lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 16 Feb 2013 09:48:58 +0100
From:	Erik Hugne <erik.hugne@...csson.com>
To:	Vlad Yasevich <vyasevic@...hat.com>
CC:	Eric Dumazet <eric.dumazet@...il.com>,
	Ben Greear <greearb@...delatech.com>, netdev@...r.kernel.org,
	kaber@...sh.net, ataschner@...e.com
Subject: Re: [MacVLAN] failure to deliver reassembled IPv6 multicast traffic

On Fri, Feb 15, 2013 at 09:57:30PM -0500, Vlad Yasevich wrote:
> On 02/15/2013 09:25 PM, Vlad Yasevich wrote:
> >On 02/15/2013 02:35 PM, Eric Dumazet wrote:
> >>On Fri, 2013-02-15 at 11:27 -0800, Ben Greear wrote:
> >>
> >>>For some reason I was thinking this wasn't fully fixed for IPv4, but
> >>>maybe it is..the bug in our internal tracker only mentions IPv6
> >>>as having issues...
> >>>
> >>>We'll do some testing on IPv4 sometime soon to make sure, and can test
> >>>IPv6 patches as well...
> >>
> >>This worries me a bit, as I wrote this patch because you reported the
> >>issue.
> >>
> >>commit bc416d9768aa9a2e46eb11354a9c58399dafeb01
> >>Author: Eric Dumazet <eric.dumazet@...il.com>
> >>Date:   Thu Oct 6 10:28:31 2011 +0000
> >>
> >>     macvlan: handle fragmented multicast frames
> >>
> >>     Fragmented multicast frames are delivered to a single macvlan port,
> >>     because ip defrag logic considers other samples are redundant.
> >>
> >>     Implement a defrag step before trying to send the multicast frame.
> >>
> >>     Reported-by: Ben Greear <greearb@...delatech.com>
> >>     Signed-off-by: Eric Dumazet <eric.dumazet@...il.com>
> >>     Signed-off-by: David S. Miller <davem@...emloft.net>
> >>
> >>

Here's the correct link to the test program:
git://github.com/Hugne/udp_mc.git

My tree was just a few days old so it did contain this patch.
Anyway, I retested with latest now and can confirm that it's still there.

I set up some ip6tables logging, and it is clear that all interfaces are 
receiving all fragments, but fail to reassemble them.
netstat -6 -s |grep reass
    8880 reassemblies required
    490 packets reassembled ok
    2898 packet reassembles failed

ip6tables -N LOGME
ip6tables -A LOGME -j LOG
ip6tables -A INPUT -d ff02::/16 -i macvlan0 -j LOGME
ip6tables -A INPUT -d ff02::/16 -i eth0 -j LOGME
ip6tables -A LOGME -j ACCEPT

//E
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ