[Bug 3373] New: "IPQoS le" sets incorrect DSCP

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Dec 11 20:08:43 AEDT 2021


https://bugzilla.mindrot.org/show_bug.cgi?id=3373

            Bug ID: 3373
           Summary: "IPQoS le" sets incorrect DSCP
           Product: Portable OpenSSH
           Version: 8.8p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: daisuke.higashi at gmail.com

** Bug Description

 "IPQoS le" (Lower Effort) sets outgoing packet's DSCP to 000000 (BE).

** Expected behavior

 It should be 000001 as per [RFC8622] and [bz2986].

** How to reproduce

1. ssh -o "IPQoS le" <remotehost>
2. tcpdump -v -n port 22 host <remotehost>
3. watch "tos" field in IP header (or "class" in IPv6)

-> Correct DSCP for LE is 000001 (tos 0x04), but we see tos=0x0
(DSCP=0)

=======================
17:31:03.455484 IP (tos 0x0, ttl 64, id 31594, offset 0, flags [DF],
proto TCP (6), length 52)
    *.*.*.108.55566 > *.*.*.*.22: Flags [.], cksum 0xd6b3 (incorrect ->
0xe00d), seq 1661, ack 1463, win 259, options [nop,nop,TS val
4016640841 ecr 3998457139], length 0
=======================


** Patch for fix

 IPTOS_DSCP_LE definition is wrong. If we want DSCP=0000001b, IPTOS
value set must be 00000100b (two bits shift).

--- openssh-8.8p1.org/defines.h 2021-12-11 17:23:14.008544689 +0900
+++ openssh-8.8p1/defines.h     2021-12-11 17:24:02.755931851 +0900
@@ -97,7 +97,7 @@
 # define       IPTOS_DSCP_EF           0xb8
 #endif /* IPTOS_DSCP_EF */
 #ifndef IPTOS_DSCP_LE
-# define       IPTOS_DSCP_LE           0x01
+# define       IPTOS_DSCP_LE           0x04
 #endif /* IPTOS_DSCP_LE */
 #ifndef IPTOS_PREC_CRITIC_ECP
 # define IPTOS_PREC_CRITIC_ECP         0xa0

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list