nebula
nebula copied to clipboard
Published
20 hours ago •
slackhq
slackhq
🐛 BUG: Nebula crashes when adding default route to an arbitrary table
What version of nebula are you using? (nebula -version)
1.9.3
What operating system are you using?
Linux
Describe the Bug
I am using Nebula to assign a public IPv4 to a host behind NAT. Everything works well, except I cannot add a default route to an arbitrary routing table. When I do, Nebula crashes. To reproduce, while you have Nebula running, run
ip route add default via <nebula-peer-gateway> table 1011
You can use any route table number or name, make a number up if you wish. In effect, I'm not overriding my default route on my host. I want policy based routing to respond back using a specific routing table, and thus the need of a default route. If I add all the CIDRs of public IPs to a given table, instead of using 'default', my policy based routing works. As in:
ip route add 23.x.y.0/24 dev nebula1 proto kernel scope link src 23.x.y.30 mtu 1300 table nb4n0
/sbin/ip rule add from 23.x.y.30 table nb4n0
/sbin/ip rule add iif nebula1 table nb4n0
/sbin/ip rule add oif nebula1 table nb4n0
ip route add 1.0.0.0/8 via 23.x.y.11 table nb4n0
ip route add 2.0.0.0/8 via 23.x.y.11 table nb4n0
ip route add 3.0.0.0/8 via 23.x.y.11 table nb4n0
ip route add 4.0.0.0/6 via 23.x.y.11 table nb4n0
ip route add 8.0.0.0/7 via 23.x.y.11 table nb4n0
ip route add 11.0.0.0/8 via 23.x.y.11 table nb4n0
ip route add 12.0.0.0/6 via 23.x.y.11 table nb4n0
ip route add 16.0.0.0/4 via 23.x.y.11 table nb4n0
ip route add 32.0.0.0/3 via 23.x.y.11 table nb4n0
ip route add 64.0.0.0/2 via 23.x.y.11 table nb4n0
ip route add 128.0.0.0/3 via 23.x.y.11 table nb4n0
ip route add 160.0.0.0/5 via 23.x.y.11 table nb4n0
ip route add 168.0.0.0/6 via 23.x.y.11 table nb4n0
ip route add 172.0.0.0/12 via 23.x.y.11 table nb4n0
ip route add 172.32.0.0/11 via 23.x.y.11 table nb4n0
ip route add 172.64.0.0/10 via 23.x.y.11 table nb4n0
ip route add 172.128.0.0/9 via 23.x.y.11 table nb4n0
ip route add 173.0.0.0/8 via 23.x.y.11 table nb4n0
ip route add 174.0.0.0/7 via 23.x.y.11 table nb4n0
ip route add 176.0.0.0/4 via 23.x.y.11 table nb4n0
ip route add 192.0.0.0/9 via 23.x.y.11 table nb4n0
ip route add 192.128.0.0/11 via 23.x.y.11 table nb4n0
ip route add 192.160.0.0/13 via 23.x.y.11 table nb4n0
ip route add 192.169.0.0/16 via 23.x.y.11 table nb4n0
ip route add 192.170.0.0/15 via 23.x.y.11 table nb4n0
ip route add 192.172.0.0/14 via 23.x.y.11 table nb4n0
ip route add 192.176.0.0/12 via 23.x.y.11 table nb4n0
ip route add 192.192.0.0/10 via 23.x.y.11 table nb4n0
ip route add 193.0.0.0/8 via 23.x.y.11 table nb4n0
ip route add 194.0.0.0/7 via 23.x.y.11 table nb4n0
ip route add 196.0.0.0/6 via 23.x.y.11 table nb4n0
ip route add 200.0.0.0/5 via 23.x.y.11 table nb4n0
ip route add 208.0.0.0/4 via 23.x.y.11 table nb4n0
Logs from affected hosts
After running /sbin/ip route add default via a.b.c.d table 111
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0x2de818]
goroutine 27 [running]:
github.com/slackhq/nebula/overlay.(*tun).updateRoutes(_, {0x18, {0x8, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0}, {0x40001104a8, ...}, ...}})
github.com/slackhq/nebula/overlay/tun_linux.go:508 +0x48
github.com/slackhq/nebula/overlay.(*tun).watchRoutes.func1()
github.com/slackhq/nebula/overlay/tun_linux.go:486 +0x60
created by github.com/slackhq/nebula/overlay.(*tun).watchRoutes in goroutine 1
github.com/slackhq/nebula/overlay/tun_linux.go:482 +0xf8
Config files from affected hosts
