NetBSD Problem Report #57489

From kim@tac.gw.fi  Sat Jun 24 20:12:50 2023
Return-Path: <kim@tac.gw.fi>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id C24B71A9241
	for <gnats-bugs@gnats.NetBSD.org>; Sat, 24 Jun 2023 20:12:50 +0000 (UTC)
Message-Id: <20230624201238.452C71077B@revolutions.gw.fi>
Date: Sat, 24 Jun 2023 23:12:38 +0300 (EEST)
From: kim@netbsd.org (Kimmo Suominen)
To: gnats-bugs@NetBSD.org
Subject: ICMP6 echo replies sent from wrong address
X-Send-Pr-Version: 3.95

>Number:         57489
>Category:       kern
>Synopsis:       ICMP6 echo replies sent from wrong address
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jun 24 20:15:00 +0000 2023
>Originator:     Kimmo Suominen
>Release:        NetBSD 10.99.4 (202306080500Z)
>Organization:
>Environment:
System: NetBSD revolutions.gw.fi 10.99.4 NetBSD 10.99.4 (GENERIC) #0: Thu Jun 8 00:27:34 UTC 2023 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:

  The echo reply to ICMP6 echo requests sent to a deprecated global IPv6
  address is sent from a different address (the non-deprecated global
  IPv6 address configured on the sytem).

  I have verified the same behaviour on all of the following:

  - NetBSD 10.99.4 (202306080500Z)
  - NetBSD 9.3_STABLE (202306060950Z)
  - NetBSD 8.2_STABLE (202010170040Z)

  ping6 on NetBSD does not mind that the reply is coming from
  a different address and displays it.  Similarly ping from
  iputils-s20161105 running on Linux 4.9.79 displays the responses.
  Both do display the actual source address of the reply (which differs
  from the destination address of the echo request):

  : mollari:~; ping6 qa.revolutions.gw.fi
  PING6(56=40+8+8 bytes) 2001:470:a085:999::80 --> 2a09:84c0:600:5d80:55d0::134
  16 bytes from 2a09:84c0:600:5d80:55d0::135, icmp_seq=0 hlim=43 time=178.613 ms
  16 bytes from 2a09:84c0:600:5d80:55d0::135, icmp_seq=1 hlim=43 time=178.672 ms

  However, ping from iputils 20210202, ping6 from GNU inetutils 2.0, and
  oping 1.10.0 running on Linux 5.10.0 will not show the responses.

  For comparison, the Linux 5.10.0 kernel sends its ICMP6 echo replies
  from the deprecated address.

>How-To-Repeat:

  Configure a system with a global IPv6 address and a deprecated global
  IPv6 address and ping the deprecated address from another system.

>Fix:

  Inspect source address selection logic:
  - icmp6_reflect
  - ip6_getdstifaddr
  - ip6_findaux
  - m_tag_find

  That's where I stopped (for now at least).

Home	PR Database Search