Question on rtredirect code

Tue May 1 00:46:31 UTC 2012

Hi,

The rtredirect code has the following code lines:

*/* verify the gateway is directly reachable */*
  521 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L521>
      if ((ifa = ifa_ifwithnet
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=ifa_ifwithnet>(gateway
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=gateway>,
0)) == NULL <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=NULL>)
{
  522 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L522>
              error
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=error> =
ENETUNREACH <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=ENETUNREACH>;
  523 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L523>
              goto out
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=out>;
  524 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L524>         }

Later on we check for the validity of the redirect message. One of the
criteria is the comparison of rt_ifa with ifa:

  */**
  527 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L527> *
        * If the redirect isn't from our current router for this dst,*
  528 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L528> *
        * it's either old or wrong.  If it redirects us to ourselves,*
  529 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L529> *
        * we have a routing loop, perhaps as a result of an interface*
  530 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L530> *
        * going down recently.*
  531 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L531> *
        */*
  532 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L532>
      if (!(flags
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=flags> &
RTF_DONE <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=RTF_DONE>)
&& rt <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=rt> &&
  533 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L533>
           (!sa_equal
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=sa_equal>(src
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=src>, rt
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=rt>->rt_gateway)
|| rt <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=rt>->rt_ifa
!= ifa))
  534 <http://fxr.watson.org/fxr/source/net/route.c?v=FREEBSD9#L534>
              error
<http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=error> =
EINVAL <http://fxr.watson.org/fxr/ident?v=FREEBSD9;im=excerpts;i=EINVAL>;

TCP IP illustrated vol 2 comments on the code:

"The interface for the new gateway (the fia returned by ifa_ifwithnet)
must equal the curent interface for destination (rt_ifa), that is new
gateway must be on the same network as the current gateway."

One thing to note here is that we are comparing ifa to compare for
interface (ifp). It could be that the code was not revisited in later
BSD releases but it seems to suggest that when the code was written
hosting multiple ifa in same ifp or different ifp was not thought
of/supported. Does the above code still stand good? To me it seems
that it needs to be corrected. Comments are welcome.

Best,

Prabhakar