Date: Tue, 28 Jul 2009 09:15:16 -0700 From: Julian Elischer <julian@elischer.org> To: Oleg Sharoyko <os@sfedu.ru> Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables Message-ID: <4A6F2414.2080203@elischer.org> In-Reply-To: <1248788292.71222.10.camel@brain.cc.rsu.ru> References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> <4A6E3743.7050708@elischer.org> <1248788292.71222.10.camel@brain.cc.rsu.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------040106090200020104060101
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Oleg Sharoyko wrote:
> On Mon, 2009-07-27 at 16:24 -0700, Julian Elischer wrote:
>
>>> in addition to the patches already sent you might like to add the
>>> following line to netinet/tcp_input.c
>>>
>>> }
>>> inc.inc_fport = th->th_sport;
>>> inc.inc_lport = th->th_dport;
>>> inc.inc_fibnum = so->so_fibnum; <-------------
>>> /*
>>> * Check for an existing connection attempt in syncache if
>>> * the flag is only ACK. A successful lookup creates a new
>>> * socket appended to the listen queue in SYN_RECEIVED
>>> state.
>>> */
>> in fact you might try just this on its own
>
> With this patch alone all the packets but SYN+ACK are being sent out
> correctly. SYN+ACK still uses wrong interface.
>
> ip_output() uses struct inpcb *inp argument to set fib. But when
> syncache_respond() sends SYN+ACK, ip_output() is being called without
> inp (from netinet/tcp_syncache.c, syncache_respond()):
>
> error = ip_output(m, sc->sc_ipopts, NULL, 0, NULL, NULL);
>
> It I add
> M_SETFIB(m, sc->sc_inc.inc_fibnum);
>
> before the call to ip_output(), then SYN+ACK goes the right way.
>
ok so here's my final patch.
This is taken against -current. so it may not patch exactly cleanly.
it's not quite minimal as I'm cleaning up something too, but
could you check it works?
if you have ipv6 it might be nice to check that ipv6 doesn't crash
with this patch too (ipv6 doesn't support Multiple routing tables
yet).
--------------040106090200020104060101
Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0"; name="accept.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="accept.diff"
Index: sys/kern/uipc_socket.c
===================================================================
--- sys/kern/uipc_socket.c (revision 195859)
+++ sys/kern/uipc_socket.c (working copy)
@@ -438,6 +438,7 @@
so->so_options = head->so_options &~ SO_ACCEPTCONN;
so->so_linger = head->so_linger;
so->so_state = head->so_state | SS_NOFDREF;
+ so->so_fibnum = head->so_fibnum;
so->so_proto = head->so_proto;
so->so_cred = crhold(head->so_cred);
#ifdef MAC
Index: sys/netinet/tcp_input.c
===================================================================
--- sys/netinet/tcp_input.c (revision 195859)
+++ sys/netinet/tcp_input.c (working copy)
@@ -758,6 +758,7 @@
}
inc.inc_fport = th->th_sport;
inc.inc_lport = th->th_dport;
+ inc.inc_fibnum = so->so_fibnum;
/*
* Check for an existing connection attempt in syncache if
Index: sys/netinet/tcp_syncache.c
===================================================================
--- sys/netinet/tcp_syncache.c (revision 195859)
+++ sys/netinet/tcp_syncache.c (working copy)
@@ -642,8 +642,7 @@
#endif
inp = sotoinpcb(so);
- inp->inp_inc.inc_fibnum = sc->sc_inc.inc_fibnum;
- so->so_fibnum = sc->sc_inc.inc_fibnum;
+ inp->inp_inc.inc_fibnum = so->so_fibnum;
INP_WLOCK(inp);
/* Insert new socket into PCB hash list. */
@@ -1128,8 +1127,6 @@
sc->sc_cred = cred;
cred = NULL;
sc->sc_ipopts = ipopts;
- /* XXX-BZ this fib assignment is just useless. */
- sc->sc_inc.inc_fibnum = inp->inp_inc.inc_fibnum;
bcopy(inc, &sc->sc_inc, sizeof(struct in_conninfo));
#ifdef INET6
if (!(inc->inc_flags & INC_ISIPV6))
@@ -1403,6 +1400,7 @@
} else
optlen = 0;
+ M_SETFIB(m, sc->sc_inc.inc_fibnum);
#ifdef INET6
if (sc->sc_inc.inc_flags & INC_ISIPV6) {
th->th_sum = 0;
--------------040106090200020104060101--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A6F2414.2080203>