lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <F2F490FA-3AED-436B-BB9E-818353BCEA9B@linbit.com>
Date:	Thu, 12 Mar 2015 08:27:20 +0100
From:	Lars Ellenberg <lars.ellenberg@...bit.com>
To:	Ulf Samuelsson <netdev@...gii.com>, netdev@...r.kernel.org
Subject: Re: Bug report: broadcast address as incomplete entry in arp table, effectively a blackhole; reproducer included

Am 11. März 2015 21:56:53 MEZ, schrieb Ulf Samuelsson <netdev@...gii.com>:
>Den 2014-11-19 15:39, Lars Ellenberg skrev:
>> Ping ...
>> Any ideas?
>>
>> 	Lars
>Did you ever solve this problem?


There are the stated workarounds.
No solution.
In fact this is the first reaction I had at all.

>Have been working on a similar problem.
>
>Are you sure that the entry is never removed?

Not sure, never is a long time to cover. Not within hours, though.
And not deletable "by hand".
My guess it's that it is in some part of the table that is not walked anymore, because the system"knows" that this entry cannot possibly exist, so why even bother to look :-/

>Once you lose the entry, it is normally garbage collected,
>and this takes a looong time (minutes).
>
>Try leaving it alone for an hour once the problem occurs,
>and check if the garbage collector has not taken the entry out.

You realize that I can reproduce at will, I can provoke the problem.


>The ARP state machine has, as far as I know, no way
>to put an entry into INCOMPLETE once it has reached REACHABLE.
>
>Once in REACHABLE it will move between the following valid states:

It never was reachable.
It either is the broadcast address, which won't be ARP resolved obviously. Or it is unreachable -- nothing has the supposedly broadcast address assigned...

Thanks,
    Lars


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ