From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.5 Message-ID: <50791CB1.6000001@altlinux.ru> Date: Sat, 13 Oct 2012 11:48:01 +0400 From: Anton Gorlov User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20121010 Thunderbird/16.0.1 MIME-Version: 1.0 To: ALT Linux Sisyphus discussions References: <50755129.9020506@altlinux.ru> In-Reply-To: <50755129.9020506@altlinux.ru> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 8bit X-Authenticated-As: agorlov@locum.ru Subject: Re: [sisyphus] =?koi8-r?b?dW4tZGVmIMkgbmF0?= X-BeenThere: sisyphus@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Sisyphus discussions List-Id: ALT Linux Sisyphus discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Oct 2012 07:49:09 -0000 Archived-At: List-Archive: List-Post: а вот кажется и ответ. в 3.6.2 типа пофиксили commit 52fc5048534e9d4127622fa5a269a92f3bb5218b Author: Eric Dumazet Date: Thu Oct 4 01:25:26 2012 +0000 ipv4: add a fib_type to fib_info [ Upstream commit f4ef85bbda96324785097356336bc79cdd37db0a ] commit d2d68ba9fe8 (ipv4: Cache input routes in fib_info nexthops.) introduced a regression for forwarding. This was hard to reproduce but the symptom was that packets were delivered to local host instead of being forwarded. David suggested to add fib_type to fib_info so that we dont inadvertently share same fib_info for different purposes. With help from Julian Anastasov who provided very helpful hints, reproduced here : Can it be a problem related to fib_info reuse from different routes. For example, when local IP address is created for subnet we have: broadcast 192.168.0.255 dev DEV proto kernel scope link src 192.168.0.1 192.168.0.0/24 dev DEV proto kernel scope link src 192.168.0.1 local 192.168.0.1 dev DEV proto kernel scope host src 192.168.0.1 The "dev DEV proto kernel scope link src 192.168.0.1" is a reused fib_info structure where we put cached routes. The result can be same fib_info for 192.168.0.255 and 192.168.0.0/24. RTN_BROADCAST is cached only for input routes. Incoming broadcast to 192.168.0.255 can be cached and can cause problems for traffic forwarded to 192.168.0.0/24. So, this patch should solve the problem because it separates the broadcast from unicast traffic. And the ip_route_input_slow caching will work for local and broadcast input routes (above routes 1 and 3) just because they differ in scope and use different fib_info. Many thanks to Chris Clayton for his patience and help. Reported-by: Chris Clayton Bisected-by: Chris Clayton Reported-by: Dave Jones Signed-off-by: Eric Dumazet Cc: Julian Anastasov Tested-by: Chris Clayton Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman 10.10.2012 14:42, Anton Gorlov пишет: > А никто не замечал что с un-def порой snat не работает? > Симптомы следующие - на локальном интерфейсе вижу приходящие пакеты с > адресом из локальной сети,на исходящем вижу уже отначенные пакеты и > ответные на них.а вот на локальном уже ответных пакетов не видно. > С 1 стороны pppoe до провайдера, с другой локалка по обычному эзернету. > Причём порой всё таки работает после перезагрузки > _______________________________________________ > Sisyphus mailing list > Sisyphus@lists.altlinux.org > https://lists.altlinux.org/mailman/listinfo/sisyphus