9383 – [PATCH] Appletalk packets are delivered to the last interface FD_SET

Bug 9383 - [PATCH] Appletalk packets are delivered to the last interface FD_SET

Summary: [PATCH] Appletalk packets are delivered to the last interface FD_SET

Status:	RESOLVED OBSOLETE

Alias:	None

Product:	Networking
Classification:	Unclassified
Component:	Other (show other bugs)
Hardware:	All Linux

Importance:	P1 normal
Assignee:	Arnaldo Carvalho de Melo

URL:
Keywords:

Duplicates (1):	9384 (view as bug list)
Depends on:
Blocks:

Reported:	2007-11-15 01:51 UTC by James Andrewartha
Modified:	2012-10-30 14:34 UTC (History)
CC List:	2 users (show)

See Also:
Kernel Version:	2.6.21.3
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description James Andrewartha 2007-11-15 01:51:13 UTC

Most recent kernel where this bug did not occur: 2.6.10. Maybe 2.6.15? It was in 2.6.18 along with bug 7421 which caused me to disable netatalk until now.
Distribution: Debian etch (4.0)
Hardware Environment: Pentium 4 2.8GHz, HT off, Intel D865GLC motherboard, 256MB RAM, onboard Intel GigE, PCI Intel e100.
Software Environment: Netatalk 2.0.3, ipset patch for iptables and kernel
Problem Description: Appletalk packets appear to come from the wrong interface, specifically the last one FD_SET. Using wireshark I see Appletalk rtmp packets arrive from the upstream router on eth1 (the e100). Netatalk then reports the packet as having arrived on eth0.3, which is the only other appletalk enabled interface, and prints "rtmp_packet interface mismatch" because the packet appears to come from the wrong interface.

I'm fairly sure it's the kernel doing it, because wireshark is listening on eth1 and shows the packet from the upstream router's MAC address and DDP address, then the debug code in atalkd immediately after the recvfrom prints the ifr_name which is eth0.3. Also netatalk 2.0.3 was released over 2 years ago, so the only code that's changed is the kernel.

Enabling appletalk on eth0.2 clarifies the problem - packets are delivered to fds belonging to the last interface FD_SET. Reordering the interfaces also shows this, as in the config file changing the order of the interfaces changes the order they're looped through for FD_SET.

Steps to reproduce: Set up a multi-interface netatalk config and watch for rtmp_packet interface mismatch messages. I added a bunch of log statements to debug this, the most useful places to put them are at the end of setaddr() and after the select() in main().

The machine is a router, so I have to minimise the downtime of testing different kernel versions. I am happy to instrument atalkd or provide packet captures.

Comment 1 James Andrewartha 2007-11-15 01:57:07 UTC

*** Bug 9384 has been marked as a duplicate of this bug. ***

Comment 2 didier 2009-12-08 03:53:10 UTC

Hi,


it's the 64233bffbb50f12e576c61d1698a573c8033004a commit, 

>now Because a broadcast packet should be
>send to the first matching socket (as it is done in many other protocols
>(?)), we removed the network comparison in broadcast case.

It's true but atalkd is expecting broadcast packets on the socket attached to the interface of the sender and complains loudly about missconfigured router.

There's no ingress filtering for ddp and now it's impossible for userland to detect a router plugged in a wrong connector.

The following patch restore this functionality.

Didier Gautheron

diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index 9fc4da5..98f7ac6 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c
@@ -103,6 +103,7 @@ static struct sock *atalk_search_socket(struct sockaddr_at *to,
                        continue;
 
                if (to->sat_addr.s_net == ATADDR_ANYNET &&
+                   at->src_net == atif->address.s_net &&
                    to->sat_addr.s_node == ATADDR_BCAST)
                        goto found;

Note You need to log in before you can comment on or make changes to this bug.