Re: When does Linux drop UDP packets?

From: david
Date: Thu Jun 04 2009 - 13:58:23 EST

Next message: Randy Dunlap: "[PATCH v2] kmap_types: convert most arches to a single header file"
Previous message: Greg KH: "Re: linux-next: Tree for June 3 (staging)"
In reply to: Steven Rostedt: "Re: When does Linux drop UDP packets?"
Next in thread: Eric Dumazet: "Re: When does Linux drop UDP packets?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 4 Jun 2009, Steven Rostedt wrote:

On Thu, Jun 04, 2009 at 04:53:47PM +0200, Philipp Reh wrote:
Dear list,

I have the following setting in which a client that resides on the same
physical network as a server wants to receive any UDP packet that
arrives on any of its interfaces sent by that server.

The code sets the broadcast flag, calls bind to INADDR_ANY and
uses recvfrom from there on.

Let's say the server resides in the subnet 192.168.6.255 and the
client in 192.168.3.255. The server uses its real IP as the packet's
sender ip (192.168.6.5).

You don't say what the client IP is. Let's assume that it is 192.168.3.1
for simplicity.

Now the first problem I've encountered is the following:
If the client removes its default route and doesn't have any route
pointing into the subnet the server is in, the packets get discarded
(still tcpdump sees them).

Are you saying that the server sent to 192.168.3.1 with source ip of
192.168.6.5 and the client did not see it?

The second problem is that if the server uses the broadcast address as
its sender address (255.255.255.255), the packets get always discarded
(again, tcpdump sees them).

Again, what was the destination IP address?

Now if the server fakes its sender address to be in the client's subnet,
every packet arrives again.

So the only thing you change is the sender address?

What tools are you using to read the packets, and how do you know it is
dropped?

I have seen the same thing. I have syslog servers on one subnet without a default route. If I configure a server on another subnet to send it logs I can see the packets with tcpdump, but syslogd will not record them.

If I configure a route on the recieving box that makes it think that it can get to the sender (note that the route can be completely bogus, pointing at a wrong or non-existing gateway) the kernel is happy and the packets show up to syslogd

the systems I am running do _not_ have selinux on them.

I have seen this as far back as 2.6.12 so it's not a recent change.

if you need examples with IP addresses

box 1
IP 10.1.1.2

router
IP 10.1.1.1
IP 192.168.1.1

box 2
IP 192.168.1.2

If I configure box 2 to have a route to box1, but do not configure box 1 to have any route (including not having a default route) that would get it to a 192.168.1.x subnet tcpdump on box 1 will show the syslog packets, but syslog (and any non-pcap tool) will not see the packets)

if I configure a route on box 1 to have a default route of 10.1.1.3 (which does not exist, so cannot possibly route packets anywhere) then everything works.

So my real question is:
When does Linux discard packets and how can I prevent it from doing
that?

for this problem, set a default route that points at a non-existing gateway and I believe that your problem will go away.

David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Randy Dunlap: "[PATCH v2] kmap_types: convert most arches to a single header file"
Previous message: Greg KH: "Re: linux-next: Tree for June 3 (staging)"
In reply to: Steven Rostedt: "Re: When does Linux drop UDP packets?"
Next in thread: Eric Dumazet: "Re: When does Linux drop UDP packets?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]