lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <568154B1.3060901@list.ru>
Date:	Mon, 28 Dec 2015 18:26:41 +0300
From:	Stas Sergeev <stsp@...t.ru>
To:	Linux kernel <linux-kernel@...r.kernel.org>
Subject: Q: bad routing table cache entries

Hello.

I was hitting a strange problem when some hosts
suddenly stops responding until reboot. ping to these
host gives "Destination Host Unreachable". After the
initial confusion, I've finally got to
ip route get
and got something quite strange.


Example for GOOD address (the one that I can ping):

ip route get 91.189.89.237
91.189.89.237 via 192.168.8.1 dev eth0  src 192.168.10.202
    cache


Example for BAD address (the one that stopped responding):

ip route get 91.189.89.238
91.189.89.238 via 192.168.0.1 dev eth0  src 192.168.10.202
    cache <redirected>


Two things differ: the <redirected> mark appears, and the
gateway changed from 192.168.8.1 to 192.168.0.1.
Now, 192.168.0.1 is also a valid gateway, but it is outside
of the network mask for the eth0 interface:

ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:50:43:00:0b:e0
          inet addr:192.168.10.202  Bcast:192.168.11.255  Mask:255.255.252.0


As a result, this route simply doesn't work.
I checked with tcpdump - the icmp packets do not even go
to eth0 - they instead can be captured on lo interface for
some reason.

So my question is: why does linux allow an invalid redirect
entries? Is it a problem with my setup, or some kernel bug,
or some router setup problem? Where should I look into, to
nail this down?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ