IP-over-DDP packets dropped
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Seth Forshee |
Bug Description
Ubuntu's kernel is compiled with CONFIG_IPDDP=m, which, because of an upstream bug, means that IP-over-DDP packets (DDP type 22) are silently dropped. This is true even if the generated "ipddp" module is not loaded; so if this module is compiled, there is no way to listen for these packets.
One solution would be to fix the module. Another (what CentOS appears to do?) would be to not compile the "ipddp" module at all -- remove CONFIG_IPDDP from the kernel's config.
Copying from the upstream bug for specific details:
https:/
"""
When a kernel is compiled with "ipddp" as a module, but the module is not loaded, DDP packets of type 22 (IP-over-DDP) are silently dropped.
Steps to reproduce:
1. Compile a kernel with 'ipddp' as a module. Do not load the module; make sure it is not loaded, just compiled.
2. Open up a DDP listening socket for packets of type 22, on any supported network interface. (Tested with Ethernet.)
3. Attempt to connect to and send data to this socket
Expected behavior:
- If module is loaded, packets will be unwrapped by the kernel and emitted as IP packets (so will not be received by the listening DDP socket)
- If module is not present, packets will be passed through to the listening DDP socket
Actual behavior:
- If module is not present but was compiled during the kernel build process, packets are silently discarded by the kernel
- If module is not present and was not compiled during the kernel build process, packets are passed through as expected
"""
affects: | linux-lts-wily (Ubuntu) → linux (Ubuntu) |
Changed in linux (Ubuntu): | |
assignee: | nobody → Seth Forshee (sforshee) |
importance: | Undecided → Medium |
status: | Incomplete → Confirmed |
CentOS does not build the "ipddp" module / does not set "CONFIG_IPDDP" in the kernel config, so appears to not be affected by this issue. I would be happy if Ubuntu resolved this issue by likewise no longer shipping this module.
For anyone not familiar, some background: DDP was Apple's proprietary networking protocol, used by Apple and early Macintosh computers prior to the widespread adoption of TCP and Ethernet.
"IP-over-DDP" (what this particular module is used for) encapsulates IP packets inside DDP packets. It's useful if your network supports DDP traffic but does not support IP traffic -- for example, Apple's LocalTalk serial-port-based networking standard. So you can browse the Web on a Mac that predates Ethernet. (Apple stopped supporting LocalTalk with the initial release of Mac OS X, and stopped shipping computers with LocalTalk- compatible serial ports at about the same time.)
The kernel's "Documentation/ networking/ ipddp.txt" says the following regarding setting up the "ipddp" module:
"""
Decapsulation - You will need to download a software package called MacGate.
(...)
Encapsulation - You will need to download a software daemon called ipddpd.
"""
(If the module isn't configured with one of these two programs, it doesn't do anything useful.) MacGate was last shipped in Debian Potato; the sources from that release appear to want a 2.0 kernel, and do not compile on my machine. I can't find sources for ipddpd online.
The functionality provided by the "ipddp" module is now also mostly provided by the userspace program "macipgw": /github. com/zero2sixd/ macipgw
https:/
This program builds and works correctly on a stock Ubuntu LTS 14.04 x86_64 machine with a modified Ubuntu 4.2 kernel that omits "CONFIG_IPDDP=m" from its kernel config. (Of course, it doesn't work with stock Ubuntu kernels because of this bug.)