lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 20 Nov 2020 09:27:39 -0800
From:   Andreas Roeseler <andreas.a.roeseler@...il.com>
To:     David Ahern <dsahern@...il.com>, davem@...emloft.net
Cc:     kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org, kuba@...nel.org,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 net-next 0/3] add support for sending RFC8335 PROBE

On Thu, 2020-11-19 at 21:01 -0700, David Ahern wrote:
> On 11/19/20 8:51 PM, David Ahern wrote:
> > On 11/17/20 5:46 PM, Andreas Roeseler wrote:
> > > The popular utility ping has several severe limitations such as
> > > the
> > > inability to query specific  interfaces on a node and requiring
> > > bidirectional connectivity between the probing and the probed
> > > interfaces. RFC8335 attempts to solve these limitations by
> > > creating the
> > > new utility PROBE which is a specialized ICMP message that makes
> > > use of
> > > the ICMP Extension Structure outlined in RFC4884.
> > > 
> > > This patchset adds definitions for the ICMP Extended Echo Request
> > > and
> > > Reply (PROBE) types for both IPv4 and IPv6. It also expands the
> > > list of
> > > supported ICMP messages to accommodate PROBEs.
> > > 
> > 
> > You are updating the send, but what about the response side?
> > 
> 
> you also are not setting 'ICMP Extension Structure'. From:
> https://tools.ietf.org/html/rfc8335
> 
>    o  ICMP Extension Structure: The ICMP Extension Structure
> identifies
>       the probed interface.
> 
>    Section 7 of [RFC4884] defines the ICMP Extension Structure.  As
> per
>    RFC 4884, the Extension Structure contains exactly one Extension
>    Header followed by one or more objects.  When applied to the ICMP
>    Extended Echo Request message, the ICMP Extension Structure MUST
>    contain exactly one instance of the Interface Identification
> Object
>    (see Section 2.1).

I am currently finishing testing and polishing the response side and
hope to be sendding out v1 of the patch in the upcoming few weeks.

As for the 'ICMP Extension Structure', I have been working with the
iputils package to add a command to send PROBE messages, and the
changes included in this patchset are all that are necessary to be able
to send PROBEs using the existing ping framework.

Powered by blists - more mailing lists