| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150212054555.7746b3ee@uryu.home.lan>
Date: Thu, 12 Feb 2015 05:45:55 -0800
From: Stephen Hemminger <stephen@...workplumber.org>
To: netdev@...r.kernel.org
Subject: Fw: [Bug 93121] New: fib_lookup failed to find blackhole or
prohibit or unreachable routes
Begin forwarded message:
Date: Thu, 12 Feb 2015 08:36:12 +0000
From: "bugzilla-daemon@...zilla.kernel.org" <bugzilla-daemon@...zilla.kernel.org>
To: "shemminger@...ux-foundation.org" <shemminger@...ux-foundation.org>
Subject: [Bug 93121] New: fib_lookup failed to find blackhole or prohibit or unreachable routes
https://bugzilla.kernel.org/show_bug.cgi?id=93121
Bug ID: 93121
Summary: fib_lookup failed to find blackhole or prohibit or
unreachable routes
Product: Networking
Version: 2.5
Kernel Version: since v3.6
Hardware: All
OS: Linux
Tree: Mainline
Status: NEW
Severity: normal
Priority: P1
Component: IPV4
Assignee: shemminger@...ux-foundation.org
Reporter: alexandergusarov@...il.com
Regression: No
Trying functional of blackhole | prohibit | unreachable routes i have found
that kernel always generate ICMP Network Unreachable (type 3 code 0) packets as
reply to packets going to blackhole route.
It seems to after removing routing cache in kernel 3.6 fib_lookup() failed to
find something in FIB.
Trying functional on different versions of kernel show me that functional is
broken after kernel 3.5.
I tried:
Ubuntu 10.04 whith 2.6.32 kernel - OK
Ubuntu 10.04 whith 3.0.0 kernel - OK
Ubuntu 12.04 whith 3.2.0 kernel - OK
Ubuntu 12.04 whith 3.5.0 kernel - OK
Ubuntu 12.04 whith 3.8.0 kernel - ERROR
Ubuntu 14.04 whith 3.13.0 kernel - ERROR
Ubuntu 15.04 whith 3.18.0 kernel - ERROR (daily build)
Steps to reproduce:
1) Two linux machines whith static IP adresses
Alpha - 192.168.1.1/24
Beta - 192.168.1.2/24
2) on Beta add route to 192.168.128.0/17 and blackhole routes to subbets
$ ip route add 192.168.128.0/17 via 192.168.1.1
$ ip route add blackhole 192.168.128.0/19
$ ip route add prohibit 192.168.160.0/19
$ ip route add unreachable 192.168.192.0/19
3) on Alpha add route to 192.168.128.0/17
$ ip route add 192.168.128.0/17 via 192.168.1.2
4) on Alpha ping 192.168.128.1 (expected no reply)
$ ping 192.168.128.1
PING 192.168.128.1 (192.168.128.1) 56(84) bytes of data.
From 192.168.1.1 icmp_seq=1 Destination Net Unreachable
From 192.168.1.1 icmp_seq=2 Destination Net Unreachable
...
5) on Alpha ping 192.168.160.1 (expected reply "Packet Filtred")
$ ping 192.168.160.1
PING 192.168.160.1 (192.168.160.1) 56(84) bytes of data.
From 192.168.1.1 icmp_seq=1 Destination Net Unreachable
From 192.168.1.1 icmp_seq=2 Destination Net Unreachable
...
6) on Alpha ping 192.168.192.1 (expected reply "Host Unreachable")
$ ping 192.168.192.1
PING 192.168.192.1 (192.168.192.1) 56(84) bytes of data.
From 192.168.1.1 icmp_seq=1 Destination Net Unreachable
From 192.168.1.1 icmp_seq=2 Destination Net Unreachable
...
I apologize for my bad English
--
You are receiving this mail because:
You are the assignee for the bug.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists