Bug 29253

Summary:	natd(8) forgets about udp connections
Product:	Base System	Reporter:	fvw <fvw>
Component:	bin	Assignee:	freebsd-bugs (Nobody) <bugs>
Status:	Closed Works As Intended
Severity:	Affects Only Me	CC:	eugen
Priority:	Normal
Version:	4.3-RELEASE
Hardware:	Any
OS:	Any

Description fvw 2001-07-27 01:40:01 UTC

I have a problem where natd appears to be losing entries from it's
table of forwarded connections... I have the sysctl
net.inet.ipf.fr_udptimeout set to 864000, and yet, once in a while, 
natd forgets about the previous traffic all together, as illustrated
by the following tcpdumps (this is icq traffic):

on ed0 (the public interface):
13:30:26.085447 fes-d006.icq.aol.com.4000 > e166066.upc-e.chello.nl.1026: udp 21 (DF)
13:30:50.033977 fes-d006.icq.aol.com.4000 > e166066.upc-e.chello.nl.1026: udp 70 (DF)
13:30:50.038764 e166066.upc-e.chello.nl.1026 > fes-d006.icq.aol.com.4000: udp 28
13:32:03.114457 fes-d006.icq.aol.com.4000 > e166066.upc-e.chello.nl.1026: udp 70 (DF)
13:32:03.116865 e166066.upc-e.chello.nl > fes-d006.icq.aol.com: icmp: e166066.upc-e.chello.nl udp port 1026 unreachable (DF)
13:32:09.117458 fes-d006.icq.aol.com.4000 > e166066.upc-e.chello.nl.1026: udp 70 (DF)
13:32:09.119853 e166066.upc-e.chello.nl > fes-d006.icq.aol.com: icmp: e166066.upc-e.chello.nl udp port 1026 unreachable (DF)

on ed1 (on the local net):

13:30:26.086744 fes-d006.icq.aol.com.4000 > hypnos.1026: udp 21 (DF)
13:30:50.035364 fes-d006.icq.aol.com.4000 > hypnos.1026: udp 70 (DF)
13:30:50.036130 hypnos.1026 > fes-d006.icq.aol.com.4000: udp 28
13:32:25.976894 ...

In these examples, e166066.upc-e.chello.nl is the public ip of the nat
box, hypnos is the host from which the traffic is coming (this host is
behind the nat box).

Fix: 

Unknown.
How-To-Repeat: Just run natd and do udp traffic.

Comment 1 Kris Kennaway freebsd_committer

2001-07-28 08:46:30 UTC

Responsible Changed
From-To: freebsd-bugs->ru

Ruslan has worked on natd in the past

Comment 2 ru freebsd_committer

2001-08-06 12:38:08 UTC

On Fri, Jul 27, 2001 at 02:35:32AM +0000, fvw@var.cx wrote:
> 
> I have a problem where natd appears to be losing entries from it's
> table of forwarded connections... I have the sysctl
> net.inet.ipf.fr_udptimeout set to 864000, and yet, once in a while, 
> natd forgets about the previous traffic all together, as illustrated
> by the following tcpdumps (this is icq traffic):
> 
This is because libalias has different idea about this timeout:

/* Timeouts (in seconds) for different link types */
#define ICMP_EXPIRE_TIME             60
#define UDP_EXPIRE_TIME              60
#define PROTO_EXPIRE_TIME            60

Unfortunately, you don't currently have the way to change these
timeouts from within natd(8), at run-time.  You should manually
edit these values in src/lib/libalias/alias_db.c, recompile and
reinstall libalias library, then recompile and reinstall natd.

I will eventually add this feature to libalias and natd.


Cheers,
-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

Comment 3 ru freebsd_committer

2004-04-17 07:15:49 UTC

Responsible Changed
From-To: ru->freebsd-bugs

ENOTIME.

Comment 4 Alexander Motin freebsd_committer

2008-06-22 23:18:56 UTC

State Changed
From-To: open->analyzed

Ruslan Ermilov sounded the source of problem.

Comment 5 Eitan Adler freebsd_committer

2012-07-01 16:59:34 UTC

State Changed
From-To: analyzed->open

unowned PRs should not be in analyzed state

Comment 6 Eitan Adler freebsd_committer

2017-12-31 07:59:19 UTC

For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped

Comment 7 Eugene Grosbein freebsd_committer

2018-02-02 20:56:00 UTC

natd and libalias have fixed timeout for UDP flows.