Subject: kern/3508 bug: cached ip route and interface up/down.
To: None <gnats-bugs@netbsd.org, tech-net@netbsd.org, tech-kern@netbsd.org>
From: Tad Hunt <tad@entrisphere.com>
List: tech-net
Date: 11/12/2002 13:27:23
Aside:
 In the future, should I direct problems having to do with the
 networking portion of the kernel to tech-net or tech-kern?  Or is
 it appropriate to send such things to both?

Background:
 I'm using a NetBSD box as a router.  It happens to be running
 NetBSD 1.5, but after looking through the networking code, I
 believe that this is still a problem in NetBSD-current.

Problem:
 The ip stack, when forwarding a packet, in ip_forward(), makes use
 of a cached route from a global variable called "ipforward_rt".
 When the interface that route directs outbound packets toward goes
 down the cached route is not cleared, so the packets don't get
 re-routed.  When the interface comes back up, the packets still
 don't get delivered to it.

 Hmm. I just looked in the PR database.  This appears to be
 a longstanding problem.  der Mouse reported PR3508, which is
 the same problem, way back in 1997.  As he said then, I believe
 this is still a problem in NetBSD-current.

To Fix:
 I put in a call in if_down() and if_up() to free the cached route.
 The next time a packet is received, the route will be reallocated
 and everything will be happy.  This is just a hack to see if I'm
 on the right track.  However, PR3508 points out more ways that
 the cached route can be wrong.  I'm inclined to follow der Mouse's
 lead and get rid of the cached route entirely.

To Reproduce:

	Client1 <----> NetBSD Router <----> Client2
                    ifc0           ifc1

 1) Setup a NetBSD router with at least two interfaces (ifc0, ifc1)
    as above.

 2) Configure a default route on ifc0, and a route to Client2
    on ifc1.

 3) In the absence of any other traffic to be forwarded, ping
    Client2 from Client1. (The cached route is cleared whenever a
    packet for a different destination arrives)

 4) ifconfig ifc1 down

 5) notice the ping stops receiving the echo reply.

 6) ifconfig ifc1 up

 7) notice the ping still doesn't receive the echo reply.

 8) without stopping the first ping, ping another address which
    the router will also forward (doesn't have to respond)

 9) notice the first ping starts working again