Re: [nox-dev] Handling corrupted TCP header

Thu, 13 Jan 2011 11:03:53 -0800 

We don't know who sent it, but it came from outside our network. If it
is easy to take down a network by just sending 1 invalid packet, I'd
be worried!

On Thu, Jan 13, 2011 at 10:59 AM, kk yap <yap...@stanford.edu> wrote:
> Hi Srini,
>
> What is this packet?  The length of TCP is zero?!?!  I wish to
> understand the circumstance for which we are getting the packet before
> commenting on the right way to handle this.
>
> Regards
> KK
>
>
> On 13 January 2011 10:38, Srini Seetharaman <seeth...@stanford.edu> wrote:
>> When someone sends the attached packet to a switch, it generates an
>> infinite loop of packet_ins in our production network. This is because
>> this incoming tcp packet has nw_proto=6 and tcp port numbers of "0",
>> but outgoing flow_mod has nw_proto of "0" and tcp port numbers of "0".
>> So, the packet_out generates a new packet_in and this loop continues
>> forever.
>>
>> I see the following code in src/lib/flow.cc (both in NOX-Zaku and
>> SNAC). I believe this is what is causing the nw_proto to be "0" in the
>> flow_mod. I'm not sure who wrote that piece of  code. This is not
>> handling corrupted packets well and rejecting this packet as a invalid
>> TCP packet. Does anyone see problems with removing the "else" clause?
>>
>>    if (nw_proto == ip_::proto::TCP) {
>>        const tcp_header *tcp = pull_tcp(b);
>>        if (tcp) {
>>            tp_src = tcp->tcp_src;
>>            tp_dst = tcp->tcp_dst;
>>        } else {
>>            /* Avoid tricking other code into thinking that
>>             * this packet has an L4 header. */
>>            nw_proto = 0;
>>        }
>>    }
>>
>> FYI, pull_tcp is defined as below:
>>    static const tcp_header * pull_tcp(Buffer& b)
>>    {
>>        if (const tcp_header *tcp = b.try_at<tcp_header>(0)) {
>>            int tcp_len = TCP_OFFSET(tcp->tcp_ctl) * 4;
>>            if (tcp_len >= sizeof *tcp) {
>>                return reinterpret_cast<const 
>> tcp_header*>(b.try_pull(tcp_len));
>>            }
>>        }
>>        return 0;
>>    }
>>
>> _______________________________________________
>> nox-dev mailing list
>> nox-dev@noxrepo.org
>> http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
>>
>>
>

_______________________________________________
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org

Reply via email to