Date: Mon, 27 Jul 2009 13:32:39 -0700 From: Julian Elischer <julian@elischer.org> To: Oleg Sharoyko <os@sfedu.ru> Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables Message-ID: <4A6E0EE7.2070103@elischer.org> In-Reply-To: <4A6E058A.6060004@elischer.org> References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E058A.6060004@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Julian Elischer wrote:
> So there are two possible ways a daemon might assign a fib to a socket
> that it is accepting:
>
> 1/ the accept socket could take the FIB of the process.
> 2/ the accept socket could take the fib of the incoming SYN packet.
>
> I chose #1, but it is possible something in changes between 6
> and 7 broke the "chain of custody" for the fib.
> This code is in production in 6.x based systems but was only introduced
> to FreeBSD in 7.x.
>
> The process makes a socket which inherits the fib from it.
> The socket includes an INET PCB (Protocol Control Block)
> which gets a copy too..
> when "listen() is called and a syn comes in, a new entry is made in the
> syncache code and this includes a new connection block which is supposed
> to inherrit the fib number from the originating listen socket.
>
> Eventually a new socket is created and it is supposed to inherit teh
> fibnum from the syncache entry, and to copy it to the inpcb attached to it.
>
> It's possible that somewhere this has been broken by changes.
> but I don't see it right at the moment.
found one place in kern/ipc_socket.c
in sonewconn()
------
so->so_linger = head->so_linger;
so->so_state = head->so_state | SS_NOFDREF;
so->so_proto = head->so_proto;
so->so_fibnum = head->so_fibnum; <------ Add this
so->so_cred = crhold(head->so_cred);
#ifdef MAC
SOCK_LOCK(head);
mac_create_socket_from_socket(head, so);
SOCK_UNLOCK(head);
#endif
--------
and in netinet/tcp_syncache.c
in syncache_socket()
change the following:
------
inp = sotoinpcb(so);
inp->inp_inc.inc_fibnum = so->so_fibnum;
INP_WLOCK(inp);
/* Insert new socket into PCB hash list. */
------
and see if this helps
(it may not, there may be another code path I'm missing).
>
>
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A6E0EE7.2070103>