Page MenuHomeFreeBSD

SO_REUSEPORT_LB critical bug fix: avoid IPv4 listen group in IPv6
ClosedPublic

Authored by gallatin on Aug 25 2018, 2:43 PM.

Details

Summary

In in6_pcblookup_lbgroup(), we must reject non-IPv6 groups in the same way that in_pcblookup_lbgroup() rejects non-IPv4 groups. This patch implements this check, mirroring the style of the check in in_pcblookup_lbgroup(). Without this patch, outbound IPv6 traffic may be dropped, due to having an ipv6 hopcount of 0.

At Netflix we enabled SO_REUSEPORT_LB and initial testing on IPv4 went fine. However, we later noticed that IPv6 connections sometimes were sometimes being established and then not making progress. We discovered that TCP traffic, after the connection was established, was being sent with an IPv6 hop limit of 0. It turns out that in6_pcblookup_lbgroup() was matching on IPv4 listen groups, causing IPv6 connections to wind up on an IPv4 listen socket. This almost works, but due to the lack of V6 flags on the socket, inp->in6p_hops is never initialized, and remains at 0. This causes us to send IPv6 packets with a 0 hopcount, which causes the traffic to be dropped. Many thanks to @rrs for the marathon debug session that led to this patch.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.