the source port in the udp header is changed to an incorrect value and the checksum becomes invalid.
>How-To-Repeat:
Given the following topology:
+--+ +--+ +--+
S -----|RP|-------|P1|-----|P2|----- R
N2 +--+ N1 +--+ N3 +--+ N4
Configure RP as a PIM-SM rendezvous point and P2 with IGMP running on N4. PIM-SM is running on N1, N2, and N3. Start a multicast receiver for group G on R so that P2 joins to the RP tree. Start sending data from S to G. When the data is forwarded from RP, the udp source port has been corrupted (and the checksum is invalid).
It appears that in_delayed_chksum was getting called and was writing a checksum in to the first 2 bytes of the packet after the IP header, which is the UDP source port in the case of a udp packet.
This only happens when the outgoing interface has UDP4CSUM as a capability listed in ifconfig but has that capability disabled. If either the capability is not present or if it is present and enabled, then the corruption does not occur.
>Fix:
--- netinet/ip_mroute.c.old 2005-02-26 17:45:12.000000000 -0500
+++ netinet/ip_mroute.c 2006-10-20 11:39:55.000000000 -0400
@@ -1418,6 +1418,11 @@
int s;
vifi_t vifi;
+ /*
+ * Clear any in-bound checksum flags for this packet.
+ */
+ m->m_pkthdr.csum_flags = 0;
+
if (mrtdebug & DEBUG_FORWARD)
log(LOG_DEBUG, "ip_mforward: src %x, dst %x, ifp %p\n",
ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr), ifp);
>Release-Note:
>Audit-Trail:
From: Mail Delivery Subsystem <MAILER-DAEMON@epita.fr>
To: undisclosed-recipients: ;
Cc:
Subject: Re: kern/34908: Forwarding multicast packets changes source port in udp header
Date: Wed, 25 Oct 2006 16:45:11 +0200 (CEST)
Désolé,
le compte de epibug est actuellement indisponible.
Votre e-mail a été délivré mais le destinataire risque temporairement
de ne pas pouvoir y acceder.
Sorry,
epibug's account is currently unavailable.
Your email has been delivered. The recipient may temporarily
be unable to read it.
State-Changed-From-To: open->closed
State-Changed-By: maxv@NetBSD.org
State-Changed-When: Sat, 10 Feb 2018 07:17:43 +0000
State-Changed-Why:
This bug was fixed in ip_mroute.c::rev1.113.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.