No I don't. I'll construct something but it may take a few days. I'll
contact you back.

Best Regards,
-peter


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

Hi Roy and tech-net,

Thank you for the patient wait. I have finally written something and was
able to reproduce the condition tonight. I'm going to paste the program
inline here and then talk a little below it. Just search for "---" to
skip the code to see the commentary...

------->
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/select.h>

#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <time.h>

#include <err.h>
#include <errno.h>

int bind_socketv6(int so, u_short port);
int bind_socketv4(int so, u_short port);

int
main(int argc, char *argv[])
{
struct sockaddr_in sin;
struct sockaddr_in6 sin6;
struct timeval tv;

int so, so6, dup, dup6, on = 1;
int max, len, sel;

u_short port = 65053;
fd_set rdset;
pid_t pid;
socklen_t slen;

char buf[512];


if (argc > 1)
port = atoi(argv[1]);


/* make the dup's */

dup = socket(AF_INET, SOCK_DGRAM, 0);
dup6 = socket(AF_INET6, SOCK_DGRAM, 0);

if (dup < 0 || dup6 < 0) {
err(1, "socket");
}

on = 1;
if (setsockopt(dup, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on)) < 0) {
err(1, "setsockopt");
}

on = 1;
if (setsockopt(dup6, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on)) < 0) {
err(1, "setsockopt6");
}

/* shutdown on the dup's */

if (shutdown(dup, SHUT_RD) < 0) {
err(1, "shutdown dup");
}

if (shutdown(dup6, SHUT_RD) < 0) {
err(1, "shutdown dup6");
}

/* bind the dup's too */

if (bind_socketv4(dup, port) < 0) {
err(1, "dup bind");
}

if (bind_socketv6(dup6, port) < 0) {
err(1, "dup bind6");
}

/* the main sockets */

so = socket(AF_INET, SOCK_DGRAM, 0);
so6 = socket(AF_INET6, SOCK_DGRAM, 0);

if (so < 0 || so6 < 0) {
err(1, "socket");
}

on = 1;
if (setsockopt(so, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on)) < 0) {
err(1, "setsockopt");
}

on = 1;
if (setsockopt(so6, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on)) < 0) {
err(1, "setsockopt6");
}

if (bind_socketv4(so, port) < 0) {
err(1, "bind");
}

if (bind_socketv6(so6, port) < 0) {
err(1, "bind6");
}

/* fork a child */

switch (pid = fork()) {
case -1:
err(1, "fork");
break;
case 0:
close(so); close(so6);
for (;;) {
/* here we can write to the dup's if we wish */
sleep(10);
memset(&buf, 'X', 16);
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(8888);
sin.sin_addr.s_addr = inet_addr("192.168.177.2");
sendto(dup, buf, 16, 0, (struct sockaddr*)&sin,
sizeof(struct sockaddr_in));
}
/* NOTREACHED */
break;
default:
close(dup); close(dup6);
max = so6;
break;
}

for (;;) {
FD_ZERO(&rdset);
FD_SET(so, &rdset);
FD_SET(so6, &rdset);

tv.tv_sec = 5;
tv.tv_usec = 0;

if ((sel = select(max + 1, &rdset, NULL, NULL, &tv)) < 0) {
fprintf(stderr, "select error: %s\n", strerror(errno));
continue;
}

if (sel == 0) {
continue;
}

if (FD_ISSET(so, &rdset)) {
slen = sizeof(struct sockaddr_in);
if ((len = recvfrom(so, buf, sizeof(buf), 0,
(struct sockaddr*)&sin, &slen)) < 0) {
warn("recvfrom");
}
printf("%lu so read %d bytes\n", time(NULL), len);

/* send something back */
if (sendto(so, buf, len, 0, (struct sockaddr*)&sin, slen) < 0)
warn("sendto");
continue;
} else if (FD_ISSET(so6, &rdset)) {
slen = sizeof(struct sockaddr_in6);
if ((len = recvfrom(so6, buf, sizeof(buf), 0,
(struct sockaddr*)&sin6, &slen)) < 0) {
warn("recvfrom");
}
printf("%lu so6 read %d bytes\n", time(NULL), len);
continue;
}

} /* for(); */
/* NOTREACHED */
}

int
bind_socketv4(int so, u_short port)
{
struct sockaddr_in sin;

memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(port);

return (bind(so, (struct sockaddr *)&sin, sizeof(sin)));
}

int
bind_socketv6(int so, u_short port)
{
struct sockaddr_in6 sin6;

memset(&sin6, 0, sizeof(sin6));
sin6.sin6_family = AF_INET6;
sin6.sin6_port = htons(port);
sin6.sin6_len = sizeof(struct sockaddr_in6);

return (bind(so, (struct sockaddr *)&sin6, sizeof(sin6)));
}
<-------

So as you can see the program binds to 65053, but I used ./test-program 8888
to have it bind on port 8888, but it doesn't really matter which port.

The dup descriptors go into the child and it sends every 10 seconds a packet
to 192.168.177.2 (my OpenBSD workstation, but it can be any address).

What I have found is that with netcat from any source I can get the select
loop in the parent to display UNIX timestamp and the "so" descriptor
read X bytes, UNTIL the child in the for(;;)/sleep(10) loop transmits.
Then it won't receive any more on the parent. And this is exactly what
I'm running into on my program delphinusdnsd.

I hope you can work with this, let me know if I must do anything to accomodate
some sort of fix. The behaviour I'm looking for is that one can write on
the shutdown SHUT_RD socket (dup) and read without it blocking on (so) parent
socket.

Best Regards,
-peter
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

Hi Erik,
The shutdown'ed descriptor is global I think. It is able to bind only because
of the SO_REUSEPORT setsockopt. Usually this is done to give forked childs
an opportunity to receive a packet after some algorithm (I'm guessing it's
a round-robin alg or similar). By shutdowning one of these I hope to tell
the kernel that I want this excluded from this algorithm. And let the other
global "tuple" receive that packet.
Yes. It wasn't a decision that was planned, I felt my way through the
OpenBSD network stack in this regard and it did what I had hoped.
Unfortunately Linux required a bpf filter and a different order of setting up
these sockets in my tests, because this wasn't possible out of the box there.
With FreeBSD I didn't have to shutdown the descriptor, it seemed to detect
what descriptor in the global tuple I was selecting on and directed the packet
in that direction, but this is just a conclusion I made after 3 or 4 hours
max. After adding some ifdef's FreeBSD seemed to not drop a packet.
It is unorthodox but made some sense in that I had hoped for an opportunity
to write from a "global tuple" from other processes than the one that receives.
Other choices I considered were writing to a raw socket but it would be a lot
of overhead and hard work when it comes to fragmentation. Lastly I found that
I can set up a shared memory to write the packet back to the process that
received it, it's entirely possibly to do so at overhead of writing the code.
This last choice is what I'll have to do if NetBSD can't help me.

And then why, you probably mean, am I spreading this functionality across
processes. It had to do with OpenBSD and their sandbox'ing mechanism called
pledge(2). The benefit of writing packets via imsg(3) and shared memory into
a process that is "stdio sendfd recvfd" pledged in order to parse a DNS
message is very attractive.

If someone managed to overflow a buffer, somehow they'd be trapped to a very
restricted sandbox. They can't open a file descriptor or open a network socket,
the kernel would kill the process if they tried. I use and develop this
daemon of mine on OpenBSD but I want to also make it available to other
OS's with the sandbox mechanism disabled. It's a trade-off for those people
that absolutely want to use delphinusdnsd but don't have OpenBSD available.

The other process that does the "working" of the forwarding is busy enough
that I would shy away from putting it into the UDP receiving process. I
write all my programs single-threaded and only fork alternatively mainly due
to not understanding threads all that much.

It comes down to "what to do with shutdown(2)" and it's as much political as
technical decision. I think the way OpenBSD allows this makes sense, and it
accomodated my train of planning on this. FreeBSD and Linux are less
accomodating and I had to mess with Linux's natural algorithm with a BPF
filter, and on FreeBSD I got lucky... (but was not able to shutdown at all,
it throws an error).
Best Regards,
-peter

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

Unless I have misunderstood (which is certainly possible), the question turns into: “is a shutdown(sock, SHUT_RD) local to that particular descriptor, or global to all descriptors which reference a particular host address+protocol+port number tuple?”

Which is to say, you want to declare on one descriptor that you’re never going to read from it again, but read from another descriptor at the same network address+protocol+port number tuple, i.e., that a shutdown(sock, SHUT_RD) should be local to a given specific descriptor, as opposed to global to all descriptors which reference a given IP address, protocol, port number tuple.

Why are you doing this dance of multiple descriptors? What behavior are you trying to achieve, or condition you’re trying to avoid, in your server code?

curious,

Erik Fair


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

Hi Roy,

OH! I hadn't considered a raw socket without the HDRINCL then it may indeed
be worth it. I'll tinker with this when I find some time and let you know
how it goes. It may take some days.

Thanks!

-peter

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

OK I've done the changes, and it works awesome! Thank you! I spent most of
the day fine-tuning the udp checksumming, it was developed on OpenBSD, and
then when I ported it to Linux it almost worked out of the box, except Linux
does a weird thing with the protocol set on a sin6.sin6_port. But I figured
it out. Next I tested NetBSD and it worked perfectly. Last I tested FreeBSD.
No regressions. This is awesome! I wasn't sure if you wanted your name on
credits so I credited the NetBSD organization in my CVS. I'm gonna see if I
can get someone to donate for NetBSD as well.

Best Regards,
-peter

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de