Opened 3 years ago

Closed 3 years ago

#5003 closed defect (fixed)

Use IP_RECVDSTADDR on BSD systems family to determine the local IP address

Reported by: marcin Owned by: marcin
Priority: medium Milestone: Kea1.1-final
Component: libdhcp Version: git
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DHCP Feature Depending on Ticket:
Estimated Difficulty: 8 Add Hours to Ticket: 10
Total Hours: 10 Internal?: no

Description

The pkt_filter_inet.cc uses IP_PKTINFO on the Linux boxes to obtain information about the local IP address on which the packet has been received. BSDs do not support this option. Instead they use IP_RECVDSTADDR. Without this option being set on the socket Kea is not able to determine the local IP address which has certain consequences. One of them is that the server identifier can't be determined.

I have a working proof of concept for this work.

Subtickets

Change History (8)

comment:1 Changed 3 years ago by marcin

  • Milestone changed from Kea-proposed to Kea1.1-final

Per Kea meeting on Sep 1st moving to 1.1 final.

comment:2 Changed 3 years ago by marcin

  • Owner set to marcin
  • Status changed from new to accepted

comment:3 Changed 3 years ago by marcin

  • Add Hours to Ticket changed from 0 to 10
  • Owner changed from marcin to UnAssigned
  • Status changed from accepted to reviewing
  • Total Hours changed from 8 to 10

The code now uses IP_RECVDSTADDR option to retrieve destination address of a packet on BSD systems. When I was running the DISABLED (requiring root access) tests on OS X, it turned out that the PktFilterBPF::send test failed because OS X does not require pseudo header in packets sent over the local loopback interface. Therefore I also updated the PktFilterBPF code slightly.

Proposed ChangeLog entry:

11XX.	[bug]		marcin
	Corrected an issue whereby DHCPv4 server did not correctly set a
	server identifier in response message sent to a client on BSD
	systems.
	(Trac #5003, git abcd)

comment:4 follow-up: Changed 3 years ago by sar

I've fixed up some typos (mostly that where there before your changes)
please do a pull and verify them, especially the one changing the message
in a throw from "UDP6" to "UDP4" in put_filter_inet.cc

Do we have a test to check the server id that we send out?

src/lib/dhcp/pkt_filter_bpf.cc

Does OSX include the 4 byte pseudo header on received packets?

comment:5 Changed 3 years ago by sar

  • Owner changed from UnAssigned to marcin

comment:6 in reply to: ↑ 4 ; follow-up: Changed 3 years ago by marcin

  • Owner changed from marcin to sar

Replying to sar:

I've fixed up some typos (mostly that where there before your changes)
please do a pull and verify them, especially the one changing the message
in a throw from "UDP6" to "UDP4" in put_filter_inet.cc

Thanks. Those changes look good.

Do we have a test to check the server id that we send out?

Yes we do: src/bin/dhcp4/tests/dora_unittest.cc, test selectingDoNotRequestAddress.

src/lib/dhcp/pkt_filter_bpf.cc

Does OSX include the 4 byte pseudo header on received packets?

Yes it does. It was a bit of surprise to me that it only works on OS X if we don't include pseudo header in sent packets, but it seems that OS determines the link layer type on its own.

comment:7 in reply to: ↑ 6 Changed 3 years ago by sar

  • Owner changed from sar to marcin

Replying to marcin:

Replying to sar:

I've fixed up some typos (mostly that where there before your changes)
please do a pull and verify them, especially the one changing the message
in a throw from "UDP6" to "UDP4" in put_filter_inet.cc

Thanks. Those changes look good.

Do we have a test to check the server id that we send out?

Yes we do: src/bin/dhcp4/tests/dora_unittest.cc, test selectingDoNotRequestAddress.

src/lib/dhcp/pkt_filter_bpf.cc

Does OSX include the 4 byte pseudo header on received packets?

Yes it does. It was a bit of surprise to me that it only works on OS X if we don't include pseudo header in sent packets, but it seems that OS determines the link layer type on its own.

I think adding a comment in the receive routine for pkt_filter_bpf.cc stating that OS X does include the pseudo header on received packets would probably avoid some confusion in the future. It looks odd that we include it for receive but not for send.

Other than that it looks fine. I don't need to see the code after you add the comment.

comment:8 Changed 3 years ago by marcin

  • Resolution set to fixed
  • Status changed from reviewing to closed

I have verified that this fix works on FreeBSD 10.1, NetBSD 6 and OpenBSD 6. Merging. Closing.

Note: See TracTickets for help on using tickets.