kern/57344: KMEM exhaustion from cloned routes
Shaun D. Jurrens
shamz at nevada.skoleetaten.oslo.no
Mon Sep 29 02:50:22 PDT 2003
>Number: 57344
>Category: kern
>Synopsis: KMEM exhaustion from cloned routes
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Sep 29 02:50:20 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Shaun D. Jurrens
>Release: FreeBSD 4.8-RELEASE-p9 i386
>Organization:
>Environment:
System: FreeBSD centurion 4.8-RELEASE-p9 FreeBSD 4.8-RELEASE-p9 #1: Fri Sep i386
>Description:
Use of static routes on routing firewall causes cloned routes to be created to next hop router. These routes do not time-out nor is kernel memory freed, eventually resulting in kernel memory exhaustion and routing failures.
This problem has existed for some time. See also:
http://www.freebsd.org/cgi/getmsg.cgi?fetch=38493+45748+/usr/local/www/db/text/2003/freebsd-net/20030518.freebsd-net
>How-To-Repeat:
set up a box with sufficient hosts to cause routing table to be filled with cloned routes. Deleting cloned routes does not free memory. This is a potential source for DoS attacks.
>Fix:
unknown.
net.inet.ip.rtexpire: 2
net.inet.ip.rtminexpire: 2
seem to have no effect.
suggest closer examination of the contents of /usr/src/sys/net/route.c and friends...
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list