[CentOS] oops, or how to bring a datacenter router down with one setting

Bob Hoffman

bob at bobhoffman.com
Thu Feb 9 23:54:59 UTC 2012


so I gave up on bonding.
I found about 300 posts showing eth0 and eth1 both pointing to br0 (bridge)
as interfaces.
I followed them correctly, or so I thought.
I pointed both ethx to the bridge, restarted network and bam...!!!

entire ip block went out.

when I called datacenter they told me the router was under attack and I 
was like 'uh oh' and told them to just shut off my computer I would be 
there to fix it. They did not believe me.
An hour later I was there and deleted the eth1 point to the br0 and all 
was fine.
Meanwhile they were all around the router trying to stop the attack.
(it was just the router for me and others in that room....oops)

I wonder if they will boot me from the center now?
How is it possible that it did that so quickly?
Such an easy way to bring down routers, wow, a hacker could have a field 
day.

Apparently there is more to making to eth ports go to the same bridge 
than a simple point.
I have since tried bridge_ports command as listed online, however that 
must be deprecated.
I think I am just gonna stay with multiple bridges with one eth on each 
for a while until
I can test this stuff in a safe environ.

I never had a chance to recover, the second the network came up I lost 
all contact with my ip block.
The ratelimit number got this high by the time I got there.



Feb  9 04:22:41 main kernel: __ratelimit: 100807 callbacks suppressed
Feb  9 04:22:41 main kernel: eth1: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth1: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth1: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth1: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth0: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth0: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth0: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth0: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth0: received packet with own address as 
source address
Feb  9 04:22:41 main kernel: eth0: received packet with own address as 
source address



More information about the CentOS mailing list