Source routed packets

A. Racine aracine at u.washington.edu
Tue Feb 29 13:39:25 PST 2000 

In a world with asymmetrical routing, yes, there are uses for
source-routed packets.  They can be useful for troubleshooting network
problems, for example.  A "normal" traceroute may be misleading at times.  
For example, let's say a traceroute looks like this:

$ traceroute -n 140.142.15.163
traceroute to 140.142.15.163 from 10.0.0.1, 30 hops max, 40 byte packets
1  10.0.0.2  1 ms  1 ms  1 ms
2  192.168.0.1  4 ms  4 ms  4 ms
3  140.142.15.100  1024 ms  1024 ms  1024 ms
4  140.142.15.163  1026 ms  1026 ms  1026 ms

One might look at this and believe there is a congestion (or some
other) problem on the link between 192.168.0.1 and 140.142.15.100.
However, a source-routed traceroute could reveal:

$ traceroute -n -g 140.142.15.163 10.0.0.1
traceroute to 140.142.15.163 from 10.0.0.1, 30 hops max, 40 byte packets
1  10.0.0.2  1 ms  1 ms  1 ms
2  192.168.0.1  4 ms  4 ms  4 ms
3  140.142.15.100  8 ms  8 ms  8 ms
4  140.142.15.163  10 ms  10 ms  10 ms
5  140.142.15.100  12 ms  12 ms  12 ms
6  192.168.1.1  14 ms  14 ms  14 ms
7  10.0.1.1  1020 ms  1020 ms  1020 ms
8  10.0.0.2  1 ms  1 ms  1 ms
9  10.0.0.1  1 ms  1 ms  1 ms

This shows that the route from 10.0.0.1 to 140.142.15.163 is different
than the route from 140.142.15.163 to 10.0.0.1.  This could be due to
local routing prefs that may be present inside each organizations'
boundaries.  The problem now appears to lie between 192.168.1.1 and
10.0.1.1.

A better question to ask may be, "do the benefits outway the dangers?"   

Since source-routing can place local addresses into the source field of an
IP packet, you need to understand that the level of trust that you give
local machines may inadvertantly be given to an intruder.  OTOH, depending
on your network topology, it may not make a difference whether source
routing is enabled or not.

I'd say if you've never used source-routing, go ahead and disable it.  
You can always enable it, perform some troubleshooting, and then disable
it again.


Aaron

"How can we know one another when we are so many?" -Robert Dahl


On Mon, 28 Feb 2000 Honsinger at einstein.wsd.wednet.edu wrote:

# Are there any side affects to configuring a router to not accept source routed
# packets? I have heard enabling this feature is a good way to stop people from
# spoofing. I have been having a problem with someone spoofing to attack this
# machine. Basically, I'm wondering if there are any legitimate uses of source
# routed packets. Thanks!
# 
# - Benjamin - 
# 
#

More information about the Linux mailing list