Hello,
On Fri, 31 Mar 2000, Valentijn Sessink wrote:
> There's a bug in the output address of masq'ed packets.
Yes, this is a bug in the MASQ code and not in the
ip_route_output. It seems that __ip_masq_out_get and friends must be
modified to check the maddr too. When a ms entry uses NO_DADDR or DLOOSE
flag (in your case UDP uses DLOOSE) the entry is checked by saddr/sport
only but the different maddr returned from ip_route_output is not used.
This is the reason for the wrong saddr in the outgoing packet after the
masquerading. If the internal host (UDP socket) sends two packets to
different destinations causing different maddr to be selected via
ip_route_output, the packets are rewritten only with maddr used to create
the entry (from the first packet). In this case two ms entries must be
created with same saddr/sport but with different maddr. This problem
raises only when MASQ uses two output devices.
MASQ gurus? Is that correct?
Do you accept patches to *ip_masq_out_get*(...,maddr) ?
>
> The output addresses for masqueraded networks in my kernel 2.2.14 are
> "sometimes" wrong. AFAICT this happens if two UDP packets close to one
> another have an identical source but different destinations - for
> different interfaces.
>
>
> Short info:
> yangtse:~# ip link l
> 3: eth1: 24.132.71.96/23 brd 24.132.71.255 scope global eth1
> 6: ppp0: 195.190.229.42/32 local 10.66.2.1 scope global ppp0
>
> yangtse:~# ip ru l
> 32766: from all lookup main
>
> yangtse:~# ip ro l table main
> default via 24.132.70.1 dev eth1 src 24.132.71.96
>
> In error:
> tcpdump: listening on eth1
> 22:21:33.459562 10.66.2.1.61025 > 62.108.1.71.3130: udp 73
> ^^^^^^^^^^^^^^^ wrong, eth1 != 10.etcetera.
Regards
-- Julian Anastasov <uli@linux.tu-varna.acad.bg>- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Apr 07 2000 - 21:00:07 EST