Source address for icmp errors...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi all...

I've several linux boxes that are used as IP routers in an environment where there's lots of asymmetrial routing. All well and good.. they do a lovely job, but one minor gripe: Linux, when returning ICMP errors, chooses the source address of the ICMP error to be the address of the interface on which it will forward the error out on, rather than the address of the interface on which it received the original packet that caused the error to be generated. I'm just refering to ICMP errors caused by packets that aren't addressed to an IP address local to the machine generating the error.

This affects traceroute...

In an example network of 6 machines (lower case letters are addresses so HostA has address x, HostB has addresses a, b and d etc).

                HostC 
     x a     b/c     f\g     j y 
HostA - HostB           HostE - HostF
             d\e      h/i
                HostD


If routing is configured such that when a packet goes from HostA to HostF it takes the path:

HostA -> HostB -> HostC -> HostE -> HostF

but back:

HostF -> HostE -> HostD -> HostB -> HostA

Tracerouting from HostA->HostF will show a path of addresses:

a c i y

Notice that "i" is the HostE address of an interface through which the packet did not pass. I would prefer the traceroute to show the IP address of the HostE's interface through which the packet did pass... ie:

a c g y

In net/ipv4/icmp.c the source address for ICMP errors is set to 0 (ie fill in later) when returning an ICMP error for a non-local-address-destined packet:

        saddr = iph->daddr;
        if (!(rt->rt_flags & RTCF_LOCAL))
                saddr = 0;

To get the behaviour I'm after, I've changed this to:

	saddr = iph->daddr;
	if (!(rt->rt_flags & RTCF_LOCAL))
		saddr = inet_select_addr(skb_in->dev, 0, RT_SCOPE_LINK);

I've done a couple of tests, and this *seems* to work; however I'm no expect on the Linux network stacks and would appreciate if someone who is were to confirm that this is sensible (ie whether skb_in->dev could ever not be set or whether a packet might have been received on an interface without an address??). I think it's safe RFC-wise and is the behavior of Cisco routers etc.

If I made this a configurable option via sysctl or similar is this something that might be included in future versions of the kernel (I can't believe I'm the only one to want this), or is there some reason why this option would be bad, that I've not realised?

Cheers,

Chris

-- 
Chris Wilson <chris@mxtelecom.com>
http://www.mxtelecom.com

-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux