lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120229182632.GA14467@midget.suse.cz>
Date:	Wed, 29 Feb 2012 19:26:32 +0100
From:	Jiri Bohac <jbohac@...e.cz>
To:	Weiping Pan <panweiping3@...il.com>
Cc:	netdev@...r.kernel.org, jbohac@...e.cz, fubar@...ibm.com,
	andy@...yhouse.net
Subject: Re: [PATCH net] bonding:update rlb entry for arp request

On Wed, Feb 29, 2012 at 09:55:36PM +0800, Weiping Pan wrote:
> rlb_arp_recv() only handles arp reply packets,
> but I think arp request packets contain the latest information about
> clients(ip and mac), so we should update rlb entry for arp request.

when an ARP request arrives, a reply will be generated by the ARP
protocol and that is going to be intercepted by rlb_arp_xmit().

When we start the "connection" by sending an ARP request,
again, this is intercepted by rlb_arp_xmit(). But at that point
we don't know the client's MAC address - that's why we handle the
ARP reply in rlb_arp_recv().

> This patch can resolve a problem that if an IP address is migrated to a
> different host in the network

No, it can't  - it in no way removes entries from the hash table.
And these entries that list an IP address as ours while it is no
longer ours cause the problem.

> the corresponding rlb entry still contains the
> old mac address for this IP, and bonding will send out invalid ARP packets
> that will poison other systems' ARP caches.

yes, but it poisons the caches with an invalid
client_info->ip_src (IP) + client_info->slave->dev->dev_addr (MAC)
combination.

rlb_update_entry_from_arp() updates the _client_ MAC address,
i.e. client_info->mac_dst.
 

-- 
Jiri Bohac <jbohac@...e.cz>
SUSE Labs, SUSE CZ

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ