lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 1 Jul 2024 21:51:05 +0000
From: "Muggeridge, Matt" <matt.muggeridge2@....com>
To: "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: ECMP Routes choose an UNREACHABLE nexthop

Hi,

I didn't get any traction on my previous topic, (Wrong nexthop selection with two default routers where only one is REACHABLE), so I'll try asking a more direct question...

Do you expect ECMP routes to use the Neighbor Cache when choosing the nexthop?

In my case, I have two nexthop routes, where one is REACHABLE and the other is FAILED. The kernel chooses the FAILED route, which breaks communication between endpoints.

E.g.

$ ip -6 r
2001:2:0:1000::/64 dev enp0s9 proto ra metric 1024 expires 65531sec pref medium
fe80::/64 dev enp0s3 proto kernel metric 256 pref medium
fe80::/64 dev enp0s9 proto kernel metric 256 pref medium
default proto ra metric 1024 expires 595sec pref medium
        nexthop via fe80::200:10ff:fe10:1060 dev enp0s9 weight 1
        nexthop via fe80::200:10ff:fe10:1061 dev enp0s9 weight 1

$ ip -6 n
fe80::200:10ff:fe10:1060 dev enp0s9 lladdr 00:00:10:10:10:60 router REACHABLE 
fe80::200:10ff:fe10:1061 dev enp0s9 FAILED

When the host receives an echo request via "1060", it responds with a NS for 1061. i.e. it's trying to resolve an UNREACHABLE nexthop.

Matt.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ