Date:	Fri, 16 Jan 2015 16:07:55 -0800
From:	fruggeri@...stanetworks.com (Francesco Ruggeri)
To:	fruggeri@...sta.com, davem@...emloft.net, netdev@...r.kernel.org
Subject: Regression from "ipv4: Cache ip_error() routes even when not
 forwarding."


Commit 251da413("ipv4: Cache ip_error() routes even when not forwarding."),
later slightly modified by cd0f0b95("ipv4: distinguish EHOSTUNREACH from
the ENETUNREACH"), introduced a regression where an ip_error route is cached
when an ARP request is received on a non-forwarding non matching interface,
and it affects later legitimate packets for the same destination even if
coming over different interfaces.
Attached are two scripts that show the problem. The first one does basic
forwarding, and the second one does proxy arp.
In both cases a dummy interface is created for the sole purpose of receiving
an ARP request that results in the ip_error route to be cached. The offending
ARP request is generated by using a 'ping -c 1' (commented out in the scripts).
Verified in 3.16 build.

Francesco Ruggeri

#########################################################
# Basic routing 1.1.1.2@...t1 -> 2.2.2.2@...t2 via router

ip netns add dummy
ip netns exec dummy bash

ip netns add host1
ip netns add host2
ip netns add router
ip link add eth0 type veth peer name rtr-eth0 netns router
ip link add eth1 type veth peer name rtr-eth1 netns router
ip link set eth1 netns host1
ip link add eth2 type veth peer name rtr-eth2 netns router
ip link set eth2 netns host2

ip netns exec host1 bash
ip link set up lo
ip link set up eth1 ; ip addr add 1.1.1.2/24 dev eth1
ip route add default via 1.1.1.1
exit

ip netns exec host2 bash
ip link set up lo
ip link set up eth2 ; ip addr add 2.2.2.2/24 dev eth2
ip route add default via 2.2.2.1
exit

ip netns exec router bash
ip link set up lo
ip link set up rtr-eth0 ; ip addr add 1.2.3.4/24 dev rtr-eth0
ip link set up rtr-eth1 ; ip addr add 1.1.1.1/24 dev rtr-eth1
ip link set up rtr-eth2 ; ip addr add 2.2.2.1/24 dev rtr-eth2
echo 0 > /proc/sys/net/ipv4/conf/rtr-eth0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/rtr-eth1/forwarding
echo 1 > /proc/sys/net/ipv4/conf/rtr-eth2/forwarding
exit

ip link set up lo
ip link set up eth0 ; ip addr add 2.2.2.1/24 dev eth0
# Uncommenting line below makes following ping return Host Unreachable
#ping -c 1 2.2.2.2 
ip netns exec host1 ping -c 3 2.2.2.2

ip netns del host1
ip netns del host2
ip netns del router
exit
ip netns del dummy

######################################################
# Proxy ARP

ip netns add router
ip netns exec router bash

ip netns add host1
ip link add rtr-h1 type veth peer name host1-e0 netns host1
ip link set up rtr-h1
ip netns exec host1 bash
ip link set up lo
ip link set up host1-e0
ip addr add 10.10.1.2/16 dev host1-e0
exit
echo 1 > /proc/sys/net/ipv4/conf/rtr-h1/forwarding
echo 1 > /proc/sys/net/ipv4/conf/rtr-h1/proxy_arp
ip addr add 10.10.1.1/24 dev rtr-h1

ip netns add host2
ip link add rtr-h2 type veth peer name host2-e0 netns host2
ip link set up rtr-h2
ip netns exec host2 bash
ip link set up lo
ip link set up host2-e0
ip addr add 10.10.2.2/16 dev host2-e0
exit
echo 1 > /proc/sys/net/ipv4/conf/rtr-h2/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/rtr-h2/forwarding
ip addr add 10.10.2.1/24 dev rtr-h2

ip netns add host3
ip link add rtr-h3 type veth peer name host3-e0 netns host3
ip link set up rtr-h3
ip netns exec host3 bash
ip link set up lo
ip link set up host3-e0
ip addr add 10.10.1.2/16 dev host3-e0
exit
echo 8 > /proc/sys/net/ipv4/conf/rtr-h3/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/rtr-h3/forwarding
ip addr add 1.2.3.4/24 dev rtr-h3

# Uncommenting line below makes following ping fail
#ip netns exec host3 ping -c 1 10.10.2.2
ip netns exec host1 ping -c 3 10.10.2.2

ip netns del host1
ip netns del host2
ip netns del host3
exit
ip netns del router

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists