lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 6 Jun 2011 14:37:27 -0700
From:	Simon Kirby <sim@...tway.ca>
To:	netdev <netdev@...r.kernel.org>,
	YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>
Subject: ipv6 hitting route max_size

Hello,

/proc/sys/net/ipv4/route/max_size is the maximum size of the ipv4 route
_cache_, which is based on hash table size which is based on ram size.
The route _cache_ (eg: ip -4 route show cache) is not allowed to grow
beyond this size. gc_min_interval_ms was added to allow garbage
collection to happen often enough that this would not be reached even
under spoofed-address attacks (which we used to see happen before).

/proc/sys/net/ipv6/route/max_size and a number of similar GC knobs exist,
but max_size seems to limit the size of the v6 route table, not the v6
route cache. net/ipv6/route.c:2829 just sets this to 4096:

	net->ipv6.sysctl.ip6_rt_max_size = 4096;

If I set up quagga and ipv6 bgp peering to the Internets, I get about
6075 routes today, exceeding this limit. This cases zebra to log errors
such as this when it tries to add the routes to the kernel:

netlink-cmd error: Cannot allocate memory, type=RTM_NEWROUTE(24), seq=27089196, pid=0

This goes away if I increase /proc/sys/net/ipv6/route/max_size.

Is this cache limit somehow tied to route entries by some (un)intentional
IPv6 feature?

Reproduce with something like this (bash, 2.6.32 or 2.6.39 or similar):

for ((i = 0;i < 4200;i++)); do ip route add unreachable 2000::$i; done

Note that 4100 succeeds on my box, so something else is also happening.

Simon-
 
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ