From nobody@FreeBSD.org  Thu Apr 24 07:02:43 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 399491065672
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 24 Apr 2008 07:02:43 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id DE8768FC21
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 24 Apr 2008 07:02:42 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m3O72GFl055681
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 24 Apr 2008 07:02:16 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m3O72GHL055680;
	Thu, 24 Apr 2008 07:02:16 GMT
	(envelope-from nobody)
Message-Id: <200804240702.m3O72GHL055680@www.freebsd.org>
Date: Thu, 24 Apr 2008 07:02:16 GMT
From: Mihail <msaf1980@rambler.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: ng_mppc_decompress - disabling node
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         123045
>Category:       kern
>Synopsis:       [ng_mppc] ng_mppc_decompress - disabling node
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-net
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 24 07:10:03 UTC 2008
>Closed-Date:    Thu Jan 05 13:33:37 UTC 2012
>Last-Modified:  Thu Jan 05 13:33:37 UTC 2012
>Originator:     Mihail
>Release:        6.3
>Organization:
>Environment:
FreeBSD 6.3-RELEASE-p2
>Description:
Problem with mpd with mppc encription:
sometimes ng interface was disabled by kernel with message:
ng_mppc_decompress: too many (4094) packets dropped, disabling node 0xHHHHHHHH!
Is exist a method to reconnect node without disabling ?
>How-To-Repeat:
Sometimes (once in several day)
>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: linimon 
State-Changed-When: Thu Apr 24 07:36:10 UTC 2008 
State-Changed-Why:  
To which port (or part of the base system) does this PR apply? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123045 

From: Ganbold <ganbold@micom.mng.net>
To: Mihail <msaf1980@rambler.ru>
Cc: bug-followup@FreeBSD.org, Alexander Motin <mav@mavhome.dp.ua>
Subject: Re: misc/123045: ng_mppc_decompress - disabling node
Date: Thu, 24 Apr 2008 16:02:36 +0800

 According to ng_mppc.c code in FreeBSD 7.0-STABLE(Tue Apr 22 12:01:33 
 ULAT 2008):
 ...
 /*
  * When packets are lost with MPPE, we may have to re-key arbitrarily
  * many times to 'catch up' to the new jumped-ahead sequence number.
  * Since this can be expensive, we pose a limit on how many re-keyings
  * we will do at one time to avoid a possible D.O.S. vulnerability.
  * This should instead be a configurable parameter.
  */
 #define MPPE_MAX_REKEY          1000
 ...
                         /* How many times are we going to have to re-key? */
                         rekey = ((d->cfg.bits & MPPE_STATELESS) != 0) ?
                             numLost : (numLost / (MPPE_UPDATE_MASK + 1));
                         if (rekey > MPPE_MAX_REKEY) {
                                 log(LOG_ERR, "%s: too many (%d) packets"
                                     " dropped, disabling node %p!",
                                     __func__, numLost, node);
                                 priv->recv.cfg.enable = 0;
                                 goto failed;
                         }
 ...
 failed:
                 m_freem(m);
                 return (EINVAL);
         }
 ...
 
 One thing you can try is to set MPPE_MAX_REKEY something higher and 
 compile ng_mppc and test.
 I'm not quite sure whether it is correct way of fixing such problem.
 
 hth,
 
 Ganbold
 
 -- 
 Therefore it is necessary to learn how not to be good, and to use this 
 knowledge and not use it, according to the necessity of the cause. -- 
 Machiavelli
Responsible-Changed-From-To: freebsd-bugs->gonzo 
Responsible-Changed-By: gonzo 
Responsible-Changed-When: Tue Jul 8 14:04:28 UTC 2008 
Responsible-Changed-Why:  
While I'm on it, take care of second bug with ng_mppc tag 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123045 

From: Oleksandr Tymoshenko <gonzo@freebsd.org>
To: Mihail <msaf1980@rambler.ru>
Cc: bug-followup@freebsd.org
Subject: Re: kern/123045: [ng_mppc] ng_mppc_decompress - disabling node
Date: Tue, 8 Jul 2008 17:04:57 +0300

 Hello, Mihail.
 
 Try following patch. It add new sysctl: net.graph.mppe_max_rekey.  It
 reflects maximum range between seq numbers when rekey is perfromed.
 Setting it to negative value would disable this check at all.
 
 Index: sys/netgraph/ng_mppc.c
 ==================================================================
 --- sys/netgraph/ng_mppc.c	(revision 180320)
 +++ sys/netgraph/ng_mppc.c	(local)
 @@ -54,6 +54,7 @@
  #include <sys/mbuf.h>
  #include <sys/malloc.h>
  #include <sys/errno.h>
 +#include <sys/sysctl.h>
  #include <sys/syslog.h>
  
  #include <netgraph/ng_message.h>
 @@ -97,15 +98,6 @@
  /* Key length */
  #define KEYLEN(b)		(((b) & MPPE_128) ? 16 : 8)
  
 -/*
 - * When packets are lost with MPPE, we may have to re-key arbitrarily
 - * many times to 'catch up' to the new jumped-ahead sequence number.
 - * Since this can be expensive, we pose a limit on how many re-keyings
 - * we will do at one time to avoid a possible D.O.S. vulnerability.
 - * This should instead be a configurable parameter.
 - */
 -#define MPPE_MAX_REKEY		1000
 -
  /* MPPC packet header bits */
  #define MPPC_FLAG_FLUSHED	0x8000		/* xmitter reset state */
  #define MPPC_FLAG_RESTART	0x4000		/* compress history restart */
 @@ -152,6 +144,16 @@
  static ng_rcvdata_t	ng_mppc_rcvdata;
  static ng_disconnect_t	ng_mppc_disconnect;
  
 +/*
 + * When packets are lost with MPPE, we may have to re-key arbitrarily
 + * many times to 'catch up' to the new jumped-ahead sequence number.
 + * Since this can be expensive, we pose a limit on how many re-keyings
 + * we will do at one time to avoid a possible D.O.S. vulnerability.
 + */
 +int mppe_max_rekey = 1000;
 +SYSCTL_INT(_net_graph, OID_AUTO, mppe_max_rekey, CTLFLAG_RW, &mppe_max_rekey,
 +    0, "Maximum range between seq numbers when rekey is perfromed");
 +
  /* Helper functions */
  static int	ng_mppc_compress(node_p node,
  			struct mbuf **datap);
 @@ -628,7 +630,7 @@
  			/* How many times are we going to have to re-key? */
  			rekey = ((d->cfg.bits & MPPE_STATELESS) != 0) ?
  			    numLost : (numLost / (MPPE_UPDATE_MASK + 1));
 -			if (rekey > MPPE_MAX_REKEY) {
 +			if ((mppe_max_rekey > 0) && (rekey > mppe_max_rekey)) {
  				log(LOG_ERR, "%s: too many (%d) packets"
  				    " dropped, disabling node %p!",
  				    __func__, numLost, node);
 -- 
 gonzo
Responsible-Changed-From-To: gonzo->freebsd-net 
Responsible-Changed-By: gonzo 
Responsible-Changed-When: Tue Nov 9 00:47:38 UTC 2010 
Responsible-Changed-Why:  
Over to maintainer(s) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123045 
State-Changed-From-To: feedback->closed 
State-Changed-By: glebius 
State-Changed-When: Thu Jan 5 13:33:16 UTC 2012 
State-Changed-Why:  
Email of submitter is no longer valid. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=123045 
>Unformatted:
