This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 500889 - Various IPv4/v6 SNMP counter fixes
Various IPv4/v6 SNMP counter fixes
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
4.8
All Linux
high Severity high
: rc
: ---
Assigned To: Thomas Graf
Hangbin Liu
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-05-14 14:14 EDT by Fabio Olive Leite
Modified: 2014-06-18 04:30 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-02-16 10:55:40 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to fix various IPv4/v6 SNMP counters (4.93 KB, patch)
2009-05-14 14:14 EDT, Fabio Olive Leite
no flags Details | Diff

  None (edit)
Description Fabio Olive Leite 2009-05-14 14:14:19 EDT
Created attachment 344025 [details]
Patch to fix various IPv4/v6 SNMP counters

Description of problem:

There are various places in the RHEL-4 kernel where IP SNMP counters are not incremented correctly. This bugzilla contains a verified patch that brings IP SNMP counter operations up to speed with RHEL-5/upstream.

Version-Release number of selected component (if applicable):

kernel-2.6.9-88.EL

How reproducible:

Always.

Steps to Reproduce:

Here's a batch of specific problems and ways to verify them:

1. InHdrErrors

Before forwarding packet, the router will check the TTL,
if the TTL equal or less than 1, this packet will be discarded,
but the counter InHdrErrors is not increased.

The topology as follow for example:

                        |192.168.1.20
                        |[eth0:2]
    --------         --------         
    |tester|         |Router|(RHEL4.8ss5)
    --------         --------        
       |[eth0]          |[eth0:1]
       |192.168.0.10    |192.168.0.20
 ------|----------------|------------------192.168.0.0/24
  
 
Steps to Reproduce:
Step1
   Config tester
      #ifconfig eth0 192.168.0.10 netmask 255.255.255.0
      #ip route add 192.168.1.0/24 via 192.168.0.20 dev eth0
Step2
   Config Router
      #ifconfig eth0:1 192.168.0.20 netmask 255.255.255.0
      #ifconfig eth0:2 192.168.1.20 netmask 255.255.255.0
      #echo "1" > /proc/sys/net/ipv4/ip_forward
Step3
   Router: record the value of InHdrErrors
      #cat /proc/net/snmp | grep ^Ip | awk {'print $5'}
Step4
   tester: Send 5 icmp packets with ttl=1 to 192.168.1.25
      #ping 192.168.1.25 -c 5 -t 1
Step5
   Router: check the value of InHdrErrors
      #cat /proc/net/snmp | grep ^Ip | awk {'print $5'}


2. OutNoRoutes

When sending a packet, if there are no route to forward this packet,
the packet will be discarded, but the counter of OutNoRoutes is not increased.

Steps to Reproduce:
Step1
   Delete the default route
      #ip route del default
Step2
   Read the proc file of /proc/net/snmp, and record the value of OutNoRoutes
      #cat /proc/net/snmp | grep ^Ip | awk {'print $13'}
Step3
   Send a icmp packet to unreachable host
      #ping -c 1 192.168.245.245
Step4
   Read the proc file of /proc/net/snmp, and record the value of OutNoRoutes
      #cat /proc/net/snmp | grep ^Ip | awk {'print $13'}


3. FragFails

When sending a packet, if the packet size is bigger than the NIC's MTU
and the IP header's DF is set to 1, the packet will be discarded.
but the counter of FragFails is not increased.

Steps to Reproduce:
Step1
   Read the proc file of /proc/net/snmp, and record the value of FragFails
   #cat /proc/net/snmp | grep ^Ip |awk {'print $19'}
    
Step2
   Send 5 icmp packets, with packet size bigger than NIC's MTU, and IP
   header's DF=1

   #ping -c 5 -s 2000 -M do $IPADDR
   [note] $IPADDR must specify address that can be reached.

Step3
   check the value of FragFails
   #cat /proc/net/snmp | grep ^Ip |awk {'print $19'}


4. FragCreates and Ip6FragCreates

When host sending  bigger packet than NIC's MTU, kernel fragments the big
packet, but counters of FragCreates and Ip6FragCreates are not increased.

Steps to Reproduce:

In case of IPv4:

Step1
   read the proc file of /proc/net/snmp, and record the value of FragCreates
   #cat /proc/net/snmp | grep ^Ip |awk {'print $20'}

Step2
   Send a packet to host, with packet size bigger than NIC's MTU.
   #ping -c 1 -s 2000 $IPADDR

   (note) $IPADDR must specify address that can reach.

Step3
   read the proc file of /proc/net/snmp, and check the value of FragCreates
   #cat /proc/net/snmp | grep ^Ip |awk {'print $20'}


In case of IPv6:

Step1
   read the proc file of /proc/net/snmp6, and record the value of Ip6FragCreates
   #cat /proc/net/snmp6 | grep Ip6FragCreates

Step2
   Send a packet to host, with packet size bigger than NIC's MTU.
   #ping6 -c 1 -s 2000 $IP6ADDR

   (note) $IP6ADDR must specify addresses that can reach.

Step3
   read the proc file of /proc/net/snmp6, and check the value of Ip6FragCreates
   #cat /proc/net/snmp6 | grep Ip6FragCreates


5. Ip6InNoRoutes and Ip6InAddrErrors

When sending packet with unknown dst address to router, the router will
discard this packet, but the counter of Ip6InNoRoutes is not increased.

When sending packet with bad dst address to router, the router will discard
this packet, but the counter of Ip6InAddrErrors is not increased.

Steps to Reproduce:

The topology as follow for example:

    --------                      -------         
    |tester|                      |router|(RHEL4.8ss5)
    --------                      -------        
       |[eth0]                       |[eth0]              
       |                             |fe80::2xx:xxff:fexx:xxxx/64
 ------|-----------------------------|--------

Step1
   Config the rounting table of the tester
   #ip -6 route add  2020::/64 via fe80::2xx:e9xx:fexx:xxxx dev eth0
   #ip -6 route add 1::1 via fe80::2xx:xxff:fexx:xxxx dev eth0

   (note) fe80::2xx:xxff:fexx:xxxx is the link-local address of the eth0 of the router.

Step2
   router: record the value of Ip6InNoRoutes and Ip6InAddrErrors
   #cat /proc/net/snmp6 | grep Ip6InNoRoutes
   #cat /proc/net/snmp6 | grep Ip6InAddrErrors

Step3
   tester: send 5 icmp packets to unknown dst addr of 2020::20d:88ff:feaa:aaff,
           and send 5 icmp packets to bad addr of 1::1
   #ping6 -I eth0 -c 5 2020::20d:88ff:feaa:aaff
   #ping6 -I eth0 -c 5 1::1

Step4
   router: check the value of Ip6InNoRoutes and Ip6InAddrErrors
   #cat /proc/net/snmp6 | grep Ip6InNoRoutes
   #cat /proc/net/snmp6 | grep Ip6InAddrErrors

  
Actual results:

Counters in /proc/net/snmp{,6} are not incremented correctly.

Expected results:

Counters in /proc/net/snmp{,6} are incremented correctly.

Additional info:

Patch was verified by partner Fujitsu. Applies cleanly to 2.6.9-89.EL sources.
Comment 1 Thomas Graf 2009-05-18 09:47:49 EDT
Patch looks good.
Comment 5 Issue Tracker 2010-06-29 04:23:22 EDT
Event posted on 06-29-2010 05:23pm JST by moshiro@redhat.com

Hi,

Any updates?


This event sent from IssueTracker by moshiro@redhat.com 
 issue 291333
Comment 10 Vivek Goyal 2010-10-13 12:12:02 EDT
Committed in 89.42.EL . RPMS are available at http://people.redhat.com/vgoyal/rhel4/
Comment 15 errata-xmlrpc 2011-02-16 10:55:40 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0263.html

Note You need to log in before you can comment on or make changes to this bug.