netbsd-bugs: Re: kern/22792 A gif IPv6-over-IPv4 tunnel diverts packets to other interfaces

Subject: Re: kern/22792 A gif IPv6-over-IPv4 tunnel diverts packets to other interfaces
To: None <gnats-bugs@gnats.netbsd.org>
From: Michael van Elst <mlelstv@serpens.de>
List: netbsd-bugs
Date: 09/15/2003 11:50:24

I have analyzed the problem.

What happens is that gif caches a route to the tunnel destination
when a packet is sent in netinet/in_gif.c:in_gif_output() line 200ff.

When the underlying interface (tun0) is down, then gif will cache a less
specific route, in my case this is the default route.

When the underlying interface comes up, a more specific route
is created but not used by gif. The cached route is dropped only
when the gif interface is recreated (as described in the PR) or
the tunnel destination address is changed.

I don't know any method to make gif aware of an added more specific
route. So there are three possible solutions:

- ignore the problem. The kernel is dumb and some userland process
  must trigger the cache flush.
- drop the caching code, packets sent through gif must be routed
  twice and tunnel performance will be reduced.
- add a TTL to the cached route so that sooner or later a correct
  route will be picked up, the performance penalty will be small.

Suggestions ?

-- 
                                Michael van Elst
Internet: mlelstv@serpens.de
                                "A potential Snark may lurk in every tree."