]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit - include/net/inetpeer.h
net: ipv4: use a dedicated counter for icmp_v4 redirect packets
authorLorenzo Bianconi <lorenzo.bianconi@redhat.com>
Wed, 6 Feb 2019 18:18:04 +0000 (19:18 +0100)
committerKleber Sacilotto de Souza <kleber.souza@canonical.com>
Wed, 14 Aug 2019 09:18:49 +0000 (11:18 +0200)
commit9ce92d570bee129f557514f9f3e8fa61fe6deec9
tree766de9c7c18a20a91f4042f310a6dec22458f7f1
parent977745d99d5740b85ef41bb1e422244872cba67b
net: ipv4: use a dedicated counter for icmp_v4 redirect packets

BugLink: https://bugs.launchpad.net/bugs/1837813
[ Upstream commit c09551c6ff7fe16a79a42133bcecba5fc2fc3291 ]

According to the algorithm described in the comment block at the
beginning of ip_rt_send_redirect, the host should try to send
'ip_rt_redirect_number' ICMP redirect packets with an exponential
backoff and then stop sending them at all assuming that the destination
ignores redirects.
If the device has previously sent some ICMP error packets that are
rate-limited (e.g TTL expired) and continues to receive traffic,
the redirect packets will never be transmitted. This happens since
peer->rate_tokens will be typically greater than 'ip_rt_redirect_number'
and so it will never be reset even if the redirect silence timeout
(ip_rt_redirect_silence) has elapsed without receiving any packet
requiring redirects.

Fix it by using a dedicated counter for the number of ICMP redirect
packets that has been sent by the host

I have not been able to identify a given commit that introduced the
issue since ip_rt_send_redirect implements the same rate-limiting
algorithm from commit 1da177e4c3f4 ("Linux-2.6.12-rc2")

Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
include/net/inetpeer.h
net/ipv4/inetpeer.c
net/ipv4/route.c