lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20110725T141145.GA.2ae38.stse@fsing.rootsland.net>
Date:	Mon, 25 Jul 2011 14:51:24 +0200
From:	Stephan Seitz <stse+lkml@...ng.rootsland.net>
To:	linux-kernel@...r.kernel.org
Subject: IP forwarding regression since 3.0-rc6

Hi!

Since 3.0-rc6 I see that my Linux router is losing packets. I can see 
them tracing the internal interface, but I don’t see them on the external 
interface. I can reproduce the problem while using tin with 
news.individual.de. At the startup when tin checks every newsgroup from 
the server, many packets are suddenly not routed anymore but are dropped, 
so tin hangs until it quits with a NNTP error.
All kernels until 3.0-rc5 are working.

Hardware:
- 2x Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit 
   Ethernet controller

Sofware:
- Debian Testing, 64bit, with Xen 4.1.0

System:
Dom0 (Debian Testing, 64bit) is my working system. The two NICs have each 
their own bridge interface. One bridge interface (A) has an internal IP 
address (IPv4 and IPv6) of my internal network. The other bridge (B) 
doesn’t have a IP address in Dom0. The DomU is connected to the two 
bridges.
DomU (Debian Testing, 64bit) is my iptables firewall system with Bind, 
Squid, and other services. The interface connected to bridge A has an 
internal IP addresses (gateway for my internal network). The interface 
connected to bridge B is used for PPPoE (the NIC is directly connected to 
my DSL modem).

Kernels:
Dom0 has had all kernel versions from 3.0-rcX and is running 3.0 at the 
moment.
DomU has had the same kernel versions but is running 3.0-rc5 at the 
moment because of the network problems in newer kernels.

Long problem description:
 From Dom0 I use tin to read different newsserver. One of them is 
news.individual.de. The first time after DomU switched kernel to -rc6 
I started tin (connecting to the mentioned news server) and tin hung 
while reading groups from the newsrc and stopped with a NNTP connection 
error.
Since the problem didn’t vanish, I wrote a mail to the support team of 
the news server. They told me that I was the only one with a connection 
problem and asked me to try the connection from another client. I tried 
it from my vServer, and it worked. So the problem had to be in my setup.

I traced in Dom0 (bridge A), DomU (bridge A) und DomU (ppp0) and noticed 
that all packets generated in Dom0 were visible in DomU bridge A. But not 
all of the packets were visisble at the ppp0 interface. So my DomU was 
dropping packets and the connection between tin in Dom0 and the news 
server failed.

So I tried older kernels and noticed that 3.0-rc5 in DomU was working, 
but rc6 and newer were not. The kernel configuration was the same for all 
3.0 kernels.

Since I don’t know which maintainer I should contact with my problem, 
I’ll write directly to lkml.

Thanks for your help.

Shade and sweet water!

	Stephan

PS: Please CC me, because I’m not subscribed.

-- 
| Stephan Seitz             E-Mail: stse@...ng.rootsland.net |
| PGP Public Keys: http://fsing.rootsland.net/~stse/pgp.html |

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ