Broadcasts and netmask

CLOSE Dave Dave.Close at us.thalesgroup.com
Thu Jul 31 19:03:33 UTC 2014 

I have a Fedora 20 machine which is receiving UDP broadcast packets at
regular intervals on a high port. No program is presently listening
for these packets. If I run, "tcpdump -iany port 29531", I see each
of the packets arriving just as I expect.

But if I then use Ncat as a surrogate for an application, "nc -lup
29531", I sometimes don't see anything! Why not? (More details
below.) What obvious thing am I missing?

The machine has ten Ethernet ports, two Broadcom BCM5716 and eight
Intel 82576. The Broadcom ports are using the bnx2 driver, the Intel
ports use the igb driver.

Connecting the cable from the broadcast sender to any one of the ports,
I get the exactly same behavior. Without assigning the port an address,
tcpdump shows that the UDP broadcast packets are received but they are
not forwarded to an application. For example,

  # ifup eth2
  # ifconfig eth2
  eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
          inet6 fe80::92e2:baff:fe32:f8a8  prefixlen 64  scopeid 0x20<link>
          ether 90:e2:ba:32:f8:a8  txqueuelen 1000  (Ethernet)
          RX packets 3892  bytes 3552566 (3.3 MiB)
          RX errors 0  dropped 0  overruns 0  frame 0
          TX packets 652  bytes 230557 (225.1 KiB)
          TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
          device memory 0xdc7c0000-dc7dffff
  # tcpdump -ieth2 udp port 29531
  tcpdump: WARNING: eth2: no IPv4 address assigned
  tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
  listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
  14:40:14.343946 IP 172.17.5.1.60142 > 255.255.255.255.29531: UDP, 
length 1212
  14:40:15.349595 IP 172.17.5.1.60142 > 255.255.255.255.29531: UDP, 
length 1212
  14:40:16.360263 IP 172.17.5.1.60142 > 255.255.255.255.29531: UDP, 
length 1212
  # nc -i2 -lup 29531
  Ncat: Idle timeout expired (2000 ms). QUITTING.

(The destination MAC address is FF:FF:FF:FF:FF:FF.)

When I assign the port an address, the result seems to depend on the
netmask I assign. For any netmask from 1 to 19, applications see the
broadcast. For netmasks from 20 through 32, they don't.

  # ifconfig eth2 172.17.17.254/19
  # nc -i2 -lup 29531
  p%�{"00":24,"01":"13/10/15 00:34:36","04":0,"05":0,"06":3,"08":0,...
  # ifconfig eth2 172.17.17.254/20
  # nc -i2 -lup 29531
  Ncat: Idle timeout expired (2000 ms). QUITTING.

For all netmasks, tcpdump still shows the packets being received.
(Obviously, tcpdump doesn't care about the port's address.) But I don't
understand why the drivers treat the broadcast differently based on
the netmask.

Of course, this behavior might not be unique to Fedora but that's the
environment I'm using. If this is known network behavior in general,
I'd sure appreciate some pointer to a reference.
-- 
	Dave Close

More information about the users mailing list