All of lore.kernel.org
 help / color / mirror / Atom feed
From: Chunhui He <hchunhui@mail.ustc.edu.cn>
To: ja@ssi.bg
Cc: davem@davemloft.net, dsa@cumulusnetworks.com,
	nicolas.dichtel@6wind.com, roopa@cumulusnetworks.com,
	rshearma@brocade.com, dbarroso@fastly.com,
	martinbj2008@gmail.com, rick.jones2@hp.com, koct9i@gmail.com,
	edumazet@google.com, tgraf@suug.ch, ebiederm@xmission.com,
	yoshfuji@linux-ipv6.org, netdev@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH] net: neigh: disallow state transition DELAY->STALE in neigh_update()
Date: Mon, 25 Jul 2016 07:52:29 +0000 (UTC)	[thread overview]
Message-ID: <20160725.075229.794245205936957321.hchunhui@mail.ustc.edu.cn> (raw)
In-Reply-To: <alpine.LFD.2.11.1607232039400.2032@ja.home.ssi.bg>


Hello,

On Sat, 23 Jul 2016 22:09:43 +0300 (EEST), Julian Anastasov <ja@ssi.bg> wrote:
> 
> 	May be that is the problem: we receive such packet,
> ip_route_input_noref detects that we allow such packet
> from NEIGH_IP on this interface, tip is not RTN_LOCAL (no
> ARP reply from us), tip is RTN_UNICAST but proxy_arp is not
> allowed, so we continue and reach __neigh_lookup which finds
> the existing cache entry because we talked to GW before that.
> As this is an ARP request, neigh_update is called with NUD_STALE.
> No reply is sent because request was not for us but we
> just learned that NEIGH_IP is alive because it lookups
> for someone else. This is common to observe with broadcasts,
> GW lookups for other hosts and has to expose its IP+hwaddr.
> More difficult to happen with unicast packets, you need hub,
> not switch, to detect such packets.
> 
> 	It is possible that you miss the packet that tries
> to set NUD_STALE. May be you can add some printk's to catch
> what kind of packet causes this. This can help too:
> 
> tcpdump -lnnn -s0 arp and host GW_IP
> 
> 	If you see such packet, that is it. Our cache is
> updated with NUD_STALE.
> 
>> So I'm not sure if it can learn from ARP reply.
> 
> 	See above, received broadcast GARP reply can set
> NUD_STALE. But the most trivial case of GW exposing its
> IP while looking for other hosts should be the culprit.
> It probably happens often, that is why we have no chance
> to send ARP requests, GW is more ARP-active than us and
> updates our cache and we are happy.
>

Thank you for your analysis.
I think the same, except that I don't think GW can update
our cache via broadcast ARP.

Please the comment in arp_process():
>                int state = NUD_REACHABLE;
...
>                /* Broadcast replies and request packets
>                   do not assert neighbour reachability.
>                 */
>                if (arp->ar_op != htons(ARPOP_REPLY) ||
>                    skb->pkt_type != PACKET_HOST)
>                        state = NUD_STALE;
>                neigh_update(n, sha, state,
...

Broadcast packets do not assert reachability, so they
should not interference our state machine. They are
just a hint.

Regards,
Chunhui

  reply	other threads:[~2016-07-25  7:52 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-07-21 17:58 [PATCH] net: neigh: disallow state transition DELAY->STALE in neigh_update() Chunhui He
2016-07-22  7:20 ` Julian Anastasov
2016-07-22  7:20   ` Julian Anastasov
2016-07-22  9:41   ` Hannes Frederic Sowa
2016-07-22 12:47   ` Chunhui He
2016-07-23  6:17     ` Julian Anastasov
2016-07-23 11:24       ` Chunhui He
2016-07-23 14:09         ` Julian Anastasov
2016-07-23 14:09           ` Julian Anastasov
2016-07-23 16:52           ` Chunhui He
2016-07-23 19:09             ` Julian Anastasov
2016-07-25  7:52               ` Chunhui He [this message]
2016-07-25  5:20     ` YOSHIFUJI Hideaki/吉藤英明
2016-07-25  8:13       ` Chunhui He
2016-07-25 12:45         ` 吉藤英明
2016-07-25 18:57           ` Julian Anastasov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160725.075229.794245205936957321.hchunhui@mail.ustc.edu.cn \
    --to=hchunhui@mail.ustc.edu.cn \
    --cc=davem@davemloft.net \
    --cc=dbarroso@fastly.com \
    --cc=dsa@cumulusnetworks.com \
    --cc=ebiederm@xmission.com \
    --cc=edumazet@google.com \
    --cc=ja@ssi.bg \
    --cc=koct9i@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=martinbj2008@gmail.com \
    --cc=netdev@vger.kernel.org \
    --cc=nicolas.dichtel@6wind.com \
    --cc=rick.jones2@hp.com \
    --cc=roopa@cumulusnetworks.com \
    --cc=rshearma@brocade.com \
    --cc=tgraf@suug.ch \
    --cc=yoshfuji@linux-ipv6.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.