* [developer] [REVIEW] 16620 MLD/IGMP can drop or misroute listener reports
@ 2024-11-02 18:20 Bill Sommerfeld via illumos-developer
0 siblings, 0 replies; only message in thread
From: Bill Sommerfeld via illumos-developer @ 2024-11-02 18:20 UTC (permalink / raw)
To: developer
Issue: https://www.illumos.org/issues/16620
CR: https://code.illumos.org/c/illumos-gate/+/3556
Diff:
https://code.illumos.org/~diff/e3c8a5d530f94d86271a1f0312df090406ff953d
When attempting to enable IGMP and MLD snooping on a couple switches
of mine I discovered a few bugs in how our stack responds to IGMP and
MLD queries; the common thread is mishandling of the second and
subsequent multicast groups on an interface.
IGMP (for IPv4) and MLD (for IPv6) are closely related protocols.
Hosts participating in multicast (which includes everything running
IPv6) must listen for and respond to multicast group membership
queries, typically sent by a router or switch on the network. Layer-2
switches can "snoop" these messages to determine which ports need to
receive packets sent to each multicast group.
The bugs I fixed:
1) ill_mcast_send_queued() sends one or more queued IGMP/MLD
responses using a single ip_xmit_attr_t. It initializes several
fields in the ip_xmit_attr_t before walking the queue, but after every
transmit, it calls ixa_cleanup(). And ixa_cleanup() clears several of
the fields set before the loop - most notably ixa_ifindex, which sets
the output interface. As a result, all but the first packet in a
burst are sent out the primary interface.
2) When responding to a MLD v1 query, mld_query_in() loops over all
multicast groups on the interface, but breaks out of the loop after
queueing the first reply even if the query was a general wildcard
query.
3) All IPv6 hosts are implicitly members of the link-local all-nodes
multicast group, ff02::1. The MLD spec says that no MLD messages
should ever be sent regarding that group, but our MLDv1 implementation
could respond to a specific query for that group.
------------------------------------------
illumos: illumos-developer
Permalink: https://illumos.topicbox.com/groups/developer/T74ff5d23ef4771c3-Me50c84c2e42e7ad1a5b17609
Delivery options: https://illumos.topicbox.com/groups/developer/subscription
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-11-02 18:22 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-11-02 18:20 [developer] [REVIEW] 16620 MLD/IGMP can drop or misroute listener reports Bill Sommerfeld via illumos-developer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).