(KAME-snap 8794) Re: Weird memory exhaustion with FreeBSD 4.10-STABLE

Pekka Savola pekkas at netcore.fi
Sun Sep 26 21:57:19 PDT 2004 

On Mon, 27 Sep 2004, JINMEI Tatuya / [ISO-2022-JP] $B?@L at C#:H(B wrote:
> I can think of several possibilities that may cause the entries:
> 
> - when this node sends ICMPv6 error messages to those addresses, it
>   can create route entries.  I suspect this is the main reason since
>   in this case the destination of route entries would contain other
>   types of addresses than 6to4.  You can (implicitly) check if this
>   happened by looking at the result of 'netstat -s -p icmp6'

This is likely the case.  Due to Microsoft's implementation of '6to4 
relay probing', each host tries to send an IPv6 packet of Hop Count=1, 
which results in an ICMP unreachable back from the relays.  See below.

# netstat -s -p icmp6
icmp6:
        2633683 calls to icmp_error
        4 errors not generated because old message was icmp error or so
        0 errors not generated because rate limitation
        Output histogram:
                unreach: 2465
                packet too big: 416
                time exceed: 2630798
                echo reply: 824
                multicast listener report: 6053
                neighbor solicitation: 7587
                neighbor advertisement: 4587
        0 messages with bad code fields
        0 messages < minimum length
        0 bad checksums
        0 messages with bad length
        Input histogram:
                unreach: 6
                echo: 824
                multicast listener query: 2014
                neighbor solicitation: 4587
                neighbor advertisement: 7575
        Histogram of error messages to be generated:
                0 no route
                0 administratively prohibited
                0 beyond scope
                4 address unreachable
                2461 port unreachable
                416 packet too big
                2630802 time exceed transit
                0 time exceed reassembly
                0 erroneous header field
                0 unrecognized next header
                0 unrecognized option
                3308 redirect
                0 unknown
        824 message responses generated
        0 messages with too many ND options
        0 messages with bad ND options
        0 bad neighbor solicitation messages
        0 bad neighbor advertisement messages
        0 bad router solicitation messages
        0 bad router advertisement messages
        0 bad redirect messages
        0 path MTU changes

I'd estimate the router sends out about 1 million such ICMP time
exceeded messages per day.

> - if this node can be the originator (i.e., not a forwarder as a
>   router) to those destinations, it can create host routes for the
>   destinations.

Yes, above.

> - if you use some network-level hooks (e.g., packet filters) that rely
>   on routing table lookups, the node may have the host routes.

I don't have these.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

More information about the freebsd-net mailing list