[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-tech
Subject:    attention please: host's IP stack behavior got changed slightly
From:       Alexandr Nedvedicky <alexandr.nedvedicky () oracle ! com>
Date:       2019-12-08 11:42:13
Message-ID: 20191208114212.GI6859 () tbd
[Download RAW message or body]

Hello,

commit from today [1] makes IP stack more paranoid. Up to now OpenBSD
implemented so called 'weak host model' [2]. The today's commit alters
that for hosts, which don't forward packets (don't act as routers).

Your laptops, desktops and servers now check packet destination address
with IP address bound to interface, where such packet is received on.
If there will be mismatch the packet will be discarded and 'wrongif'
counter will be bumped. You can use 'netstat -s|grep wrongif' to
display the counter value.

It is understood the behavior, which has been settled in IP stack since 80's,
got changed. tech@openbsd.org (or bugs@openbsd.org) wants to hear back from you,
if this change breaks your existing set up. There is a common believe this
change won't hurt majority (> 97%) users, though there is some non-zero risk,
hence this announcement is being sent.

thanks and
regards
sashan

[1] https://marc.info/?l=openbsd-cvs&m=157580332113635&w=2

[2] https://en.wikipedia.org/wiki/Host_model

[prev in list] [next in list] [prev in thread] [next in thread]