When multiple processes are receiving raw packets with a raw socket, such as in the case of ping, I believe they are all supposed to get a copy of each packet, and then they need to check the ID field to make sure it matches the echo request packet that it sent out. Are you saying that our stack lets one process 'eat' the packet and the other process never sees it?
Gedi wrote:
OK, I've had a look at this and I'm struggling to come up with decent solution. After getting a severe headache, I contacted Warren Young who runs the Winsock FAQ and he suggested there is a weakness in the MS stack.
As the bug ea spoke about is evident on Windows, this would support that theory. However as our stack has derived from Linux, and Linux doesn't replicate this bug, I'm at a loss.
My only 2 thoughts to get around this problem at the moment at to write all ICMP packets into a buffer and tell ping, tracert, etc to check the ID field before removing them, or possibly polling recvfrom with MSG_PEEK.
Both of these are obviously nasty hacks, the first more so than the second.
This will become a problem in the future, so I'd welcome any thoughts / ideas to rectify this now.
Regards, Ged.