Date: Mon, 28 Oct 2002 04:00:11 -0800 (PST) From: Maxim Konovalov <maxim@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/39937: ipstealth issue Message-ID: <200210281200.g9SC0BZD066010@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/39937; it has been noted by GNATS. From: Maxim Konovalov <maxim@FreeBSD.org> To: bug-followup@FreeBSD.org Cc: Chris Wasser <flatline@cmdcomputers.ca>, <murray@FreeBSD.org> Subject: Re: kern/39937: ipstealth issue Date: Mon, 28 Oct 2002 14:56:02 +0300 (MSK) [ CC: Murray Stokely, our dhcp maintainer ] OK, I found the problem but I have no idea about proper fix now. We have: options IPSTEALTH net.inet.ip.stealth=1 net.inet.ip.forwarding=1 We run dhclient <NIC name> and get lock up. The problem is in endless loop: ip_input -> ip_forward -> ip_output -> ip_input. The loop is present regardless of net.inet.ip.stealth but with net.inet.ip.stealth=0 ip_input() has a chance to decrement TTL on each cycle and a packet expires. Why does the loop exist? dhclient(8) invokes dhclient-script(8) which installs a static route: route add $alias_ip_address 127.0.0.1 which makes endless routing loop. Frankly, I do not understand a purpose of that route. Here is a quick and probably dirty hack: Index: isc-dhcp/client/scripts/freebsd =================================================================== RCS file: /home/ncvs/src/contrib/isc-dhcp/client/scripts/freebsd,v retrieving revision 1.20 diff -u -r1.20 freebsd --- isc-dhcp/client/scripts/freebsd 19 Feb 2002 12:10:40 -0000 1.20 +++ isc-dhcp/client/scripts/freebsd 28 Oct 2002 11:44:16 -0000 @@ -122,7 +122,6 @@ if [ -n "$new_routers" ]; then $LOGGER "New Routers: $new_routers" fi - route add $new_ip_address 127.1 >/dev/null 2>&1 for router in $new_routers; do route add default $router >/dev/null 2>&1 done @@ -138,7 +137,6 @@ if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; then ifconfig $interface inet alias $alias_ip_address $alias_subnet_arg - route add $alias_ip_address 127.0.0.1 fi make_resolv_conf exit_with_hooks 0 @@ -168,7 +166,6 @@ fi if [ x$alias_ip_address != x ]; then ifconfig $interface inet alias $alias_ip_address $alias_subnet_arg - route add $alias_ip_address 127.0.0.1 fi exit_with_hooks 0 fi @@ -191,9 +188,7 @@ if [ x$new_ip_address != x$alias_ip_address ] && \ [ x$alias_ip_address != x ]; then ifconfig $interface inet alias $alias_ip_address $alias_subnet_arg - route add $alias_ip_address 127.0.0.1 fi - route add $new_ip_address 127.1 >/dev/null 2>&1 for router in $new_routers; do route add default $router >/dev/null 2>&1 done %%% With this patch my 4.7-STABLE works OK. -- Maxim Konovalov, maxim@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210281200.g9SC0BZD066010>