Summary: | FreeBSD incorrectly drops IPv6 packets looping back to the same p2p interface | ||||||
---|---|---|---|---|---|---|---|
Product: | Base System | Reporter: | Mira Ressel <aranea> | ||||
Component: | kern | Assignee: | Alexander V. Chernikov <melifaro> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Only Me | CC: | donner, kevans, melifaro, moviuro+freebsd | ||||
Priority: | --- | Keywords: | patch | ||||
Version: | Unspecified | Flags: | kevans:
mfc-stable12+
kevans: mfc-stable11- |
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Mira Ressel
2020-07-02 15:06:00 UTC
Created attachment 216144 [details]
suggested patch for sys/netinet6/ip6_forward.c
Open an internal Code review: https://reviews.freebsd.org/D25567 A commit references this bug: Author: kevans Date: Mon Aug 31 01:45:49 UTC 2020 New revision: 364982 URL: https://svnweb.freebsd.org/changeset/base/364982 Log: ipv6: quit dropping packets looping back on p2p interfaces To paraphrase the below-referenced PR: This logic originated in the KAME project, and was even controversial when it was enabled there by default in 2001. No such equivalent logic exists in the IPv4 stack, and it turns out that this leads to us dropping valid traffic when the "point to point" interface is actually a 1:many tun interface, e.g. with the wireguard userland stack. Even in the case of true point-to-point links, this logic only avoids transient looping of packets sent by misconfigured applications or attackers, which can be subverted by proper route configuration rather than hardcoded logic in the kernel to drop packets. In the review, melifaro goes on to note that the kernel can't fix it, so it perhaps shouldn't try to be 'smart' about it. Additionally, that TTL will still kick in even with incorrect route configuration. PR: 247718 Reviewed by: melifaro, rgrimes MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D25567 Changes: head/sys/netinet6/ip6_forward.c Oh, I noticed a little too late that melifaro@ had already 'taken' this PR. Sorry =( A commit references this bug: Author: kevans Date: Mon Sep 7 23:20:02 UTC 2020 New revision: 365434 URL: https://svnweb.freebsd.org/changeset/base/365434 Log: MFC r364982: ipv6: quit dropping packets looping back on p2p interfaces PR: 247718 Changes: _U stable/12/ stable/12/sys/netinet6/ip6_forward.c Will appear in 12.2; thanks! |