Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Kernel crash in Linux 3.12 #90
Long story short:
We cannot use the kernel's
The RFCs say that these errors SHOULD be sent. "SHOULD" is defined as
It looks like we have a good reason to not do it. However, in order to minimize the damage, we should encourage users to not use Jool in kernel 3.12.
I need to clarify: After the commit I'm about to upload, Jool will no longer crash when it tries to send ICMPv6 errors in Linux 3.12; it will simply not send them. Using Jool in kernel 3.12 is not ideal, but it's also not the end of the world.
Long story long (copied from my mail to Philar):
(When you read the following text, keep in mind that "setting the packet's dst_entry" and "routing the packet" are the same thing.)
In kernel 3.12, they're dereferencing the packet's dst_entry without checking whether it's NULL first.
It can be seen fairly clearly when one compares the different versions of the
The way I see it, this is a bug in kernel 3.12 and not in Jool itself, and fixing it is either impossible or will require inordinate amounts of effort because of the following reasons:
This is very annoying, because NAT64 isn't compatible with IPSec in the first place, so the the XFRM code shouldn't be getting in Jool's way >:(.
Apparently, our least troublesome solution is to simply avoid the calls to
added a commit
Apr 16, 2014
referenced this issue
Apr 16, 2014
I forgot to mention:
This only affects ICMPv6 errors generated by Jool.
If a IPv4 node generates a ICMPv4 error and Jool translates it, the resulting ICMPv6 message is forwarded troublelessly.
Why? Translated errors aren't rate-limited, so they don't need to use