krb5 UDP daemons and IP pktinfo

Kenneth G Raeburn raeburn at
Tue Jan 12 01:58:41 EST 2016

> In 2010 I asked for help doing a platform survey, and found that while
> Linux and Solaris 11 implement an IPv4 variant of pktinfo (IP_PKTINFO),
> other platforms do not (NetBSD added it in 2013).  Until yesterday, my
> operating assumption was that we were stuck with the complex code for
> the forseeable future.  Yesterday, I discovered that some operating
> systems implement the same functionality in a different way
> (IP_RECVDSTADDR).  If we handle both variants, then we can safely bind
> to the IPv4 wildcard address on Linux, Solaris, all of the BSDs, and OS
> X.

Have you checked that it actually works?  It’s been a long time, but I remember running across IP_RECVDSTADDR, and I seem to recall that some options in this space didn’t seem to work as documented (or at all?) on some platforms, but I can’t recall for sure if IP_RECVDSTADDR was what was broken, and of course it could’ve been fixed since for the platforms you care about.

> So, I think it might be reasonable to simplify the net-server.c code at
> the expense of some degradation on the rare platforms which don't
> implement either variant of IPv4 pktinfo.  My favored form of
> degradation is that we always bind to the wildcard address, and if the
> platform doesn't have IPv4 pktinfo support, we just let sendto() pick
> the source address of the reply.  For those platforms, our UDP daemons
> will continue to work on single-homed machines, but might not behave
> properly on multi-homed machine depending on the routing configuration.
> Do other people agree that this is reasonable?

If RECVDSTADDR works and covers the important platforms that PKTINFO doesn’t, it sounds like quite a nice simplification.  That bit with the routing socket is pretty annoying.


More information about the krbdev mailing list