lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <56953740.1090204@stressinduktion.org>
Date:	Tue, 12 Jan 2016 18:26:24 +0100
From:	Hannes Frederic Sowa <hannes@...essinduktion.org>
To:	Stas Sergeev <stsp@...t.ru>
Cc:	netdev <netdev@...r.kernel.org>,
	Sowmini Varadhan <sowmini.varadhan@...cle.com>
Subject: Re: Q: bad routing table cache entries

On 12.01.2016 18:18, Stas Sergeev wrote:
> 12.01.2016 20:06, Hannes Frederic Sowa пишет:
>> On 12.01.2016 17:56, Stas Sergeev wrote:
>>> 12.01.2016 19:42, Stas Sergeev пишет:
>>> Also the rfc1620 you pointed, seems to be saying this:
>>>
>>>                   A Redirect message SHOULD be silently discarded if the
>>>                   new router address it specifies is not on the same
>>>                   connected (sub-) net through which the Redirect arrived,
>>>                   or if the source of the Redirect is not the current
>>>                   first-hop router for the specified destination.
>>>
>>> It seems, this is exactly the rule we were trying to find
>>> during the thread. And it seems violated, either. Unless I am
>>> mis-interpreting it, of course.
>>
>> If you read on you will read that with shared_media this exact clause (the first of those) is not in effect any more.
> OK. But how to get such a redirect to work, if (checked with
> tcpdump) the packets do not even go to eth0, but to "lo"?

I don't know, the router must be on the same shared medium. I guess 
physical reconfiguration is required?

Aren't there arp request for the host on eth0?

> And how to deal with the above quote from rfc1812?
>
>> I don't know why shared_media=1 is the default in Linux, this decision was made long before I joined here. Anyway, with shared_media=1 this is absolutely the required behavior.
> Then it should work. How? :)

What should work? Sorry, I can't follow you. Everything looks fine to 
me. The default is shared_media, so servers send such redirects and 
client accept those. If it would be 0 the rfc1812 applies and should 
stop servers to send such redirects and clients to accept those.

Bye,
Hannes

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ