Re: Intermittent NAT failure when multiple hosts send UDP packets

I'm sorry to say that this bug has shown up again on
2.6.13 too, so it's not fixed at all.

It's quite hard to trigger, but after it does, packets
are consistently routed with the source IP untranslated.


Bernardo Innocenti wrote:

> Never mind, it was fixed in 2.6.13, probably by this patch:
> 
>   https://lists.netfilter.org/pipermail/netfilter-devel/2004-March/014412.html
> 
> 
> Bernardo Innocenti wrote:
> 
>>This smells like a bug in UDP ip_nat_proto_udp.c or nearby.
>>I'm seeing this on 2.6.12-1.1447_FC4, but code in 2.6.13 is
>>still the same.
>>
>>I've setup SNAT the usual way:
>>
>> iptables -A POSTROUTING -t nat -o ppp0 -j SNAT --to-source 151.38.19.110
>>
>>When multiple clients in the LAN send UDP packets to the same port of
>>the same remote host, I see something like this in my /proc/net/ip_conntrack:
>>
>> udp      17 170 src=10.3.3.2 dst=194.185.88.60 sport=5060 dport=5060 src=194.185.88.60 dst=151.38.19.110 sport=5060 dport=5060 [ASSURED] use=1
>> udp      17 29 src=10.3.3.2 dst=212.97.59.76 sport=5060 dport=5060 [UNREPLIED] src=212.97.59.76 dst=151.38.19.110 sport=5060 dport=5060 use=1
>> udp      17 177 src=10.3.3.250 dst=194.185.88.60 sport=5060 dport=5060 src=194.185.88.60 dst=151.38.19.110 sport=5060 dport=1024 [ASSURED] use=1
>>
>>In the last line, the destination port has been properly remapped from
>>5060 to 1024 to distingish between incoming packets.
>>
>>However, I see packets going out over ppp0 without the source
>>address properly rewritten to 151.38.19.110:
>>
>> 04:38:28.739514 IP 10.3.3.2.5060 > 194.185.88.60.5060: UDP, length 536
>>
>>This doesn't happen when there's just a single host sending to port 5060.
>>Sometimes I must restart the interface to trigger this bug.
> 
> 

-- 
  // Bernardo Innocenti - Develer S.r.l., R&D dept.
\X/  http://www.develer.com/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: Intermittent NAT failure when multiple hosts send UDP packets
    • From: Patrick McHardy <[email protected]>

• References:
  • Intermittent NAT failure when multiple hosts send UDP packets
    • From: Bernardo Innocenti <[email protected]>
  • Re: Intermittent NAT failure when multiple hosts send UDP packets
    • From: Bernardo Innocenti <[email protected]>

• Prev by Date: Re: 2.6.13.1 Slab corruption during boot
• Next by Date: Re: [patch] stop inotify from sending random DELETE_SELF event under load
• Previous by thread: Re: Intermittent NAT failure when multiple hosts send UDP packets
• Next by thread: Re: Intermittent NAT failure when multiple hosts send UDP packets
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]