Why did snmpd show "Failure in sendto" when requested with a broadcast address?

Solution Verified - Updated -

Issue

  • When we requested SNMP with a broadcast source IP address '10.x.x.255', nothing is returned and following error message was shown in /var/log/messages at the snmpd server:
snmpd[xxxx]: send response: Failure in sendto

In the strace of snmpd service, sendmsg returned ENETUNREACH before the message was output.

887241 11:20:29.860297 sendmsg(11, {msg_name={sa_family=AF_INET, sin_port=htons(36750), sin_addr=inet_addr("10.x.x.yyy")}, msg_namelen=16, msg_iov=[{iov_base="...", iov_len=53}], msg_iovlen=1, msg_control=[{cmsg_len=28, cmsg_level=SOL_IP, cmsg_type=IP_PKTINFO, cmsg_data={ipi_ifindex=0, ipi_spec_dst=inet_addr("10.x.x.255"), ipi_addr=inet_addr("0.0.0.0")}}], msg_controllen=32, msg_flags=0}, MSG_DONTWAIT|MSG_NOSIGNAL) = -1 ENETUNREACH (Network is unreachable) <0.000011>
887241 11:20:29.860389 getpid()         = 887241 <0.000005>
887241 11:20:29.860410 sendto(8, "<27>Mar 15 11:20:29 snmpd[887241]: send response: Failure in sendto\n", 68, MSG_NOSIGNAL, NULL, 0) = 68 <0.002007>
887241 11:20:29.862764 getpid()         = 887241 <0.000006>
887241 11:20:29.862798 sendto(8, "<27>Mar 15 11:20:29 snmpd[887241]:     -- IP-MIB::ipAdEntAddr.10.x.x.yyy\n", 74, MSG_NOSIGNAL, NULL, 0) = 74 <0.001213>

According to the source code of net-snmp, sendmsg is supposed to return EINVAL when it requested with a broadcast address. We think that sendmsg returning ENETUNREACH instead of EINVAL was the reason why the error message was shown.

net-snmp-5.8-14.el8.x86_64/snmplib/transports/snmpUDPBaseDomain.c

         rc = sendmsg(fd, &m, MSG_NOSIGNAL|MSG_DONTWAIT);
        if (rc >= 0 || errno != EINVAL)
            return rc;

        /*
         * The error might be caused by broadcast srcip (i.e. we're responding
         * to a broadcast request) - sendmsg does not like it. Try to resend it
         * using the interface on which it was received
         */

        ...

        rc = sendmsg(fd, &m, MSG_NOSIGNAL|MSG_DONTWAIT);

Could you please tell us why sendmsg returned ENETUNREACH instead of EINVAL and the error message was shown?

Environment

  • Red Hat Enterprise Linux (RHEL) 7, 8 and 9
  • Simple Network Management Protocol (SNMP)
  • sendmsg with IP_PKTINFO ancillary data control message (cmsg)
  • net-snmp, affected versions:
    • RHEL9.3GA: versions before net-snmp-5.9.1-11.el9
    • RHEL9.2: versions before net-snmp-5.9.1-11.el9_2
    • RHEL9.0: versions before net-snmp-5.9.1-7.el9_0.2
    • RHEL8.9GA: versions before net-snmp-5.8-28.el8
    • RHEL8.8: versions before net-snmp-5.8-27.el8_8.1
    • RHEL8.6: versions before net-snmp-5.8-25.el8_6.2
    • RHEL8.4: versions before net-snmp-5.8-20.el8_4.2
    • RHEL8.2: versions before net-snmp-5.8-14.el8_2.5
    • RHEL7.9: versions before net-snmp-5.7.2-49.el7_9.3, on systems with kernel-3.10.0-1111.el7 or later

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content