Re: Is ipx overbroadcast solved?

Petr Vandrovec Ing. VTEI (VANDROVE@vc.cvut.cz)
Fri, 8 Oct 1999 11:51:49 MET-1

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dan Hollis: "Re: devfs again, (was RE: USB device allocation)"
Previous message: Guest section DW: "Re: comments on compose keys"

> I had problems with 2.2.12 and IPX broadcast and couldn't find a
> msg pointing a final solution for it in lists archives. Maybe I missed
> something in the search engine. So, I'm asking here: is ipx overbroadcast
> solved? By which patch?
Hi,
I sent following patch to Alan for inclusion into 2.3 line and it is
present in 2.3.18ac9 and later. I do not know, whether it is in 2.2.13pre
series, as I do not track it anymore.
It fixes two problems, first part checks, whether frame is long
enough to contain IPX_TYPE_PPROP mandatory header, second check for
mangled ipx header (possible oops).
Second one should not cause overbroadcasting, first one could (if you send
such frame with length==sizeof(ipx_header), it will be sent back to all
attached networks eight times).
Anyway, you may want to disable this completely. If you bind all four
ethernet frames on 6 linux workstations, one frame will be duplicated
1300 times to the wire (if I remember my computation corectly, see posting
to linux-net from Sep 27). 1300 full-sized frames takes 2 secs in ideal
case on 10Mbps, but because of 6 machines are doing that, you'll get
tons of collisions.
If you do it with undersized frame without patch, it is 24**8 (+), 1.1E11.
With full-sized frame on 10Mbps, it takes 127 days (*) to do this... (if
you have unlimited resources on your machines (24**7 * 4 output buffers
allocated on each machine...) and if I calculated it correctly).
You can disable it by adding '&& 0' into 'if' below.
Best regards,
Petr Vandrovec
vandrove@vc.cvut.cz

(*) with 10000 bcast/sec rate
(+) you have six machines with four frames. First frame is duplicated
24 times (maybe 18 times) to wire. It is received by these 6 machines
and send by them to all four frames again - 24*24. These frames are
received... 8 times around, then ipx_tctrl is 8 and it stops.
If you have correctly sized frame, it is 1 + 6*3 + (6*3) * (6*2) +
+ (6 * 3) * (6 * 2) * (6 * 1).
With duplicates detections Netware does, it is 1 + 6*3.

P.S.: Conclusion: Do NOT enable more than ONE frame on each physical
interface. Do NOT use ever 'ipx_configure --auto_interface=on'
(some vendors do that!).

--- linux-2.3.18-ac8.dist/net/ipx/af_ipx.c Tue Sep 7 19:20:11 1999
+++ linux/net/ipx/af_ipx.c Mon Sep 27 11:04:45 1999
@@ -744,7 +744,9 @@

if(ipx->ipx_type == IPX_TYPE_PPROP
&& ipx->ipx_tctrl < 8
- && skb->pkt_type != PACKET_OTHERHOST)
+ && skb->pkt_type != PACKET_OTHERHOST
+ /* header + 8 network numbers */
+ && ntohs(ipx->ipx_pktsize) >= sizeof(struct ipxhdr) + 8 * 4)
{
int i;
ipx_interface *ifcs;
@@ -2043,6 +2045,10 @@

/* Too small? */
if(ntohs(ipx->ipx_pktsize) < sizeof(struct ipxhdr))
+ goto drop;
+
+ /* Invalid header */
+ if(ntohs(ipx->ipx_pktsize) > skb->len)
goto drop;

/* Not ours */

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Hollis: "Re: devfs again, (was RE: USB device allocation)"
Previous message: Guest section DW: "Re: comments on compose keys"