[Pkg-utopia-maintainers] Bug#686328: network-manager: creates static IPv6 routes for every cached route (=remote system)
Bernhard Schmidt
berni at birkenwald.de
Fri Aug 31 08:09:39 UTC 2012
Package: network-manager
Version: 0.9.4.0-5
Severity: important
Tags: patch upstream ipv6
Excuse me for filing this bug so late, I thought there was already one in Debian for this
issue. But it seems I was only following the upstream discussion.
The Linux kernel adds a route cache entry for every destination the system is trying to reach,
to track things like MTU and RTT. You can usually see them using "ip -6 route show cache".
When network-manager is in ipv6-mode != ignore, it listens to netlink for routing table changes
and wrongly adds a static route for every cached entry that appears.
This is reported to slow down systems with many peers (i.e. bittorrent) and has security
issues as well, since this would make traffic go ways you don't expect. For example, when you
fire up LAN, send a packet to some host and then build a VPN connection with a net including
that host, the traffic is still sent unencrypted. It also breaks Chromium in some cases
This bug has been reported upstream
https://bugzilla.gnome.org/show_bug.cgi?id=671767
and in Ubuntu
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1038541
Both have fixed it. Upstream has commited two patches last night that (apart from some fuzz)
apply to the Debian package. I'm just building a test and will attach the patch asap.
IME this would be an important fix for Wheezy.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (900, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages network-manager depends on:
ii adduser 3.113+nmu3
ii dbus 1.6.0-1
ii dpkg 1.16.8
ii isc-dhcp-client 4.2.2.dfsg.1-5
ii libc6 2.13-35
ii libdbus-1-3 1.6.0-1
ii libdbus-glib-1-2 0.100-1
ii libgcrypt11 1.5.0-3
ii libglib2.0-0 2.32.3-1
ii libgnutls26 2.12.20-1
ii libgudev-1.0-0 175-7
ii libnl-3-200 3.2.7-4
ii libnl-genl-3-200 3.2.7-4
ii libnl-route-3-200 3.2.7-4
ii libnm-glib4 0.9.4.0-5
ii libnm-util2 0.9.4.0-5
ii libpolkit-gobject-1-0 0.105-1
ii libuuid1 2.20.1-5.1
ii lsb-base 4.1+Debian7
ii udev 175-7
ii wpasupplicant 1.0-2
Versions of packages network-manager recommends:
ii crda 1.1.2-1
ii dnsmasq-base 2.62-3
ii iptables 1.4.14-3
ii modemmanager 0.5.2.0-1
ii policykit-1 0.105-1
ii ppp 2.4.5-5.1+b1
Versions of packages network-manager suggests:
ii avahi-autoipd 0.6.31-1
-- Configuration Files:
/etc/NetworkManager/NetworkManager.conf changed [not included]
/etc/init.d/network-manager changed [not included]
-- no debconf information
More information about the Pkg-utopia-maintainers
mailing list