[Dnsmasq-discuss] forwarding-loop mitigation.

Simon Kelley simon at thekelleys.org.uk
Wed Feb 17 21:09:31 GMT 2010


Jan 'RedBully' Seiffert wrote:
> Simon Kelley schrieb:
>> Alberto's query got me thinking: If dnsmasq were to read the value of 
>> the IP hop-count on incoming queries, and decrement it when forwarding, 
>> loops would be squashed in the same way as IP layer-three forwarding.
>>
>> Can anyone see a problem with this?
>>
> 
> If i'm not mistaken, IP hop-count is always "reset" since the packet reached its
> destination (it is received) even if you or the other end "forwards the query"(
> you do so on a higher protocol level, DNS).
> And DNS has no Hop Count AFAIKS.
> 
> But maybe i don't get it...
> This means you AND the remote and have to fudge with low level IP protocol stuff.
> If the other end of the loop does not do the same thing, you gained nothing?

You're right. This wouldn't fix Alberto's problem. Most of the instances
I've seen of this have involved multiple dnsmasq servers, and it would
work there.

Oh well.
> 
> Nearby: getting to that info (the HopCount on reception) is ... ugly. But since
> you already have to deal with IP_PKTINFO, IP_RECVHOPLIMIT is only an additional
> pain.
Exactly, my reading is the it's  IP_RECVTTL, inevitably, it's different
for IPv6.

> But this also means you also have to set the hop count on send.
That's easy, just a call to setsockopt.

Cheers,

Simon.



More information about the Dnsmasq-discuss mailing list