[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20160726.142538.311340107234321451.davem@davemloft.net>
Date: Tue, 26 Jul 2016 14:25:38 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: hchunhui@...l.ustc.edu.cn
Cc: dsa@...ulusnetworks.com, nicolas.dichtel@...nd.com,
roopa@...ulusnetworks.com, rshearma@...cade.com,
dbarroso@...tly.com, martinbj2008@...il.com, rick.jones2@...com,
koct9i@...il.com, edumazet@...gle.com, tgraf@...g.ch,
ebiederm@...ssion.com, yoshfuji@...ux-ipv6.org, ja@....bg,
hannes@...essinduktion.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] net: neigh: disallow transition to NUD_STALE if
lladdr is unchanged in neigh_update()
From: Chunhui He <hchunhui@...l.ustc.edu.cn>
Date: Tue, 26 Jul 2016 06:16:52 +0000
> NUD_STALE is used when the caller(e.g. arp_process()) can't guarantee
> neighbour reachability. If the entry was NUD_VALID and lladdr is unchanged,
> the entry state should not be changed.
>
> Currently the code puts an extra "NUD_CONNECTED" condition. So if old state
> was NUD_DELAY or NUD_PROBE (they are NUD_VALID but not NUD_CONNECTED), the
> state can be changed to NUD_STALE.
>
> This may cause problem. Because NUD_STALE lladdr doesn't guarantee
> reachability, when we send traffic, the state will be changed to
> NUD_DELAY. In normal case, if we get no confirmation (by dst_confirm()),
> we will change the state to NUD_PROBE and send probe traffic. But now the
> state may be reset to NUD_STALE again(e.g. by broadcast ARP packets),
> so the probe traffic will not be sent. This situation may happen again and
> again, and packets will be sent to an non-reachable lladdr forever.
>
> The fix is to remove the "NUD_CONNECTED" condition. After that the
> "NEIGH_UPDATE_F_WEAK_OVERRIDE" condition (used by IPv6) in that branch will
> be redundant, so remove it.
>
> This change may increase probe traffic, but it's essential since NUD_STALE
> lladdr is unreliable. To ensure correctness, we prefer to resolve lladdr,
> when we can't get confirmation, even while remote packets try to set
> NUD_STALE state.
>
> Signed-off-by: Chunhui He <hchunhui@...l.ustc.edu.cn>
Applied, thanks.
Powered by blists - more mailing lists