[PATCH 3.16.y-ckt 080/170] ipv4: Do not cache routing failures due to disabled forwarding.

Luis Henriques luis.henriques at canonical.com
Tue Nov 11 11:07:19 UTC 2014


3.16.7-ckt1 -stable review patch.  If anyone has any objections, please let me know.

------------------

From: Nicolas Cavallari <nicolas.cavallari at green-communications.fr>

commit fa19c2b050ab5254326f5fc07096dd3c6a8d5d58 upstream.

If we cache them, the kernel will reuse them, independently of
whether forwarding is enabled or not.  Which means that if forwarding is
disabled on the input interface where the first routing request comes
from, then that unreachable result will be cached and reused for
other interfaces, even if forwarding is enabled on them.  The opposite
is also true.

This can be verified with two interfaces A and B and an output interface
C, where B has forwarding enabled, but not A and trying
ip route get $dst iif A from $src && ip route get $dst iif B from $src

Signed-off-by: Nicolas Cavallari <nicolas.cavallari at green-communications.fr>
Reviewed-by: Julian Anastasov <ja at ssi.bg>
Signed-off-by: David S. Miller <davem at davemloft.net>
[ luis: backported to 3.16: adjusted context ]
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 net/ipv4/route.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 4b340c30a037..ca0d8cca21dc 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1798,6 +1798,7 @@ local_input:
 no_route:
 	RT_CACHE_STAT_INC(in_no_route);
 	res.type = RTN_UNREACHABLE;
+	res.fi = NULL;
 	if (err == -ESRCH)
 		err = -ENETUNREACH;
 	goto local_input;
-- 
2.1.0





More information about the kernel-team mailing list