Bug 85052

Summary: [patch] ip_fastforward.c mishandle broadcast packets
Product: Base System Reporter: Dmitrij Tejblum <tejblum>
Component: kernAssignee: Andre Oppermann <andre>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 5.4-STABLE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Dmitrij Tejblum 2005-08-17 21:30:18 UTC 
Fastforwarding may forward broadcast packets under some circumstances. It
does not appear to be useful. Comments in this file suggest that it is not
intended. It looks like ip_forward() (in ip_input.c) does not forward packets
with M_BCAST.

How-To-Repeat: 
On a router with fastforwarding enabled:

ifconfig vlanNNN create
ifconfig vlanNNN vlandev em0 vlan NNN
ifconfig vlanNNN up #note: no IP address assigned

Now, suppose we have the network 10.20.30.0/24 in vlan NNN. Broadcast packet 
to 10.20.30.255, received by the router, will be forwarded to the vlan NNN
(via other routers). I.e. we have a loop. Moreover, since M_BCAST is not
cleared, the packet is forwarded as a broadcast, and it result in a
broadcast storm.
Comment 1 Andre Oppermann freebsd_committer freebsd_triage 2005-08-22 12:51:19 UTC 
Responsible Changed
From-To: freebsd-bugs->andre

Take over.
Comment 2 Andre Oppermann freebsd_committer freebsd_triage 2005-08-22 13:06:46 UTC 
State Changed
From-To: open->patched

A slightly modified patch is in rev. 1.31 of ip_fastfwd.c.  MFC after 3 days.
Comment 3 Andre Oppermann freebsd_committer freebsd_triage 2005-08-30 12:49:15 UTC 
State Changed
From-To: patched->closed

MFC'd to RELENG_6 and RELENG_5.