lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20100611121838.GC11110@cel.leo>
Date:	Fri, 11 Jun 2010 13:18:38 +0100
From:	Paul LeoNerd Evans <leonerd@...nerd.org.uk>
To:	Jay Vosburgh <fubar@...ibm.com>, netdev@...r.kernel.org
Subject: Re: Packet capture and Bonding asymmetries

On Wed, Jun 09, 2010 at 03:52:31PM -0700, Jay Vosburgh wrote:
> 	For your own private testing, you could add a call to
> __netif_nit_deliver in netif_receive_skb prior to this part:
> 
>         master = ACCESS_ONCE(orig_dev->master);
>         if (master) {
>                 if (skb_bond_should_drop(skb, master))
>                         null_or_orig = orig_dev; /* deliver only exact match */
>                 else
>                         skb->dev = master;
>         }
> 
> 	This will give you multiple captures of the same packet, as is
> seen for transmit (i.e., one on the slave, one on the bond).  For
> non-bonding devices, tcpdump will see each packet twice on the same
> device, so it's not really suitable for general use.

As per my last post, I've just tested the following patch and found it
to work just fine:

# pktdump -f "icmp" -n
[13:04:30] RX(eth0): ICMP| 192.168.56.1->192.168.56.6 echo-request seq=1
[13:04:30] RX(bond0): ICMP| 192.168.56.1->192.168.56.6 echo-request seq=1
[13:04:30] TX(bond0): ICMP| 192.168.56.6->192.168.56.1 echo-reply seq=1
[13:04:30] TX(eth0): ICMP| 192.168.56.6->192.168.56.1 echo-reply seq=1

I'll resubmit the patch properly for latest kernel version; this being
2.6.31.12 doesn't apply cleanly to upstream:

-----

--- linux-2.6.31.12-router/net/core/dev.c       2010-01-18 18:30:45.000000000 +0000
+++ linux-2.6.31.12-router_leobonding/net/core/dev.c    2010-06-11 12:39:43.000000000 +0100
@@ -2265,6 +2265,7 @@
        null_or_orig = NULL;
        orig_dev = skb->dev;
        if (orig_dev->master) {
+               netif_nit_deliver(skb);
                if (skb_bond_should_drop(skb))
                        null_or_orig = orig_dev; /* deliver only exact match */
                else

-----

This patch quite deliberately includes packets arriving from non-active
bonding slaves, because the intention of tcpdump, pktdump, et.al., is to
see "close to the wire"; a view of what's happening down that physical
ethernet cable.

-- 
Paul "LeoNerd" Evans

leonerd@...nerd.org.uk
ICQ# 4135350       |  Registered Linux# 179460
http://www.leonerd.org.uk/

Download attachment "signature.asc" of type "application/pgp-signature" (191 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ