3 * Report MTU on path to specified host
5 * (c) 2008 Straylight/Edgeware
8 /*----- Licensing notice --------------------------------------------------*
10 * This file is part of Trivial IP Encryption (TrIPE).
12 * TrIPE is free software: you can redistribute it and/or modify it under
13 * the terms of the GNU General Public License as published by the Free
14 * Software Foundation; either version 3 of the License, or (at your
15 * option) any later version.
17 * TrIPE is distributed in the hope that it will be useful, but WITHOUT
18 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
19 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22 * You should have received a copy of the GNU General Public License
23 * along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
26 /*----- Header files ------------------------------------------------------*/
38 #include <sys/types.h>
42 #include <sys/socket.h>
43 #include <netinet/in.h>
44 #include <arpa/inet.h>
47 #include <netinet/in_systm.h>
48 #include <netinet/ip.h>
49 #include <netinet/ip_icmp.h>
50 #include <netinet/udp.h>
54 #include <sys/ioctl.h>
56 #include <mLib/alloc.h>
57 #include <mLib/bits.h>
58 #include <mLib/dstr.h>
60 #include <mLib/mdwopt.h>
61 #include <mLib/quis.h>
62 #include <mLib/report.h>
65 /*----- Static variables --------------------------------------------------*/
67 static unsigned char buf[65536];
71 /*----- Utility functions -------------------------------------------------*/
73 /* Step a value according to a simple LFSR. */
75 do (q) = ((q) & 0x8000) ? ((q) << 1) ^ POLY : ((q) << 1); while (0)
77 /* Fill buffer with a constant but pseudorandom string. Uses a simple
80 static void fillbuffer(unsigned char *p, size_t sz)
82 unsigned int y = 0xbc20;
83 const unsigned char *l = p + sz;
88 for (i = 0; i < 8; i++) STEP(y);
92 /* Convert a string to floating point. */
93 static double s2f(const char *s, const char *what)
100 if (errno || *q) die(EXIT_FAILURE, "bad %s", what);
104 /* Convert a floating-point value into a struct timeval. */
105 static void f2tv(struct timeval *tv, double t)
106 { tv->tv_sec = t; tv->tv_usec = (t - tv->tv_sec)*MILLION; }
110 struct sockaddr_in sin;
113 /* Return the size of a socket address. */
114 static size_t addrsz(const union addr *a)
116 switch (a->sa.sa_family) {
117 case AF_INET: return (sizeof(a->sin));
122 /* Compare two addresses. Maybe compare the port numbers too. */
124 static int addreq(const union addr *a, const union addr *b, unsigned f)
126 switch (a->sa.sa_family) {
128 return (a->sin.sin_addr.s_addr == b->sin.sin_addr.s_addr &&
129 (!(f&AEF_PORT) || a->sin.sin_port == b->sin.sin_port));
135 /*----- Main algorithm skeleton -------------------------------------------*/
138 unsigned f; /* Various flags */
139 #define F_VERBOSE 1u /* Give a running commentary */
140 double retx; /* Initial retransmit interval */
141 double regr; /* Retransmit growth factor */
142 double timeout; /* Retransmission timeout */
143 int seqoff; /* Offset to write sequence number */
144 const struct probe_ops *pops; /* Probe algorithm description */
145 union addr a; /* Destination address */
149 const struct param *pp;
155 const struct probe_ops *next;
157 int (*setup)(void *, int, const struct param *);
158 void (*finish)(void *);
159 void (*selprep)(void *, int *, fd_set *);
160 int (*xmit)(void *, int);
161 int (*selproc)(void *, fd_set *, struct probestate *);
172 /* or a positive MTU upper-bound */
175 /* Add a file descriptor FD to the set `fd_in', updating `*maxfd'. */
177 do { FD_SET(fd, fd_in); if (*maxfd < fd) *maxfd = fd; } while (0)
179 /* Check whether a buffer contains a packet from our current probe. */
180 static int mypacketp(struct probestate *ps,
181 const unsigned char *p, size_t sz)
183 const struct param *pp = ps->pp;
185 return (sz >= pp->seqoff + 2 && LOAD16(p + pp->seqoff) == ps->q);
188 /* See whether MTU is an acceptable MTU value. Return an appropriate
189 * RC_... code or a new suggested MTU.
191 static int probe(struct probestate *ps, void *st, int mtu)
193 const struct param *pp = ps->pp;
195 struct timeval tv, now, when, done;
196 double timer = pp->retx;
199 /* Set up the first retransmit and give-up timers. */
200 gettimeofday(&now, 0);
201 f2tv(&tv, pp->timeout); TV_ADD(&done, &now, &tv);
202 f2tv(&tv, timer); TV_ADD(&when, &now, &tv);
203 if (TV_CMP(&when, >, &done)) when = done;
205 /* Send the initial probe. */
206 if (pp->f & F_VERBOSE)
207 moan("sending probe of size %d (seq = %04x)", mtu, ps->q);
209 STORE16(buf + pp->seqoff, ps->q);
210 if ((rc = pp->pops->xmit(st, mtu)) != RC_OK) return (rc);
214 /* Wait for something interesting to happen. */
215 maxfd = 0; FD_ZERO(&fd_in);
216 pp->pops->selprep(st, &maxfd, &fd_in);
217 TV_SUB(&tv, &when, &now);
218 if (select(maxfd + 1, &fd_in, 0, 0, &tv) < 0) return (RC_FAIL);
219 gettimeofday(&now, 0);
221 /* See whether the probe method has any answers for us. */
222 if ((rc = pp->pops->selproc(st, &fd_in, ps)) != RC_OK) return (rc);
224 /* If we've waited too long, give up. If we should retransmit, do
227 if (TV_CMP(&now, >, &done))
229 else if (TV_CMP(&now, >, &when)) {
230 if (pp->f & F_VERBOSE) moan("re-sending probe of size %d", mtu);
231 if ((rc = pp->pops->xmit(st, mtu)) != RC_OK) return (rc);
233 timer *= pp->regr; f2tv(&tv, timer); TV_ADD(&when, &when, &tv);
234 } while (TV_CMP(&when, <, &now));
235 if (TV_CMP(&when, >, &done)) when = done;
240 /* Discover the path MTU to the destination address. */
241 static int pathmtu(const struct param *pp)
247 struct probestate ps;
249 /* Build and connect a UDP socket. We'll need this to know the local port
250 * number to use if nothing else. Set other stuff up.
252 if ((sk = socket(pp->a.sa.sa_family, SOCK_DGRAM, IPPROTO_UDP)) < 0)
254 if (connect(sk, &pp->a.sa, addrsz(&pp->a))) goto fail_1;
255 st = xmalloc(pp->pops->statesz);
256 if ((mtu = pp->pops->setup(st, sk, pp)) < 0) goto fail_2;
257 ps.pp = pp; ps.q = rand() & 0xffff;
260 /* And now we do a thing which is sort of like a binary search, except that
261 * we also take explicit clues as establishing a new upper bound, and we
262 * try to hug that initially.
265 assert(lo <= mtu && mtu <= hi);
266 if (pp->f & F_VERBOSE) moan("probe: %d <= %d <= %d", lo, mtu, hi);
267 rc = probe(&ps, st, mtu);
271 if (pp->f & F_VERBOSE) moan("probe failed");
275 /* If we've not seen a dropped packet before then we don't know what
276 * this means yet -- in particular, we don't know which bit of the
277 * network is swallowing packets. Send a minimum-size probe. If
278 * that doesn't come back then assume that the remote host is
279 * swallowing our packets. If it does, then we assume that dropped
280 * packets are a result of ICMP fragmentation-needed reports being
281 * lost or suppressed.
283 if (pp->f & F_VERBOSE) moan("gave up: black hole detected");
285 if (pp->f & F_VERBOSE) moan("sending minimum-size probe");
286 switch (probe(&ps, st, lo)) {
290 if (pp->f & F_VERBOSE) {
291 moan("no reply from min-size probe: "
292 "assume black hole at target");
297 if (pp->f & F_VERBOSE) {
298 moan("reply from min-size probe OK: "
299 "assume black hole in network");
304 if (pp->f & F_VERBOSE)
305 moan("unexpected return code from probe");
311 if (droppy) goto higher; else goto lower;
316 if (pp->f & F_VERBOSE)
317 moan("probe returned: remote host is not a black hole");
321 if (pp->f & F_VERBOSE) moan("probe returned: found correct MTU");
326 /* Now we must make a new guess, between lo and hi. We know that lo
327 * is good; but we're not so sure about hi here. We know that hi >
328 * lo, so this will find an approximate midpoint, greater than lo and
331 if (pp->f & F_VERBOSE) moan("probe returned: guessing higher");
332 mtu += (hi - lo + 1)/2;
337 /* If this didn't work, and we're already at the bottom of our
338 * possible range, then something has gone horribly wrong.
343 if (pp->f & F_VERBOSE) moan("error returned: found correct MTU");
348 /* We must make a new guess, between lo and hi. We're probably
349 * fairly sure that lo will succeed, since either it's the minimum
350 * MTU or we've tested it already; but we're not quite sure about hi,
351 * so we want to aim high.
353 if (pp->f & F_VERBOSE) moan("error returned: guessing lower");
354 mtu -= (hi - lo + 1)/2;
358 if (pp->f & F_VERBOSE) moan("error returned with new MTU estimate");
365 /* Clean up and return our result. */
366 pp->pops->finish(st);
372 pp->pops->finish(st);
381 /*----- Doing it the hard way ---------------------------------------------*/
383 #if defined(linux) || defined(__OpenBSD__)
388 # define sane_htons htons
389 # define sane_htonl htonl
395 static int rawicmp = -1, rawudp = -1, rawerr = 0;
397 #define IPCK_INIT 0xffff
399 /* Compute an IP checksum over some data. This is a restartable interface:
400 * initialize A to `IPCK_INIT' for the first call.
402 static unsigned ipcksum(const void *buf, size_t n, unsigned a)
404 unsigned long aa = a ^ 0xffff;
405 const unsigned char *p = buf, *l = p + n;
407 while (p < l - 1) { aa += LOAD16_B(p); p += 2; }
408 if (p < l) { aa += (unsigned)(*p) << 8; }
409 do aa = (aa & 0xffff) + (aa >> 16); while (aa >= 0x10000);
410 return (aa == 0xffff ? aa : aa ^ 0xffff);
413 /* TCP/UDP pseudoheader structure. */
415 struct in_addr ph_src, ph_dst;
422 int sk, rawicmp, rawudp;
426 static int raw_setup(void *stv, int sk, const struct param *pp)
428 struct raw_state *st = stv;
431 struct ifaddrs *ifa, *ifaa, *ifap;
434 /* Check that the address is OK, and that we have the necessary raw
437 switch (pp->a.sa.sa_family) {
439 if (rawerr) { errno = rawerr; goto fail_0; }
440 st->rawicmp = rawicmp; st->rawudp = rawudp; st->sk = sk;
443 errno = EPFNOSUPPORT; goto fail_0;
446 /* Initialize the sequence number. */
447 st->q = rand() & 0xffff;
449 /* Snaffle the local and remote address and port number. */
452 if (getsockname(sk, &st->me.sa, &sz))
455 /* There isn't a portable way to force the DF flag onto a packet through
456 * UDP, or even through raw IP, unless we write the entire IP header
457 * ourselves. This is somewhat annoying, especially since we have an
458 * uphill struggle keeping track of which systems randomly expect which
459 * header fields to be presented in host byte order. Oh, well.
462 if (setsockopt(rawudp, IPPROTO_IP, IP_HDRINCL, &i, sizeof(i))) goto fail_0;
464 /* Find an upper bound on the MTU. Do two passes over the interface
465 * list. If we can find matches for our local address then use the
466 * highest one of those; otherwise do a second pass and simply take the
467 * highest MTU of any network interface.
469 if (getifaddrs(&ifaa)) goto fail_0;
470 for (i = 0; i < 2; i++) {
471 for (ifap = 0, ifa = ifaa; ifa; ifa = ifa->ifa_next) {
472 if (!(ifa->ifa_flags & IFF_UP) || !ifa->ifa_addr ||
473 ifa->ifa_addr->sa_family != st->me.sa.sa_family ||
475 !addreq((union addr *)ifa->ifa_addr, &st->me, 0)) ||
476 (i == 1 && ifap && strcmp(ifap->ifa_name, ifa->ifa_name) == 0) ||
477 strlen(ifa->ifa_name) >= sizeof(ifr.ifr_name))
480 strcpy(ifr.ifr_name, ifa->ifa_name);
481 if (ioctl(sk, SIOCGIFMTU, &ifr)) goto fail_1;
482 if (mtu < ifr.ifr_mtu) mtu = ifr.ifr_mtu;
486 if (mtu < 0) { errno = ENOTCONN; goto fail_1; }
498 static void raw_finish(void *stv) { ; }
500 static void raw_selprep(void *stv, int *maxfd, fd_set *fd_in)
501 { struct raw_state *st = stv; ADDFD(st->sk); ADDFD(st->rawicmp); }
503 static int raw_xmit(void *stv, int mtu)
505 struct raw_state *st = stv;
506 unsigned char b[65536], *p;
512 /* Build the IP header. */
515 ip->ip_hl = sizeof(*ip)/4;
516 ip->ip_tos = IPTOS_RELIABILITY;
517 ip->ip_len = sane_htons(mtu);
518 STEP(st->q); ip->ip_id = htons(st->q);
519 ip->ip_off = sane_htons(0 | IP_DF);
521 ip->ip_p = IPPROTO_UDP;
523 ip->ip_src = st->me.sin.sin_addr;
524 ip->ip_dst = st->a.sin.sin_addr;
526 /* Build a UDP packet in the output buffer. */
527 udp = (struct udphdr *)(ip + 1);
528 udp->uh_sport = st->me.sin.sin_port;
529 udp->uh_dport = st->a.sin.sin_port;
530 udp->uh_ulen = htons(mtu - sizeof(*ip));
533 /* Copy the payload. */
534 p = (unsigned char *)(udp + 1);
535 memcpy(p, buf, mtu - (p - b));
537 /* Calculate the UDP checksum. */
538 ph.ph_src = ip->ip_src;
539 ph.ph_dst = ip->ip_dst;
541 ph.ph_p = IPPROTO_UDP;
542 ph.ph_len = udp->uh_ulen;
544 ck = ipcksum(&ph, sizeof(ph), ck);
545 ck = ipcksum(udp, mtu - sizeof(*ip), ck);
546 udp->uh_sum = htons(ck);
548 /* Send the whole thing off. If we're too big for the interface then we
549 * might need to trim immediately.
551 if (sendto(st->rawudp, b, mtu, 0, &st->a.sa, addrsz(&st->a)) < 0) {
552 if (errno == EMSGSIZE) return (RC_LOWER);
563 static int raw_selproc(void *stv, fd_set *fd_in, struct probestate *ps)
565 struct raw_state *st = stv;
566 unsigned char b[65536];
570 const unsigned char *payload;
573 /* An ICMP packet: see what's inside. */
574 if (FD_ISSET(st->rawicmp, fd_in)) {
575 if ((n = read(st->rawicmp, b, sizeof(b))) < 0) goto fail_0;
578 if (n < sizeof(*ip) || n < sizeof(4*ip->ip_hl) ||
579 ip->ip_v != 4 || ip->ip_p != IPPROTO_ICMP)
581 n -= sizeof(4*ip->ip_hl);
583 icmp = (struct icmp *)(b + 4*ip->ip_hl);
584 if (n < sizeof(*icmp) || icmp->icmp_type != ICMP_UNREACH)
586 n -= offsetof(struct icmp, icmp_ip);
589 if (n < sizeof(*ip) ||
590 ip->ip_p != IPPROTO_UDP || ip->ip_hl != sizeof(*ip)/4 ||
591 ip->ip_id != htons(st->q) ||
592 ip->ip_src.s_addr != st->me.sin.sin_addr.s_addr ||
593 ip->ip_dst.s_addr != st->a.sin.sin_addr.s_addr)
597 udp = (struct udphdr *)(ip + 1);
598 if (n < sizeof(udp) || udp->uh_sport != st->me.sin.sin_port ||
599 udp->uh_dport != st->a.sin.sin_port)
603 payload = (const unsigned char *)(udp + 1);
604 if (!mypacketp(ps, payload, n)) goto skip_icmp;
606 if (icmp->icmp_code == ICMP_UNREACH_PORT) return (RC_HIGHER);
607 else if (icmp->icmp_code != ICMP_UNREACH_NEEDFRAG) goto skip_icmp;
608 else if (icmp->icmp_nextmtu) return (htons(icmp->icmp_nextmtu));
609 else return (RC_LOWER);
613 /* If we got a reply to the current probe then we're good. If we got an
614 * error, or the packet's sequence number is wrong, then ignore it.
616 if (FD_ISSET(st->sk, fd_in)) {
617 if ((n = read(st->sk, b, sizeof(b))) < 0) return (RC_OK);
618 else if (mypacketp(ps, b, n)) return (RC_HIGHER);
628 static const struct probe_ops raw_ops = {
629 "raw", OPS_CHAIN, sizeof(struct raw_state),
630 raw_setup, raw_finish,
631 raw_selprep, raw_xmit, raw_selproc
635 #define OPS_CHAIN &raw_ops
637 /*----- Doing the job on Linux --------------------------------------------*/
642 # define IP_MTU 14 /* Blech! */
649 static int linux_setup(void *stv, int sk, const struct param *pp)
651 struct linux_state *st = stv;
655 /* Check that the address is OK. */
656 switch (pp->a.sa.sa_family) {
658 default: errno = EPFNOSUPPORT; return (-1);
661 /* Snaffle the UDP socket. */
664 /* Turn on kernel path-MTU discovery and force DF on. */
665 i = IP_PMTUDISC_PROBE;
666 if (setsockopt(st->sk, IPPROTO_IP, IP_MTU_DISCOVER, &i, sizeof(i)))
669 /* Read the initial MTU guess back and report it. */
671 if (getsockopt(st->sk, IPPROTO_IP, IP_MTU, &mtu, &sz))
678 static void linux_finish(void *stv) { ; }
680 static void linux_selprep(void *stv, int *maxfd, fd_set *fd_in)
681 { struct linux_state *st = stv; ADDFD(st->sk); }
683 static int linux_xmit(void *stv, int mtu)
685 struct linux_state *st = stv;
687 /* Write the packet. */
688 if (write(st->sk, buf, mtu - 28) >= 0) return (RC_OK);
689 else if (errno == EMSGSIZE) return (RC_LOWER);
690 else return (RC_FAIL);
693 static int linux_selproc(void *stv, fd_set *fd_in, struct probestate *ps)
695 struct linux_state *st = stv;
699 unsigned char b[65536];
701 /* Read an answer. If it looks like the right kind of error then report a
702 * success. This is potentially wrong, since we can't tell whether an
703 * error was delayed from an earlier probe. However, we never return
704 * RC_LOWER from this method, so the packet sizes ought to be monotonically
705 * decreasing and this won't cause trouble. Otherwise update from the
706 * kernel's idea of the right MTU.
708 if (FD_ISSET(st->sk, fd_in)) {
709 n = read(st->sk, &buf, sizeof(buf));
711 mypacketp(ps, b, n) :
712 errno == ECONNREFUSED || errno == EHOSTUNREACH)
715 if (getsockopt(st->sk, IPPROTO_IP, IP_MTU, &mtu, &sz))
722 static const struct probe_ops linux_ops = {
723 "linux", OPS_CHAIN, sizeof(struct linux_state),
724 linux_setup, linux_finish,
725 linux_selprep, linux_xmit, linux_selproc
729 #define OPS_CHAIN &linux_ops
733 /*----- Help options ------------------------------------------------------*/
735 static const struct probe_ops *probe_ops = OPS_CHAIN;
737 static void version(FILE *fp)
738 { pquis(fp, "$, TrIPE version " VERSION "\n"); }
740 static void usage(FILE *fp)
742 pquis(fp, "Usage: $ [-v] [-H HEADER] [-m METHOD]\n\
743 [-r SECS] [-g FACTOR] [-t SECS] HOST [PORT]\n");
746 static void help(FILE *fp)
748 const struct probe_ops *ops;
757 -h, --help Show this help text.\n\
758 -V, --version Show version number.\n\
759 -u, --usage Show brief usage message.\n\
761 -g, --growth=FACTOR Growth factor for retransmit interval.\n\
762 -m, --method=METHOD Use METHOD to probe for MTU.\n\
763 -r, --retransmit=SECS Retransmit if no reply after SEC.\n\
764 -t, --timeout=SECS Give up expecting a reply after SECS.\n\
765 -v, --verbose Write a running commentary to stderr.\n\
766 -H, --header=HEX Packet header, in hexadecimal.\n\
770 for (ops = probe_ops; ops; ops = ops->next)
771 printf("\t%s\n", ops->name);
774 /*----- Main code ---------------------------------------------------------*/
776 int main(int argc, char *argv[])
778 struct param pp = { 0, 0.333, 3.0, 8.0, 0, OPS_CHAIN };
791 if ((rawicmp = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP)) < 0 ||
792 (rawudp = socket(PF_INET, SOCK_RAW, IPPROTO_UDP)) < 0)
794 if (setuid(getuid()))
798 fillbuffer(buf, sizeof(buf));
799 pp.a.sin.sin_port = htons(7);
802 static const struct option opts[] = {
803 { "help", 0, 0, 'h' },
804 { "version", 0, 0, 'V' },
805 { "usage", 0, 0, 'u' },
806 { "header", OPTF_ARGREQ, 0, 'H' },
807 { "growth", OPTF_ARGREQ, 0, 'g' },
808 { "method", OPTF_ARGREQ, 0, 'm' },
809 { "retransmit", OPTF_ARGREQ, 0, 'r' },
810 { "timeout", OPTF_ARGREQ, 0, 't' },
811 { "verbose", 0, 0, 'v' },
815 i = mdwopt(argc, argv, "hVu" "H:g:m:r:t:v", opts, 0, 0, 0);
818 case 'h': help(stdout); exit(0);
819 case 'V': version(stdout); exit(0);
820 case 'u': usage(stdout); exit(0);
825 hex_decode(&hc, optarg, strlen(optarg), &d);
826 hex_decode(&hc, 0, 0, &d);
827 sz = d.len < 532 ? d.len : 532;
828 memcpy(buf, d.buf, sz);
832 case 'g': pp.regr = s2f(optarg, "retransmit growth factor"); break;
833 case 'r': pp.retx = s2f(optarg, "retransmit interval"); break;
834 case 't': pp.timeout = s2f(optarg, "timeout"); break;
837 for (pp.pops = OPS_CHAIN; pp.pops; pp.pops = pp.pops->next)
838 if (strcmp(pp.pops->name, optarg) == 0) goto found_alg;
839 die(EXIT_FAILURE, "unknown probe algorithm `%s'", optarg);
843 case 'v': pp.f |= F_VERBOSE; break;
850 argv += optind; argc -= optind;
851 if ((f & f_bogus) || 1 > argc || argc > 2) {
856 if ((h = gethostbyname(*argv)) == 0)
857 die(EXIT_FAILURE, "unknown host `%s': %s", *argv, hstrerror(h_errno));
858 if (h->h_addrtype != AF_INET)
859 die(EXIT_FAILURE, "unsupported address family for host `%s'", *argv);
860 memcpy(&pp.a.sin.sin_addr, h->h_addr, sizeof(struct in_addr));
865 u = strtoul(*argv, &q, 0);
867 pp.a.sin.sin_port = htons(u);
868 else if ((s = getservbyname(*argv, "udp")) == 0)
869 die(EXIT_FAILURE, "unknown UDP service `%s'", *argv);
871 pp.a.sin.sin_port = s->s_port;
874 pp.a.sin.sin_family = AF_INET;
877 die(EXIT_FAILURE, "failed to discover MTU: %s", strerror(errno));
879 if (ferror(stdout) || fflush(stdout) || fclose(stdout))
880 die(EXIT_FAILURE, "failed to write result: %s", strerror(errno));
884 /*----- That's all, folks -------------------------------------------------*/