lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 15 Sep 2010 02:33:53 -0700
From:	David Stevens <dlstevens@...ibm.com>
To:	Herbert Xu <herbert@...dor.apana.org.au>
Cc:	David Miller <davem@...emloft.net>, netdev@...r.kernel.org,
	netdev-owner@...r.kernel.org, shemminger@...ux-foundation.org
Subject: Re: [Bug 18212] New: force_igmp_version ignored when a IGMPv3	query
 received (+1 line patch)

netdev-owner@...r.kernel.org wrote on 09/14/2010 07:02:40 PM:

> From: Herbert Xu <herbert@...dor.apana.org.au>

 
> I have gone through both IGMPv2/v3 RFCs and can't find anything
> that forbids an IGMPv2 host from replying with a v2 report to a
> v3 query.  On the other hand I think dropping the v3 query is also
> allowed.
> 
> For interoperability, it would seem slightly better to reply with
> a v2 report, although I will defer to David Stevens on this :)

Herbert, I don't think "forbids" applies -- there's nothing that
suggests you would answer a v3 query with anything but a v3 report.

Ordinarily, hosts listen and switch to v2 if a v2 querier is present.
The intent is that if anyone can't support v3, then everyone falls
back to v2 (and similarly with v1), and with the loss of functionality
provided by the higher version number.

In this case, a switch that sees v2 queries from the other switch is
still sending a v3 query itself. To me, that's a broken switch. The
v2 switch can do queries of its own, too; answering a v3 query doesn't
forbid answering a v2 query (with a v2 report) should one come in.

So, really, it seems like a hack to me specific to this broken v3
switch. It should send v2 queries because the v2 switch is present;
then linux would answer with a v2 query and everyone would see it.
A host that only supports v2 will not correctly work with this set-up
either -- the v3-only query part is broken, not linux.

My recommendation would be not to mix this v3 switch with v2-only
switches and/or report the v3-only queries as a bug to the switch
vendor. Once you see a v2 query, everyone should switch to v2.

                                                                +-DLS

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ