[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <541894F6.3090903@green-communications.fr>
Date: Tue, 16 Sep 2014 21:52:22 +0200
From: Nicolas Cavallari <nicolas.cavallari@...en-communications.fr>
To: David Miller <davem@...emloft.net>
CC: netdev@...r.kernel.org, kuznet@....inr.ac.ru, jmorris@...ei.org,
yoshfuji@...ux-ipv6.org, kaber@...sh.net
Subject: Re: [PATCHv2] ipv4: Do not cache routing failures due to disabled
forwarding.
On 16/09/2014 20:54, David Miller wrote:
> From: Nicolas Cavallari <nicolas.cavallari@...en-communications.fr>
> Date: Mon, 15 Sep 2014 12:28:13 +0200
>
>> If we cache them, the kernel will reuse them, independently of
>> whether forwarding is enabled or not. Which means that if forwarding is
>> disabled on the input interface where the first routing request comes
>> from, then that unreachable result will be cached and reused for
>> other interfaces, even if forwarding is enabled on them.
>>
>> This can be verified with two interfaces A and B and an output interface
>> C, where B has forwarding enabled, but not A and trying
>> ip route get $dst iif A from $src && ip route get $dst iif B from $src
>>
>> Signed-off-by: Nicolas Cavallari <nicolas.cavallari@...en-communications.fr>
>> ---
>> v2: simplify patch using julian anastasov's suggestion.
>
> This also disables caching for the cases of a simple fib lookup failure.
Caching is already not done on a fib lookup failure. On which fib_info
would you cache anyway ? res.fi is already NULL in this case.
> Handle cached route invalidation the way it's meant to be, by bumping
> the rt_genid.
>
> diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
> index 214882e..aa4e63c 100644
> --- a/net/ipv4/devinet.c
> +++ b/net/ipv4/devinet.c
> @@ -1965,6 +1965,8 @@ static void inet_forward_change(struct net *net)
> }
> rcu_read_unlock();
> }
> +
> + rt_cache_flush(net);
> }
>
> static int devinet_conf_ifindex(struct net *net, struct ipv4_devconf *cnf)
This doesn't solve the problem. Flushing the cache only changes how the
bug manifests:
ip route flush cache
ip route get 10.0.0.1 from 10.0.0.2 iif A
# unreachable (because forwarding on A is disabled). This is cached.
ip route get 10.0.0.1 from 10.0.0.2 iif B
# unreachable (at first fib_lookup finds it reachable and forwarding on
B is enabled. And then there is a valid cache entry, which is reused
blindly even if it says "unreachable").
ip route flush cache
ip route get 10.0.0.1 from 10.0.0.2 iif B
# reachable (because forwarding on B is enabled). This is cached
ip route get 10.0.0.1 from 10.0.0.2 iif A
# reachable (forwarding on A is disabled, so it is unreachable
initially. But there is a valid cache entry, which says "reachable",
which is reused)
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists