From owner-freebsd-net@freebsd.org Sun Dec 10 00:42:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8F6DEE9DABE for ; Sun, 10 Dec 2017 00:42:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7D8BC7C027 for ; Sun, 10 Dec 2017 00:42:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBA0g0DJ053904 for ; Sun, 10 Dec 2017 00:42:00 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 00:42:00 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: cem@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 00:42:00 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 Conrad Meyer changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|freebsd-bugs@FreeBSD.org |freebsd-net@FreeBSD.org CC| |cem@freebsd.org --- Comment #1 from Conrad Meyer --- Can you provide the panic message and backtrace? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 00:53:19 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CDB25E9DE1E for ; Sun, 10 Dec 2017 00:53:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B0DF37C5DB for ; Sun, 10 Dec 2017 00:53:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBA0rJma083280 for ; Sun, 10 Dec 2017 00:53:19 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 00:53:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 00:53:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #2 from Shreesh Holla --- Created attachment 188676 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D188676&action= =3Dedit Crash info file --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 01:02:19 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 34F47E9E1C4 for ; Sun, 10 Dec 2017 01:02:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 228927CADC for ; Sun, 10 Dec 2017 01:02:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBA12IAr005032 for ; Sun, 10 Dec 2017 01:02:19 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 01:02:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 01:02:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #3 from Shreesh Holla --- The stacktrace from the vmcore is: Fatal double fault: eip =3D 0xc06dcf21 esp =3D 0xeeafbfd8 ebp =3D 0xeeafc1b8 cpuid =3D 1; apic id =3D 02 panic: double fault cpuid =3D 1 KDB: stack backtrace: #0 0xc0bc1b3e at kdb_backtrace+0x4e #1 0xc0b8472e at vpanic+0x10e #2 0xc0b84614 at panic+0x14 #3 0xc10985d9 at dblfault_handler+0x99 Uptime: 1m27s Physical memory: 2019 MB Will that help? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 07:48:50 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 04F99E84EFA for ; Sun, 10 Dec 2017 07:48:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E7A0467341 for ; Sun, 10 Dec 2017 07:48:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBA7mnnp037991 for ; Sun, 10 Dec 2017 07:48:49 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 07:48:49 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 07:48:50 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 Michael Tuexen changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |tuexen@freebsd.org --- Comment #4 from Michael Tuexen --- Just have tested between two FreeBSD head machines using IPv6 link local addresses and ncat from the nmap port works fine. Will test Linux to FreeBS= D 11 later today... --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 07:55:55 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AC3C3E85129 for ; Sun, 10 Dec 2017 07:55:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9951D676B1 for ; Sun, 10 Dec 2017 07:55:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBA7ttkw056818 for ; Sun, 10 Dec 2017 07:55:55 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 07:55:55 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 07:55:55 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #5 from Shreesh Holla --- The issue seems to be if you use an actual IPV6 address i.e. not ::1. Well I could not connect from an external machine when listener was on ::1. So the listener should be listening on the local IPv6 address. And likely its some compatibility issue between Linux SCTP and BSD SCTP and so the issue shows = up when the other machine is a Linux machine likely. I have seen this happen n= ow about 10 times and it is immediate. It seems the connection occurs since the Linux machine shows as connected and then the FreeBSD machine reboots. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 08:44:25 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B414AE8602C for ; Sun, 10 Dec 2017 08:44:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A23C068909 for ; Sun, 10 Dec 2017 08:44:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBA8iPj6070521 for ; Sun, 10 Dec 2017 08:44:25 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 08:44:25 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 08:44:25 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #6 from Michael Tuexen --- (In reply to Shreesh Holla from comment #5) Can you please state the arguments you use on the server side for starting ncat? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 08:50:43 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 36152E86386 for ; Sun, 10 Dec 2017 08:50:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1EB9168CF7 for ; Sun, 10 Dec 2017 08:50:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBA8ogLl079115 for ; Sun, 10 Dec 2017 08:50:42 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 08:50:43 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 08:50:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #7 from Shreesh Holla --- (In reply to Michael Tuexen from comment #6) Oh I mentioned in the bug report right in the beginning. Here it is again: ncat --sctp -l --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 11:29:57 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C9EC4E89873 for ; Sun, 10 Dec 2017 11:29:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B85166D448 for ; Sun, 10 Dec 2017 11:29:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBABTvNH012960 for ; Sun, 10 Dec 2017 11:29:57 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 11:29:58 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 11:29:57 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #8 from Michael Tuexen --- (In reply to Shreesh Holla from comment #7) Is it a global IPv6 address or a link local one? I have been testing with l= ink local addresses... --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 16:55:22 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 043DBE90AD8 for ; Sun, 10 Dec 2017 16:55:22 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net [IPv6:2001:41d0:d:3049:1:1:0:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C6A9376FAA for ; Sun, 10 Dec 2017 16:55:21 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from [IPv6:2003:8c:2e67:d601:d060:873d:4a39:9eeb] (p2003008C2E67D601D060873D4A399EEB.dip0.t-ipconnect.de [IPv6:2003:8c:2e67:d601:d060:873d:4a39:9eeb]) by mx1.enfer-du-nord.net (Postfix) with ESMTPSA id 3yvsdz1fgXz4W3 for ; Sun, 10 Dec 2017 17:55:19 +0100 (CET) From: Michael Grimm Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 11.1 \(3445.4.7\)) Subject: [IPsec] Weird performance issue via IPsec/racoon tunnel Message-Id: <7A6EF712-920E-40BF-B155-113EE6C00AEA@ellael.org> Date: Sun, 10 Dec 2017 17:55:18 +0100 To: freebsd-net@FreeBSD.org X-Virus-Scanned: clamav-milter 0.99.2 at mail X-Virus-Status: Clean X-Mailer: Apple Mail (2.3445.4.7) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 16:55:22 -0000 Hi I do run an IPsec/racoon tunnel between two servers (11.1-STABLE #0 = r326663). Some days ago I did migrate one of my servers from bare metal = to a public cloud instance. Now I do observe weird performance issues = from new to old server: ifconfig (OLD server, bare metal): ix0: flags=3D8843 metric = 0 mtu 1500 = options=3De407bb ifconfig (NEW server, cloud instance): vtnet0: flags=3D8843 = metric 0 mtu 1500 = options=3D6c07bb Immediately after booting of NEW (test file has 10 MB) I do observe the = following: #) scp OLD to NEW via ssh/internet: 16.7 MB/s #) scp NEW to OLD via ssh/internet: 17.4 MB/s #) scp NEW to OLD via IPsec tunnel: -> 65.8 KB/s ! #) scp OLD to NEW via IPsec tunnel: 16.5 MB/s Now I do a "ifconfig vtnet0 mtu 1500 up" and can observe very similar = performance. *BUT* if I do a "ifconfig vtnet0 mtu 1450 up ; ifconfig vtnet0 mtu 1500 = up" I do observe: #) scp NEW to OLD via IPsec tunnel: 17.1 MB/s ! #) scp OLD to NEW via IPsec tunnel: 16.9 MB/s I did monitor "tcpdump -i ix0 -vv esp" at the OLD sever and do get many: 16:22:24.370486 IP (tos 0x8, ttl 64, id 17394, offset 0, flags = [none], proto ESP (50), \ length 140, bad cksum 0 (->b110)!) "OLD" > "NEW": ESP(spi=3D0x0d83dae4,seq=3D0x3a8d9a), length = 120 At the NEW server I do not observe those checksum errors at all. *BUT* I = do see these error even after regaining full performance by modifying = the MTU from 1500 to 1450 and back to 1500! Well, I do have to admit that I do not have enough knowledge about = networking to find out by myself what to debug/modify next. Any help is highly appreciated. Thanks in advance, Michael From owner-freebsd-net@freebsd.org Sun Dec 10 17:35:30 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D5373E91EE5 for ; Sun, 10 Dec 2017 17:35:30 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0C5A678AC3 for ; Sun, 10 Dec 2017 17:35:29 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBAHZ5rr097419 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 10 Dec 2017 18:35:06 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: trashcan@ellael.org Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id vBAHZ0iS007513 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 11 Dec 2017 00:35:00 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: [IPsec] Weird performance issue via IPsec/racoon tunnel To: Michael Grimm , freebsd-net@FreeBSD.org References: <7A6EF712-920E-40BF-B155-113EE6C00AEA@ellael.org> From: Eugene Grosbein Message-ID: <5A2D703F.8040004@grosbein.net> Date: Mon, 11 Dec 2017 00:34:55 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: <7A6EF712-920E-40BF-B155-113EE6C00AEA@ellael.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS * 2.6 LOCAL_FROM From my domains X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 17:35:31 -0000 10.12.2017 23:55, Michael Grimm wrote: > Hi > > I do run an IPsec/racoon tunnel between two servers (11.1-STABLE #0 r326663). Some days ago I did migrate one of my servers from bare metal to a public cloud instance. Now I do observe weird performance issues from new to old server: > > ifconfig (OLD server, bare metal): > ix0: flags=8843 metric 0 mtu 1500 > options=e407bb TSO4,TSO6,LRO,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> > > ifconfig (NEW server, cloud instance): > vtnet0: flags=8843 metric 0 mtu 1500 > options=6c07bb TSO4,TSO6,LRO,VLAN_HWTSO,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> > > Immediately after booting of NEW (test file has 10 MB) I do observe the following: > > #) scp OLD to NEW via ssh/internet: 16.7 MB/s > #) scp NEW to OLD via ssh/internet: 17.4 MB/s > #) scp NEW to OLD via IPsec tunnel: -> 65.8 KB/s ! > #) scp OLD to NEW via IPsec tunnel: 16.5 MB/s > > Now I do a "ifconfig vtnet0 mtu 1500 up" and can observe very similar performance. > > *BUT* if I do a "ifconfig vtnet0 mtu 1450 up ; ifconfig vtnet0 mtu 1500 up" I do observe: > > #) scp NEW to OLD via IPsec tunnel: 17.1 MB/s ! > #) scp OLD to NEW via IPsec tunnel: 16.9 MB/s > > I did monitor "tcpdump -i ix0 -vv esp" at the OLD sever and do get many: > > 16:22:24.370486 IP (tos 0x8, ttl 64, id 17394, offset 0, flags [none], proto ESP (50), \ > length 140, bad cksum 0 (->b110)!) > "OLD" > "NEW": ESP(spi=0x0d83dae4,seq=0x3a8d9a), length 120 > > At the NEW server I do not observe those checksum errors at all. *BUT* I do see these error even after regaining full performance by modifying the MTU from 1500 to 1450 and back to 1500! > > Well, I do have to admit that I do not have enough knowledge about networking to find out by myself what to debug/modify next. > > Any help is highly appreciated. "bad cksum 0" is pretty normal for traffic going out via interface supporting hardware checksum offload, so kernel skips computing checksum before passing packets to the NIC. Your problem more likely is due to fragmented ESP packets. It's not uncommon when cloud IP stack or ISP infrastructure drop high percentage of fragmented ESP packets because they are not optimized for such packets, e.g. router has to process them in software instead of hardware like non-fragmented packets are processed. When you lower MTU of vtnet enough to make encapsulated packets (payload+overhead) <=1500 bytes, resulted ESP packets have not be fragmented and pass just fine. To verify if it's your case, you should run two tcpdump commands, one at sending side and another at receiving size and compare outputs to see if *every* outgoing packet reaches its destination or not. From owner-freebsd-net@freebsd.org Sun Dec 10 18:01:19 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D66E5E93367 for ; Sun, 10 Dec 2017 18:01:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C41197A534 for ; Sun, 10 Dec 2017 18:01:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAI1JXm014035 for ; Sun, 10 Dec 2017 18:01:19 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 18:01:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: cem@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 18:01:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #9 from Conrad Meyer --- @Michael, one other thing to consider is that Shreesh is running i386, which uses a smaller KSTACK_PAGES default (2) than amd64 (4). Double fault is consistent with overrunning the end of the stack. It's possible there is a large stack buffer somewhere in SCTP causing the crash. (Or maybe 2 pages = just isn't enough anymore for i386 -- words and pointers are half size compared = to amd64, but not buffers or fixed-width integers.) You might try bringing up an i386 VM and reproing there, if you aren't alre= ady. @Shreesh, Is your machine amd64-capable? If so, you might try to reproduce= the issue on an amd64 installation. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 19:08:49 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 84A77E96D80 for ; Sun, 10 Dec 2017 19:08:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7301F7D0CD for ; Sun, 10 Dec 2017 19:08:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAJ8mba091183 for ; Sun, 10 Dec 2017 19:08:49 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 19:08:49 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: eugen@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status cc see_also Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 19:08:49 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 Eugene Grosbein changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Open CC| |eugen@freebsd.org See Also| |https://bugs.freebsd.org/bu | |gzilla/show_bug.cgi?id=3D2= 194 | |76 --- Comment #10 from Eugene Grosbein --- I agree with Conrad. Please add to your /boot/loader.conf: kern.kstack_pages=3D4 Then reboot, try to reproduce the problem and report back. See also https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D219476 --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 19:54:25 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6E2B2E993ED for ; Sun, 10 Dec 2017 19:54:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D0B67FC94 for ; Sun, 10 Dec 2017 19:54:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAJsOMo001374 for ; Sun, 10 Dec 2017 19:54:25 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 19:54:25 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 19:54:25 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #11 from Shreesh Holla --- (In reply to Eugene Grosbein from comment #10) Yes. This did do the trick. Adding to loader.conf as Eugene suggested. Also @Michael - as a FYI - I am using global IPV6 addresses. That bug that Eugene actually seemed to say it very clearly too. I guess one comment I have is wrt i386 have page numbers as 2 @Conrad. Unle= ss there is a good reason to keep that - would it not be better to sync it with amd64 number? Unless it is tuned down to accommodate lower end devices. But= , if thats the case at least this scenario wrt SCTP may be unusable on such devi= ces. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 19:54:53 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1BAD7E99467 for ; Sun, 10 Dec 2017 19:54:53 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net [91.121.41.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DD55B7FD4F for ; Sun, 10 Dec 2017 19:54:52 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from [IPv6:2003:8c:2e67:d601:d8dd:c75a:db8c:227a] (p2003008C2E67D601D8DDC75ADB8C227A.dip0.t-ipconnect.de [IPv6:2003:8c:2e67:d601:d8dd:c75a:db8c:227a]) by mx1.enfer-du-nord.net (Postfix) with ESMTPSA id 3yvxcz1Txcz7t9; Sun, 10 Dec 2017 20:54:43 +0100 (CET) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 11.1 \(3445.4.7\)) Subject: Re: [IPsec] Weird performance issue via IPsec/racoon tunnel From: Michael Grimm In-Reply-To: <5A2D703F.8040004@grosbein.net> Date: Sun, 10 Dec 2017 20:54:42 +0100 Cc: Eugene Grosbein Content-Transfer-Encoding: quoted-printable Message-Id: <3B480730-FF34-45B8-8636-9FCD4E97A2B9@ellael.org> References: <7A6EF712-920E-40BF-B155-113EE6C00AEA@ellael.org> <5A2D703F.8040004@grosbein.net> To: freebsd-net@FreeBSD.org X-Virus-Scanned: clamav-milter 0.99.2 at mail X-Virus-Status: Clean X-Mailer: Apple Mail (2.3445.4.7) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 19:54:53 -0000 Eugene Grosbein wrote: > 10.12.2017 23:55, Michael Grimm wrote: > "bad cksum 0" is pretty normal for traffic going out via interface = supporting hardware checksum offload, > so kernel skips computing checksum before passing packets to the NIC. Ok, good to know. > Your problem more likely is due to fragmented ESP packets. > It's not uncommon when cloud IP stack or ISP infrastructure drop high = percentage > of fragmented ESP packets because they are not optimized for such = packets, > e.g. router has to process them in software instead of hardware > like non-fragmented packets are processed. Thank you for this explanation.=20 I did already lower MTU: If I do configure vtnet0 to a MTU of 1490 at = boot time I do not not notice a performance loss compared to the default = 1500 setting. >> *BUT* if I do a "ifconfig vtnet0 mtu 1450 up ; ifconfig vtnet0 mtu = 1500 up" I do observe: >>=20 >> #) scp NEW to OLD via IPsec tunnel: 17.1 MB/s ! >> #) scp OLD to NEW via IPsec tunnel: 16.9 MB/s *BUT* if I do boot with the default 1500 setting, changing the MTU to = e.g. 1450 and *immediately* back to 1500 manually, I do not encounter = any performance loss at all. Why? Even when booting 1490 and immediately = setting the MTU manually to 1500 I do not see any performance loss. = Strange. > When you lower MTU of vtnet enough to make encapsulated packets = (payload+overhead) <=3D1500 bytes, > resulted ESP packets have not be fragmented and pass just fine. I will keep the MTU at 1490 and monitor that server for the time being. > To verify if it's your case, you should run two tcpdump commands, > one at sending side and another at receiving size=20 > and compare outputs to see if *every* outgoing packet reaches its = destination or not. Hmm, how would one check that? The output is to fast for me ;-) = Seriously, how should one check this? Thanks for your help, Michael From owner-freebsd-net@freebsd.org Sun Dec 10 20:04:48 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A41D5E99BFC for ; Sun, 10 Dec 2017 20:04:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 914B78071A for ; Sun, 10 Dec 2017 20:04:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAK4mop029854 for ; Sun, 10 Dec 2017 20:04:48 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 20:04:48 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: cem@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 20:04:48 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #12 from Conrad Meyer --- (In reply to Shreesh Holla from comment #11) Well, pointers and native words *are* smaller on i386, so it isn't totally unreasonable for the stack size to be smaller than amd64. Also, i386-only devices tend to be older and have smaller amounts of memory available. I think the long term solution is fixing the SCTP (and other) code to not u= se so much stack memory. However, bumping KSTACK_PAGES to maybe 3 by default = on i386 could be reasonable. I don't remember the resolution of the last argu= ment about KSTACK_PAGES on x86 :-). --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 20:06:34 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74FDCE99CE2 for ; Sun, 10 Dec 2017 20:06:34 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id E91BE807F0 for ; Sun, 10 Dec 2017 20:06:33 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBAK6Rhj098418 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 10 Dec 2017 21:06:28 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: trashcan@ellael.org Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id vBAK6NJj050819 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 11 Dec 2017 03:06:23 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: [IPsec] Weird performance issue via IPsec/racoon tunnel To: Michael Grimm , freebsd-net@FreeBSD.org References: <7A6EF712-920E-40BF-B155-113EE6C00AEA@ellael.org> <5A2D703F.8040004@grosbein.net> <3B480730-FF34-45B8-8636-9FCD4E97A2B9@ellael.org> From: Eugene Grosbein Message-ID: <5A2D93BA.9020709@grosbein.net> Date: Mon, 11 Dec 2017 03:06:18 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: <3B480730-FF34-45B8-8636-9FCD4E97A2B9@ellael.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS * 2.6 LOCAL_FROM From my domains X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 20:06:34 -0000 11.12.2017 2:54, Michael Grimm wrote: > I did already lower MTU: If I do configure vtnet0 to a MTU of 1490 at boot time I do not not notice a performance loss compared to the default 1500 setting. > >>> *BUT* if I do a "ifconfig vtnet0 mtu 1450 up ; ifconfig vtnet0 mtu 1500 up" I do observe: >>> >>> #) scp NEW to OLD via IPsec tunnel: 17.1 MB/s ! >>> #) scp OLD to NEW via IPsec tunnel: 16.9 MB/s > > > *BUT* if I do boot with the default 1500 setting, > changing the MTU to e.g. 1450 and *immediately* back to 1500 manually, > I do not encounter any performance loss at all. Why? > Even when booting 1490 and immediately setting the MTU manually to 1500 I do not see any performance loss. Strange. Interface MTU is used to assing 'mtu' attribute to corresponding route in the system routing table. Lowering interface MTU lowers route mtu, but raising interface MTU does *not* raises route mtu, use "route -n get" command to check it out. So, you still use low mtu really. >> To verify if it's your case, you should run two tcpdump commands, >> one at sending side and another at receiving size >> and compare outputs to see if *every* outgoing packet reaches its destination or not. > > Hmm, how would one check that? The output is to fast for me ;-) Seriously, how should one check this? With your eyes :-) Use tcpdump -c flag to limit number of lines, redirect output to a file and carefully compare some packets using their ID that tcpshow shows. From owner-freebsd-net@freebsd.org Sun Dec 10 20:10:15 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A2902E9A014 for ; Sun, 10 Dec 2017 20:10:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90CF880BEE for ; Sun, 10 Dec 2017 20:10:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAKAF0q037135 for ; Sun, 10 Dec 2017 20:10:15 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 20:10:15 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: eugen@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 20:10:15 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #13 from Eugene Grosbein --- There are no reasons to keep kstack_pages<4 for i386 with exception of very specific load pattern when you have enormous number of threads in the syste= m. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 20:20:31 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C3EACE9A575 for ; Sun, 10 Dec 2017 20:20:31 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net [IPv6:2001:41d0:d:3049:1:1:0:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8FEC41244 for ; Sun, 10 Dec 2017 20:20:31 +0000 (UTC) (envelope-from trashcan@ellael.org) Received: from [IPv6:2003:8c:2e67:d601:d8dd:c75a:db8c:227a] (p2003008C2E67D601D8DDC75ADB8C227A.dip0.t-ipconnect.de [IPv6:2003:8c:2e67:d601:d8dd:c75a:db8c:227a]) by mx1.enfer-du-nord.net (Postfix) with ESMTPSA id 3yvyBh6DTSzT8w; Sun, 10 Dec 2017 21:20:28 +0100 (CET) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 11.1 \(3445.4.7\)) Subject: Re: [IPsec] Weird performance issue via IPsec/racoon tunnel From: Michael Grimm In-Reply-To: <5A2D93BA.9020709@grosbein.net> Date: Sun, 10 Dec 2017 21:20:26 +0100 Cc: freebsd-net@FreeBSD.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <7A6EF712-920E-40BF-B155-113EE6C00AEA@ellael.org> <5A2D703F.8040004@grosbein.net> <3B480730-FF34-45B8-8636-9FCD4E97A2B9@ellael.org> <5A2D93BA.9020709@grosbein.net> To: Eugene Grosbein X-Virus-Scanned: clamav-milter 0.99.2 at mail X-Virus-Status: Clean X-Mailer: Apple Mail (2.3445.4.7) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 20:20:31 -0000 Eugene Grosbein wrote: > 11.12.2017 2:54, Michael Grimm wrote: >> *BUT* if I do boot with the default 1500 setting, >> changing the MTU to e.g. 1450 and *immediately* back to 1500 = manually, >> I do not encounter any performance loss at all. Why? >> Even when booting 1490 and immediately setting the MTU manually to = 1500 I do not see any performance loss. Strange. >=20 > Interface MTU is used to assing 'mtu' attribute to corresponding route = in the system routing table. > Lowering interface MTU lowers route mtu, but raising interface MTU = does *not* raises route mtu, > use "route -n get" command to check it out. So, you still use low mtu = really. Bingo!=20 NEW> ifconfig vtnet0 vtnet0: flags=3D8843 = metric 0 mtu 1490 NEW> route -n get freebsd.org ... recvpipe sendpipe ssthresh rtt,msec mtu weight = expire 0 0 0 0 1490 1 = 0=20 NEW> ifconfig vtnet0 mtu 1500 up NEW> ifconfig vtnet0 vtnet0: flags=3D8843 = metric 0 mtu 1500 NEW> route -n get spiegel.de ... recvpipe sendpipe ssthresh rtt,msec mtu weight = expire 0 0 0 0 1490 1 = 0=20 I didn't know that. And that explains all my observations. >> Hmm, how would one check that? The output is to fast for me ;-) = Seriously, how should one check this? >=20 > With your eyes :-) Use tcpdump -c flag to limit number of lines, = redirect output to a file > and carefully compare some packets using their ID that tcpshow shows. Ok. I will do that at some later time ;-) I'd like to thank you again for your input and with kind regards, Michael From owner-freebsd-net@freebsd.org Sun Dec 10 20:35:06 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B93D8E9B0D4 for ; Sun, 10 Dec 2017 20:35:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A7F021FB2 for ; Sun, 10 Dec 2017 20:35:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAKZ64O001480 for ; Sun, 10 Dec 2017 20:35:06 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 20:35:06 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 20:35:06 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #14 from Shreesh Holla --- (In reply to Conrad Meyer from comment #12) @conrad - I see what you mean since i386 =3D> 32 bit. And yes definitely fi= xing the SCTP stack to not use that much stack is the right one. From what I saw= it was right away and likely it uses a lot of stack for each stream and maybe = each association. Dont know the implementation - but difficult to break that nee= d. But as @Eugene said there is no requirement to keep it less than 4.=20 My opinion is that the default is changed to 3 or 4. And systems that are l= ower end can configure for lower numbers knowing that things like IpV6+SCTP will= not work. Assuming they dont need to use SCTP. This way the OS is generally usa= ble in such a specific situation? I mean I think this is a security situation s= ince it seems real easy to bring down a machine with this issue currently. Seems like a more critical issue than that ICMPV6 issue of a while back. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 22:26:16 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B89ECE9F0C5 for ; Sun, 10 Dec 2017 22:26:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A485665CC6 for ; Sun, 10 Dec 2017 22:26:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAMQGTc028551 for ; Sun, 10 Dec 2017 22:26:16 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 22:26:16 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 22:26:16 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #15 from Michael Tuexen --- OK, so it is a problem in i386. Haven't tested that for ages... One problem= we ran into in the past was that the stack grew due to inline compilation. Not sure what is the case here. I can try to nail that down. Will report back. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Dec 10 22:53:19 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 39335E9FF75 for ; Sun, 10 Dec 2017 22:53:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1EDB866CCD for ; Sun, 10 Dec 2017 22:53:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBAMrIgD093873 for ; Sun, 10 Dec 2017 22:53:18 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Sun, 10 Dec 2017 22:53:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: cem@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Dec 2017 22:53:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #16 from Conrad Meyer --- (In reply to Eugene Grosbein from comment #13) (In reply to Shreesh Holla from comment #14) Yeah, just bumping i386 KSTACK_PAGES will at least give parity with amd64.= =20 That's reasonable. It seems kind of absurd we knowingly ship a broken ZFS = on i386 (see UPDATING's reference to KSTACK_PAGES). If people are concerned about a KSTACK_PAGES=3D2 architecture "keeping us honest," they are free to set KSTACK_PAGES=3D2 on their own amd64 systems' configuration, rather than inflicting the pain upon i386 users. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 00:53:56 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C062E811BB for ; Mon, 11 Dec 2017 00:53:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 599596A78D for ; Mon, 11 Dec 2017 00:53:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBB0rtTr027086 for ; Mon, 11 Dec 2017 00:53:56 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Mon, 11 Dec 2017 00:53:56 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 00:53:56 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #17 from Shreesh Holla --- (In reply to Conrad Meyer from comment #16) I agree with @eugene. The generally accepted case should just work. And spe= cial configurations are well special configurations and they can tune accordingl= y. @michael - so possibly a inlining issue. Ugh! Anyway - will await what you find. The interesting thing I thought was this seems to be an issue only at connection time. I did some tests here and exchanged ~1MB of real data and = no issues. But thats with the new KSTACK_PAGES setting --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 04:33:02 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9336DE857CA for ; Mon, 11 Dec 2017 04:33:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8149C70AD9 for ; Mon, 11 Dec 2017 04:33:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBB4X26L030452 for ; Mon, 11 Dec 2017 04:33:02 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Mon, 11 Dec 2017 04:33:02 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 04:33:02 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #18 from commit-hook@freebsd.org --- A commit references this bug: Author: cem Date: Mon Dec 11 04:32:37 UTC 2017 New revision: 326758 URL: https://svnweb.freebsd.org/changeset/base/326758 Log: i386: Bump KSTACK_PAGES default to match amd64 Logically, extend r286288 to cover all threads, by default. The world has largely moved on from i386. Most FreeBSD users and develop= ers test on amd64 hardware. For better or worse, we have written a non-trivi= al amount of kernel code that relies on stacks larger than 8 kB, and it "just works" on amd64, so there has been little incentive to shrink it. amd64 had its KSTACK_PAGES bumped to 4 back in Peter's initial AMD64 comm= it, r114349, in 2003. Since that time, i386 has limped along on a stack half the size. We've even observed the stack overflows years ago, but neglect= ed to fix the issue; see the 20121223 and 20150728 entries in UPDATING. If anyone is concerned with this change, I suggest they configure their AMD64 kernels with KSTACK_PAGES 2 and fix the fallout there first. Eugene has identified a list of high stack usage functions in the first PR below. PR: 219476, 224218 Reported by: eugen@, Shreesh Holla Relnotes: maybe Sponsored by: Dell EMC Isilon Changes: head/sys/i386/conf/NOTES head/sys/i386/include/param.h --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 11:10:34 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AA627E8E7C6 for ; Mon, 11 Dec 2017 11:10:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 97E8180BEC for ; Mon, 11 Dec 2017 11:10:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBBAXHB025281 for ; Mon, 11 Dec 2017 11:10:34 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 221530] if_ixl: add a way to disable/enable lldp handling by the NIC Date: Mon, 11 Dec 2017 11:10:34 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: IntelNetworking, patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: krzysztof.galazka@intel.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 11:10:34 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221530 Krzysztof Galazka changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |krzysztof.galazka@intel.com --- Comment #4 from Krzysztof Galazka --- New version of the driver, which has been published here: https://downloadcenter.intel.com/download/25160/Ethernet-Intel-Network-Adap= ter-Driver-for-PCIe-40-Gigabit-Ethernet-Network-Connection-under-FreeBSD- has this feature implemented. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 15:32:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2143FE95547 for ; Mon, 11 Dec 2017 15:32:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DC2C76A9D5 for ; Mon, 11 Dec 2017 15:31:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBFVxwg094405 for ; Mon, 11 Dec 2017 15:31:59 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 221530] if_ixl: add a way to disable/enable lldp handling by the NIC Date: Mon, 11 Dec 2017 15:31:59 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: IntelNetworking, patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: nikita@elyzion.net X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 15:32:00 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221530 --- Comment #5 from Nikita Kozlov --- Thanks, I will try that when I will have some time ! --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 18:24:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8C032E99DC2 for ; Mon, 11 Dec 2017 18:24:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 789FD71FCE for ; Mon, 11 Dec 2017 18:24:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBIO0p3060685 for ; Mon, 11 Dec 2017 18:24:00 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Mon, 11 Dec 2017 18:24:00 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 18:24:00 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #19 from Michael Tuexen --- OK, I setup a Release 11.1 i386 VM and a HEAD i386 VM and installed nmap. U= sing ncat --sctp -l IPv6_address on these VMs I can NOT reproduce the issue. I u= sed ::1 and a client on the same VM, used a global IPv6 address and a remote FreeBSD head and a remote Linux (recent Ubuntu) system and I can establish = the SCTP association, transfer data in both directions and tear the association down. I verified this using tcpdump. There must be another parameter in the game... --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 18:42:59 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 555A0E9A7E2 for ; Mon, 11 Dec 2017 18:42:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 42CFD73138 for ; Mon, 11 Dec 2017 18:42:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBIgxou006854 for ; Mon, 11 Dec 2017 18:42:59 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224247] RFC 6980 requires to drop fragmented IPv6 neighbour discovery Date: Mon, 11 Dec 2017 18:42:59 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: cem@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 18:42:59 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 Conrad Meyer changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cem@freebsd.org Assignee|freebsd-bugs@FreeBSD.org |freebsd-net@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 18:43:25 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 53A76E9A8C5 for ; Mon, 11 Dec 2017 18:43:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 417B373242 for ; Mon, 11 Dec 2017 18:43:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBIhP3V007556 for ; Mon, 11 Dec 2017 18:43:25 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224247] [patch] RFC 6980 requires to drop fragmented IPv6 neighbour discovery Date: Mon, 11 Dec 2017 18:43:25 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: cem@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: short_desc keywords Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 18:43:25 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 Conrad Meyer changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|RFC 6980 requires to drop |[patch] RFC 6980 requires |fragmented IPv6 neighbour |to drop fragmented IPv6 |discovery |neighbour discovery Keywords| |patch --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 18:54:52 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 62EA9E9ADB4 for ; Mon, 11 Dec 2017 18:54:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 51CA773AFC for ; Mon, 11 Dec 2017 18:54:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBIsqM9036812 for ; Mon, 11 Dec 2017 18:54:52 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Mon, 11 Dec 2017 18:54:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 18:54:52 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #20 from Shreesh Holla --- (In reply to Michael Tuexen from comment #19) That's strange. That's exactly what I did for the panic. So maybe there is something else on my systems. I am using vm's too of vmware desktop. I will= try to revert my changes later today and see if I can figure out what else is involved --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 20:10:29 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 78ECDE9CFC7 for ; Mon, 11 Dec 2017 20:10:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 66FBD76A48 for ; Mon, 11 Dec 2017 20:10:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBKATxT020691 for ; Mon, 11 Dec 2017 20:10:29 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Mon, 11 Dec 2017 20:10:29 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 20:10:29 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #21 from Michael Tuexen --- I'm using VMWare Fusion. The VM uses a single processor core and 256MB of R= AM. I installed FreeBSD from FreeBSD-11.1-RELEASE-i386-dvd1.iso. Let me know what you find... --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Dec 11 20:50:52 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C1D2E9E3D4 for ; Mon, 11 Dec 2017 20:50:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5A366789B0 for ; Mon, 11 Dec 2017 20:50:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBBKopIg017223 for ; Mon, 11 Dec 2017 20:50:52 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224247] [patch] RFC 6980 requires to drop fragmented IPv6 neighbour discovery Date: Mon, 11 Dec 2017 20:50:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Dec 2017 20:50:52 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 Kristof Provost changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kp@freebsd.org --- Comment #2 from Kristof Provost --- pf also does reassemble of IPv6 packets (see pf_reassemble6()), so that wou= ld also need a 'm->m_flags |=3D M_REASSEMBLED;'. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Dec 12 02:32:06 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 67A4CE878CC for ; Tue, 12 Dec 2017 02:32:06 +0000 (UTC) (envelope-from thomas@gibfest.dk) Received: from mail.tyknet.dk (mail.tyknet.dk [IPv6:2a01:4f8:201:2327:144:76:253:226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2F43D65C31 for ; Tue, 12 Dec 2017 02:32:06 +0000 (UTC) (envelope-from thomas@gibfest.dk) Received: from [10.137.3.13] (217.71.4.82.static.router4.bolignet.dk [217.71.4.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.tyknet.dk (Postfix) with ESMTPSA id 115B3BA1E57 for ; Tue, 12 Dec 2017 02:31:56 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.10.3 mail.tyknet.dk 115B3BA1E57 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gibfest.dk; s=default; t=1513045916; bh=JMR76yXoUWPMOB8QqZ8XVjWaNuXE3/jBDukpR61xOik=; h=To:From:Subject:Date; b=gQxBxqLvpgo108JULNcxffKYHQ2nHM++k5lV9CXo7bye9sS1d6ZPmd9xDeVMt4TyU CJzxyYSupt3hWV7Hscq9GQo+dm8qyoIoptu2NhkY+T3UEKig9y3DPbtuMoKh85Rxdv Pk++S6eaq16foTpP9Bqw8xkkBeOgJNC/1KuVTui/VntxcBKA26Bv5P+nvEH2+t5/Rl hRDxbiTTraogS57pn+7y/MttLoeq5tZ4KRqowZ/TxGNKq+cYvgvCch5c6jDdzfPLSB kP18Rp+GshGjmF79AZH4E0ttzOm2iSU+KGEDPLw73pCmy31UzPCRk8O/fbvqJPupm/ coe5MWtwa6mVQ== To: freebsd-net@freebsd.org From: Thomas Steen Rasmussen Subject: Changes to route(8) or routing between r325235 and r326782? Message-ID: Date: Tue, 12 Dec 2017 03:31:55 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 02:32:06 -0000 Hello list :) "Something" which changes how routing works has landed in 11-STABLE between r325235 and r326782. Until now I have had a script which deletes routing table entries which point to lo0, in order to keep traffic from "shortcutting" over lo0, to make it possible to use pf to filter traffic between jails. This script has worked for years, but has now stopped working after upgrading from r325235 to r326782. Can someone enlighten me as to what changed, and why? Background/example: I add 185.96.180.10/32 as an alias on an interface, lagg0.1171. This creates two routing table entries: 185.96.180.10      link#11            UHS         lo0 185.96.180.10/32   link#11            U      lagg0.1171 If I leave this as-is the traffic from other jails use lo0 to reach 185.96.180.10 meaning they bypass pf entirely. To avoid this I simply delete the route on lo0, which makes stuff behave as I would expect - traffic to 185.96.180.10 goes via lagg0.1171 meaning I can filter in pf as needed. After upgrading to r326782 I get the following error when trying to delete the lo0 entry (I have an rc.d script to do it): $ sudo route delete 185.96.180.10 route: writing to routing socket: Address already in use delete host 185.96.180.10 fib 0: gateway uses the same route $ What gives? What do I do now? :) Thanks! Best regards Thomas Steen Rasmussen From owner-freebsd-net@freebsd.org Tue Dec 12 03:01:21 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7B05AE8919D for ; Tue, 12 Dec 2017 03:01:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 675B56790F for ; Tue, 12 Dec 2017 03:01:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBC31KZG088213 for ; Tue, 12 Dec 2017 03:01:21 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Tue, 12 Dec 2017 03:01:21 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hshreesh@yahoo.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 03:01:21 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #22 from Shreesh Holla --- (In reply to Michael Tuexen from comment #21) Here is what I may have which just be causing it. I backed out my change fr= om loader.conf and it went into panic immediately when I made an sctp connecti= on. I do have Vmware tools installed on both. Also running in GUI mode i.e. Fre= eBSD host is running gnome. Apart from that cant see any major differences. If y= ou are still unable to reproduce, then I will re-try with a fresh install of b= oth FreeBSD and Ubuntu --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Dec 12 05:44:23 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 68A7CE8E38D for ; Tue, 12 Dec 2017 05:44:23 +0000 (UTC) (envelope-from jamie@catflap.org) Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [IPv6:2001:19f0:300:2185:a:dead:bad:faff]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3492E6D418 for ; Tue, 12 Dec 2017 05:44:23 +0000 (UTC) (envelope-from jamie@catflap.org) Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [104.207.135.49]) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5) with ESMTP id vBC5iL7U012158; Tue, 12 Dec 2017 05:44:21 GMT (envelope-from jamie@donotpassgo.dyslexicfish.net) Received: (from jamie@localhost) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5/Submit) id vBC5iJvL012149; Tue, 12 Dec 2017 05:44:19 GMT (envelope-from jamie) From: Jamie Landeg-Jones Message-Id: <201712120544.vBC5iJvL012149@donotpassgo.dyslexicfish.net> Date: Tue, 12 Dec 2017 05:44:18 +0000 Organization: Dyslexic Fish To: thomas@gibfest.dk, freebsd-net@freebsd.org Cc: eugen@grosbein.net Subject: Re: Changes to route(8) or routing between r325235 and r326782? References: In-Reply-To: User-Agent: Heirloom mailx 12.4 7/29/08 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (donotpassgo.dyslexicfish.net [104.207.135.49]); Tue, 12 Dec 2017 05:44:21 +0000 (GMT) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 05:44:23 -0000 Thomas Steen Rasmussen wrote: > $ sudo route delete 185.96.180.10 > route: writing to routing socket: Address already in use > delete host 185.96.180.10 fib 0: gateway uses the same route I think this is the cause: https://reviews.freebsd.org/D12747 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223129 cheers, jamie From owner-freebsd-net@freebsd.org Tue Dec 12 07:57:02 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 01331E90C77 for ; Tue, 12 Dec 2017 07:57:02 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 8EE0270EF5 for ; Tue, 12 Dec 2017 07:57:00 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBC7usiD013726 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 08:56:55 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: thomas@gibfest.dk Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBC7uoLO094395; Tue, 12 Dec 2017 14:56:50 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: Thomas Steen Rasmussen , freebsd-net@freebsd.org References: From: Eugene Grosbein Message-ID: <5A2F8BC2.6000105@grosbein.net> Date: Tue, 12 Dec 2017 14:56:50 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 07:57:02 -0000 On 12.12.2017 09:31, Thomas Steen Rasmussen wrote: > After upgrading to r326782 I get the following error when trying to > delete the lo0 entry (I have an rc.d script to do it): > > $ sudo route delete 185.96.180.10 > route: writing to routing socket: Address already in use > delete host 185.96.180.10 fib 0: gateway uses the same route > $ > > What gives? What do I do now? :) You should be using jail+vnet in first place that allows you to get desired behaviour by assigning an interface to distinct jail. Take a look at jail(8) manual page for vnet and vnet.interface parameters. From owner-freebsd-net@freebsd.org Tue Dec 12 09:44:53 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DEB5FE92E4B for ; Tue, 12 Dec 2017 09:44:53 +0000 (UTC) (envelope-from thomas@gibfest.dk) Received: from mail.tyknet.dk (mail.tyknet.dk [144.76.253.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A0F90741CD for ; Tue, 12 Dec 2017 09:44:53 +0000 (UTC) (envelope-from thomas@gibfest.dk) Received: from [10.137.3.13] (217.71.4.82.static.router4.bolignet.dk [217.71.4.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.tyknet.dk (Postfix) with ESMTPSA id BCB06BA0540; Tue, 12 Dec 2017 09:44:49 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.10.3 mail.tyknet.dk BCB06BA0540 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gibfest.dk; s=default; t=1513071889; bh=6ig1DOX1bJVBH0JSSSAqBPwoWAIdGkP96parCMNAN6A=; h=Subject:To:References:From:Date:In-Reply-To; b=ui3cRii759Ggy7ur0gcJI29R2FcL1+jeJpBrAdaW8ZGxYADuPudxTbDDyNxfVV/0D X/JHYqtcHkNFgcJAcV2m9xRqIi/xbyUUIN2W3bCdwLdyoN0eMeQoctpP4/LyyBpk7x eUaSPTDvxeIjUUjrz/tFEaNX2JgiFyFtjRAxw8gSEzbynFJ4i9a2xBojUa8nyEJ1cR BNHPaGHLdR9kz16JmoqJFOUJvppSwWe4rvDuWx+b054/wtQ1VNt3FLtXRTsWjc3XSi lYp128TwHwToLMSkKj40ugiGxnuqzmR7WkadHqBUjdMru1u+O5DbvvcrEGbi8XhRnM J3gA43HoizaDg== Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: Eugene Grosbein , freebsd-net@freebsd.org References: <5A2F8BC2.6000105@grosbein.net> From: Thomas Steen Rasmussen Message-ID: <2b2e3b28-f29d-b507-cb81-801666ad4ddf@gibfest.dk> Date: Tue, 12 Dec 2017 10:44:49 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: <5A2F8BC2.6000105@grosbein.net> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 09:44:54 -0000 On 12/12/2017 08:56 AM, Eugene Grosbein wrote: > On 12.12.2017 09:31, Thomas Steen Rasmussen wrote: > >> After upgrading to r326782 I get the following error when trying to >> delete the lo0 entry (I have an rc.d script to do it): >> >> $ sudo route delete 185.96.180.10 >> route: writing to routing socket: Address already in use >> delete host 185.96.180.10 fib 0: gateway uses the same route >> $ >> >> What gives? What do I do now? :) > You should be using jail+vnet in first place that allows you to get desired behaviour > by assigning an interface to distinct jail. Take a look at jail(8) manual page > for vnet and vnet.interface parameters. > Hello, Thanks, I am aware of vnet and it's uses. I am looking for the reason why the current method doesn't work anymore. :) Switching 50+ jails over to vnet is not something you "just do", the rewriting of firewall rules alone will be quite a job. I am also pretty curious as to what people have been doing to solve this over the last many years while waiting for vimage to become stable? Have people just not been firewalling between jails? Thanks :) /Thomas From owner-freebsd-net@freebsd.org Tue Dec 12 11:01:32 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4F484E9418C for ; Tue, 12 Dec 2017 11:01:32 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C2F8076239 for ; Tue, 12 Dec 2017 11:01:30 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBCB1MC6015045 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 12:01:22 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: thomas@gibfest.dk Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBCB1FpU043651; Tue, 12 Dec 2017 18:01:15 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: Thomas Steen Rasmussen , freebsd-net@freebsd.org References: <5A2F8BC2.6000105@grosbein.net> <2b2e3b28-f29d-b507-cb81-801666ad4ddf@gibfest.dk> From: Eugene Grosbein X-Enigmail-Draft-Status: N1110 Message-ID: <5A2FB6FB.3020304@grosbein.net> Date: Tue, 12 Dec 2017 18:01:15 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <2b2e3b28-f29d-b507-cb81-801666ad4ddf@gibfest.dk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 11:01:32 -0000 On 12.12.2017 16:44, Thomas Steen Rasmussen wrote: > On 12/12/2017 08:56 AM, Eugene Grosbein wrote: >> On 12.12.2017 09:31, Thomas Steen Rasmussen wrote: >> >>> After upgrading to r326782 I get the following error when trying to >>> delete the lo0 entry (I have an rc.d script to do it): >>> >>> $ sudo route delete 185.96.180.10 >>> route: writing to routing socket: Address already in use >>> delete host 185.96.180.10 fib 0: gateway uses the same route >>> $ >>> >>> What gives? What do I do now? :) >> You should be using jail+vnet in first place that allows you to get desired behaviour >> by assigning an interface to distinct jail. Take a look at jail(8) manual page >> for vnet and vnet.interface parameters. >> > Hello, > > Thanks, I am aware of vnet and it's uses. I am looking for the reason > why the current method doesn't work anymore. :) Loopback routes were not pinned by mistake that lead to kernel's inability to assign new address/prefix to local interface if such prefix was already installed by means of some routing daemon. This broke stable work of parallel tunnels established to same remote network via distinct WAN paths. > Switching 50+ jails over to vnet is not something you "just do", the > rewriting of firewall rules alone will be quite a job. > > I am also pretty curious as to what people have been doing to solve this > over the last many years while waiting for vimage to become stable? Have > people just not been firewalling between jails? I use ipfw for long time for this task. It filters inter-jail traffic over lo0 just fine. From owner-freebsd-net@freebsd.org Tue Dec 12 11:06:06 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1F818E94501 for ; Tue, 12 Dec 2017 11:06:06 +0000 (UTC) (envelope-from crest@rlwinm.de) Received: from mail.rlwinm.de (mail.rlwinm.de [IPv6:2a01:4f8:171:f902::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C71937670D for ; Tue, 12 Dec 2017 11:06:05 +0000 (UTC) (envelope-from crest@rlwinm.de) Received: from crest.bultmann.eu (unknown [IPv6:2a00:c380:c0d5:1:800e:6d0f:1c1c:48f2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.rlwinm.de (Postfix) with ESMTPSA id EEF0745B2 for ; Tue, 12 Dec 2017 11:06:01 +0000 (UTC) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: freebsd-net@freebsd.org References: From: Jan Bramkamp Message-ID: <2c4c5a4a-fd7c-9787-567d-a6e14e780e4c@rlwinm.de> Date: Tue, 12 Dec 2017 12:05:59 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 11:06:06 -0000 On 12.12.17 03:31, Thomas Steen Rasmussen wrote: > Hello list :) > > "Something" which changes how routing works has landed in 11-STABLE > between r325235 and r326782. > > Until now I have had a script which deletes routing table entries which > point to lo0, in order to keep traffic from "shortcutting" over lo0, to > make it possible to use pf to filter traffic between jails. This script > has worked for years, but has now stopped working after upgrading from > r325235 to r326782. Can someone enlighten me as to what changed, and why? > > Background/example: I add 185.96.180.10/32 as an alias on an interface, > lagg0.1171. This creates two routing table entries: > > 185.96.180.10      link#11            UHS         lo0 > 185.96.180.10/32   link#11            U      lagg0.1171 > > If I leave this as-is the traffic from other jails use lo0 to reach > 185.96.180.10 meaning they bypass pf entirely. To avoid this I simply > delete the route on lo0, which makes stuff behave as I would expect - > traffic to 185.96.180.10 goes via lagg0.1171 meaning I can filter in pf > as needed. > > After upgrading to r326782 I get the following error when trying to > delete the lo0 entry (I have an rc.d script to do it): > > $ sudo route delete 185.96.180.10 > route: writing to routing socket: Address already in use > delete host 185.96.180.10 fib 0: gateway uses the same route > $ > > What gives? What do I do now? :) The FreeBSD kernel had a bug that you relied on. The bug got fixed and the fix broke your script. The proper solution is to filter on lo0. I suspect that your pf.conf includes "skip on lo0" replace this by the filtering you want to apply to traffic on lo0. Putting those rules in an anchor block probably will make your ruleset a lot easier to maintain. From owner-freebsd-net@freebsd.org Tue Dec 12 12:13:32 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4CF10E96A88 for ; Tue, 12 Dec 2017 12:13:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 31DF8796FA for ; Tue, 12 Dec 2017 12:13:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBCCDV5v042296 for ; Tue, 12 Dec 2017 12:13:32 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224247] [patch] RFC 6980 requires to drop fragmented IPv6 neighbour discovery Date: Tue, 12 Dec 2017 12:13:32 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: lutz@donnerhacke.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.isobsolete attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 12:13:32 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 lutz@donnerhacke.de changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #188720|0 |1 is obsolete| | --- Comment #3 from lutz@donnerhacke.de --- Created attachment 188749 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D188749&action= =3Dedit Drop malicious packets as required by RFC 6980 --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Dec 12 12:16:21 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 33258E96BD0 for ; Tue, 12 Dec 2017 12:16:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 20E047988D for ; Tue, 12 Dec 2017 12:16:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBCCGKUa049980 for ; Tue, 12 Dec 2017 12:16:20 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224247] [patch] RFC 6980 requires to drop fragmented IPv6 neighbour discovery Date: Tue, 12 Dec 2017 12:16:21 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: lutz@donnerhacke.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 12:16:21 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 --- Comment #4 from lutz@donnerhacke.de --- Thank your for the pointer to functionality duplication in other modules. I moved the flag-setting to the fragment header removal code (which is more appropriate anyway). This code is more likely to be shared by other modules= (in the case of pf, it is used). Furthermore the flag is renamed to be more self explanatory and the code was brushed up to match the existing coding style. Did I miss anything else? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Dec 12 15:03:39 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0B4D0E9B473 for ; Tue, 12 Dec 2017 15:03:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ED91D1191 for ; Tue, 12 Dec 2017 15:03:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBCF3ci6076290 for ; Tue, 12 Dec 2017 15:03:38 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224218] Kernel panic in SCTP/IpV6 server mode Date: Tue, 12 Dec 2017 15:03:38 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 15:03:39 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224218 --- Comment #23 from Michael Tuexen --- (In reply to Shreesh Holla from comment #22) I tried to install gnome3 and xorg according to the FreeBSD handbook, but g= nome doesn't start. It complains about not finding the default font "fixed". I a= lso failed to install the vmware tools, since when trying to follow the instructions given on the VMWare Website, I end up in errors. The instructi= ons for FreeBSD as a GuestOS are also pretty old. Not sure if they still support FreeBSD. As you guess, I'm neither using the GUI on the VMs normally nor I'm using t= he vmware tools... So I can't test your setup, I'm sorry. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Dec 12 15:13:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C40EAE9B84E for ; Tue, 12 Dec 2017 15:13:00 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9D99B16CC for ; Tue, 12 Dec 2017 15:12:59 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBCFCtwK086700; Tue, 12 Dec 2017 07:12:55 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBCFCs1L086699; Tue, 12 Dec 2017 07:12:54 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712121512.vBCFCs1L086699@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <2b2e3b28-f29d-b507-cb81-801666ad4ddf@gibfest.dk> To: Thomas Steen Rasmussen Date: Tue, 12 Dec 2017 07:12:54 -0800 (PST) CC: Eugene Grosbein , freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 15:13:00 -0000 > On 12/12/2017 08:56 AM, Eugene Grosbein wrote: > > On 12.12.2017 09:31, Thomas Steen Rasmussen wrote: > > > >> After upgrading to r326782 I get the following error when trying to > >> delete the lo0 entry (I have an rc.d script to do it): > >> > >> $ sudo route delete 185.96.180.10 > >> route: writing to routing socket: Address already in use > >> delete host 185.96.180.10 fib 0: gateway uses the same route > >> $ > >> > >> What gives? What do I do now? :) > > You should be using jail+vnet in first place that allows you to get desired behaviour > > by assigning an interface to distinct jail. Take a look at jail(8) manual page > > for vnet and vnet.interface parameters. > > > Hello, > > Thanks, I am aware of vnet and it's uses. I am looking for the reason > why the current method doesn't work anymore. :) > Switching 50+ jails over to vnet is not something you "just do", the > rewriting of firewall rules alone will be quite a job. > > I am also pretty curious as to what people have been doing to solve this > over the last many years while waiting for vimage to become stable? Have > people just not been firewalling between jails? The mistake is that the kernel is doing route decisions at all, that is the domain of a daemon and should of never been put in the kernel, for reasons exactly like this. What I have done on all my systems is I comment out all the loopback route code in the kernel and do the proper routing with either OSPF or BGP. find /sys/ | xargs grep maintain_loopback_route mostly can be fixed in net/if.c. This "routing policy" in the kernel just breaks things in so many ways. -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Tue Dec 12 15:15:53 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 33471E9B965 for ; Tue, 12 Dec 2017 15:15:53 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E3DAA1916 for ; Tue, 12 Dec 2017 15:15:52 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBCFFp6B086724; Tue, 12 Dec 2017 07:15:51 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBCFFpng086723; Tue, 12 Dec 2017 07:15:51 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712121515.vBCFFpng086723@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <2c4c5a4a-fd7c-9787-567d-a6e14e780e4c@rlwinm.de> To: Jan Bramkamp Date: Tue, 12 Dec 2017 07:15:51 -0800 (PST) CC: freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 15:15:53 -0000 [ Charset UTF-8 unsupported, converting... ] > On 12.12.17 03:31, Thomas Steen Rasmussen wrote: > > Hello list :) > > > > "Something" which changes how routing works has landed in 11-STABLE > > between r325235 and r326782. > > > > Until now I have had a script which deletes routing table entries which > > point to lo0, in order to keep traffic from "shortcutting" over lo0, to > > make it possible to use pf to filter traffic between jails. This script > > has worked for years, but has now stopped working after upgrading from > > r325235 to r326782. Can someone enlighten me as to what changed, and why? > > > > Background/example: I add 185.96.180.10/32 as an alias on an interface, > > lagg0.1171. This creates two routing table entries: > > > > 185.96.180.10????? link#11??????????? UHS???????? lo0 > > 185.96.180.10/32?? link#11??????????? U????? lagg0.1171 > > > > If I leave this as-is the traffic from other jails use lo0 to reach > > 185.96.180.10 meaning they bypass pf entirely. To avoid this I simply > > delete the route on lo0, which makes stuff behave as I would expect - > > traffic to 185.96.180.10 goes via lagg0.1171 meaning I can filter in pf > > as needed. > > > > After upgrading to r326782 I get the following error when trying to > > delete the lo0 entry (I have an rc.d script to do it): > > > > $ sudo route delete 185.96.180.10 > > route: writing to routing socket: Address already in use > > delete host 185.96.180.10 fib 0: gateway uses the same route > > $ > > > > What gives? What do I do now? :) > > The FreeBSD kernel had a bug that you relied on. The bug got fixed and > the fix broke your script. The proper solution is to filter on lo0. I > suspect that your pf.conf includes "skip on lo0" replace this by the > filtering you want to apply to traffic on lo0. Putting those rules in an > anchor block probably will make your ruleset a lot easier to maintain. The FreeBSD kernel now has a BIGGER bug, it now totally ignores the user's specified routing policy and makes routing policy decissions of its own, thinking that it knows what is best for the user. The whole maintain_loopback_route should be KILLED from the kernel, it is simply the wrong thing to be doing. -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Tue Dec 12 15:44:34 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 18DE8E9C74F for ; Tue, 12 Dec 2017 15:44:34 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A69272EBF for ; Tue, 12 Dec 2017 15:44:33 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBCFiSvv017032 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 16:44:29 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: freebsd-rwg@pdx.rh.CN85.dnsmgr.net Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id vBCFiJh4035658 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 12 Dec 2017 22:44:19 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: "Rodney W. Grimes" , Jan Bramkamp References: <201712121515.vBCFFpng086723@pdx.rh.CN85.dnsmgr.net> Cc: freebsd-net@freebsd.org From: Eugene Grosbein Message-ID: <5A2FF94F.4080404@grosbein.net> Date: Tue, 12 Dec 2017 22:44:15 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: <201712121515.vBCFFpng086723@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 15:44:34 -0000 12.12.2017 22:15, Rodney W. Grimes wrote: > The FreeBSD kernel now has a BIGGER bug, it now totally ignores the > user's specified routing policy and makes routing policy decissions > of its own, thinking that it knows what is best for the user. > > The whole maintain_loopback_route should be KILLED from the kernel, > it is simply the wrong thing to be doing. Only if you can supply alternative way to assign highest priority (administrative distance = 0) for "directly connected" routes. And ability to override dynamically received prefixes with direct interface address assignment. From owner-freebsd-net@freebsd.org Tue Dec 12 18:02:22 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B5FB9EA0A49 for ; Tue, 12 Dec 2017 18:02:22 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7D2C568848 for ; Tue, 12 Dec 2017 18:02:22 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBCI2KFm087492; Tue, 12 Dec 2017 10:02:20 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBCI2KTc087491; Tue, 12 Dec 2017 10:02:20 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712121802.vBCI2KTc087491@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <5A2FF94F.4080404@grosbein.net> To: Eugene Grosbein Date: Tue, 12 Dec 2017 10:02:20 -0800 (PST) CC: Jan Bramkamp , freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 18:02:22 -0000 [ Charset windows-1252 unsupported, converting... ] > 12.12.2017 22:15, Rodney W. Grimes wrote: > > > The FreeBSD kernel now has a BIGGER bug, it now totally ignores the > > user's specified routing policy and makes routing policy decissions > > of its own, thinking that it knows what is best for the user. > > > > The whole maintain_loopback_route should be KILLED from the kernel, > > it is simply the wrong thing to be doing. > > Only if you can supply alternative way to assign highest priority > (administrative distance = 0) for "directly connected" routes. > And ability to override dynamically received prefixes with direct > interface address assignment. This is all done by correctly configured routing daemon running in userland over the route socket. Only being doing that for 25+ years that way, why suddenly does the kernel need to over ride what has already been done and working? If you say it is cause of its harder to filter, then you are breaking everyone else cause you dont want to do something right yourself. -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Tue Dec 12 18:11:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 408CFEA128B for ; Tue, 12 Dec 2017 18:11:00 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C498D691F9 for ; Tue, 12 Dec 2017 18:10:59 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBCIAslZ018081 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 19:10:55 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: freebsd-rwg@pdx.rh.CN85.dnsmgr.net Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBCIAoJO075281; Wed, 13 Dec 2017 01:10:50 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: "Rodney W. Grimes" References: <201712121802.vBCI2KTc087491@pdx.rh.CN85.dnsmgr.net> Cc: Jan Bramkamp , freebsd-net@freebsd.org From: Eugene Grosbein Message-ID: <5A301BAA.8010509@grosbein.net> Date: Wed, 13 Dec 2017 01:10:50 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <201712121802.vBCI2KTc087491@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 18:11:00 -0000 On 13.12.2017 01:02, Rodney W. Grimes wrote: >>> The whole maintain_loopback_route should be KILLED from the kernel, >>> it is simply the wrong thing to be doing. >> >> Only if you can supply alternative way to assign highest priority >> (administrative distance = 0) for "directly connected" routes. >> And ability to override dynamically received prefixes with direct >> interface address assignment. > > This is all done by correctly configured routing daemon > running in userland over the route socket. Do we have such daemon maintaining directly connected routed in the base system? > Only being doing that for 25+ years that way, why suddenly does the > kernel need to over ride what has already been done and working? I cannot speak for 25+ years but I can for 17+ while there was NO way in FreeBSD to assign an address like 192.168.0.1/24 to an interface when such prefix already was installed to the kernel by routing daemon. Pinning loopback prefixes solved this problem at last. From owner-freebsd-net@freebsd.org Tue Dec 12 18:33:35 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 70E00EA2357 for ; Tue, 12 Dec 2017 18:33:35 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 40DF06A841 for ; Tue, 12 Dec 2017 18:33:34 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBCIXX5D087629; Tue, 12 Dec 2017 10:33:33 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBCIXXXf087628; Tue, 12 Dec 2017 10:33:33 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712121833.vBCIXXXf087628@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <5A301BAA.8010509@grosbein.net> To: Eugene Grosbein Date: Tue, 12 Dec 2017 10:33:33 -0800 (PST) CC: Jan Bramkamp , freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 18:33:35 -0000 > On 13.12.2017 01:02, Rodney W. Grimes wrote: > > >>> The whole maintain_loopback_route should be KILLED from the kernel, > >>> it is simply the wrong thing to be doing. > >> > >> Only if you can supply alternative way to assign highest priority > >> (administrative distance = 0) for "directly connected" routes. > >> And ability to override dynamically received prefixes with direct > >> interface address assignment. > > > > This is all done by correctly configured routing daemon > > running in userland over the route socket. > > Do we have such daemon maintaining directly connected routed in the base system? I believe we do, though it uses a fairly rare protocol now a days, called ripv2. man routed Both bird and quagga maintain these routes as well. I believe that openospfd does too. In fact I dont know of a routing daemon that does not try to maintain these. Also why does this need to ba a "in the base system"? Certainly sticking a route decision in the kernel that defeats any attempt to change it makes that pointless anyway. > > > Only being doing that for 25+ years that way, why suddenly does the > > kernel need to over ride what has already been done and working? > > I cannot speak for 25+ years but I can for 17+ while there was NO way > in FreeBSD to assign an address like 192.168.0.1/24 to an interface > when such prefix already was installed to the kernel by routing daemon. That is a differet issue than having the kernel install such routes. And nomally you do NOT need to do that if your routing protocol is doing the right things, as it well see the net interface, recompute its rib and correct the fib > Pinning loopback prefixes solved this problem at last. No, it only breaks people that run real routing protocols like OSPF and BGP. Also fixing one problem only to create others is not the way we should be attacking things, that just leaves sizeof(bugs) at N. You can no longer deny that this creates a problem for someone, as we now have a user that had a working system get borked by these changes. I am no longer a sole, as warner well certainly put it, whiner on this issue. Again, the maintain_loopback_route stuff was added because someone couldnt deal with the fact that you loose all routes via an interface when you down it and then bring it back up. That behavior is what you WANT to happen. Having the kernel magically add routes when an interface comes back up is just bad for a real router. The kernel can not possibly know what my policy is about that route. It now does what someone thinks is the best policy, and that is in direct conflict with what most routing protocols are going to try and do. I do not know of any other system that does this, but then I dont fuss with Linux much. -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Tue Dec 12 19:31:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AE115E818DA for ; Tue, 12 Dec 2017 19:31:00 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: from bizet.nethelp.no (bizet.nethelp.no [IPv6:2001:8c0:9e04:500::1]) by mx1.freebsd.org (Postfix) with ESMTP id 59B416E712 for ; Tue, 12 Dec 2017 19:31:00 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: from localhost (bizet.nethelp.no [IPv6:2001:8c0:9e04:500::1]) by bizet.nethelp.no (Postfix) with ESMTP id 4B405E6074; Tue, 12 Dec 2017 20:30:58 +0100 (CET) Date: Tue, 12 Dec 2017 20:30:58 +0100 (CET) Message-Id: <20171212.203058.74686940.sthaug@nethelp.no> To: freebsd-rwg@pdx.rh.CN85.dnsmgr.net Cc: eugen@grosbein.net, freebsd-net@freebsd.org, crest@rlwinm.de Subject: Re: Changes to route(8) or routing between r325235 and r326782? From: sthaug@nethelp.no In-Reply-To: <201712121833.vBCIXXXf087628@pdx.rh.CN85.dnsmgr.net> References: <5A301BAA.8010509@grosbein.net> <201712121833.vBCIXXXf087628@pdx.rh.CN85.dnsmgr.net> X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 19:31:00 -0000 > > >>> The whole maintain_loopback_route should be KILLED from the kernel, > > >>> it is simply the wrong thing to be doing. > > >> > > >> Only if you can supply alternative way to assign highest priority > > >> (administrative distance = 0) for "directly connected" routes. > > >> And ability to override dynamically received prefixes with direct > > >> interface address assignment. > > > > > > This is all done by correctly configured routing daemon > > > running in userland over the route socket. > > > > Do we have such daemon maintaining directly connected routed in the base system? > > I believe we do, though it uses a fairly rare protocol now a days, > called ripv2. man routed Both bird and quagga maintain these > routes as well. I believe that openospfd does too. In fact > I dont know of a routing daemon that does not try to maintain > these. > > Also why does this need to ba a "in the base system"? Certainly > sticking a route decision in the kernel that defeats any attempt > to change it makes that pointless anyway. Being a router jockey at my daytime job I can symphatize with both views here. - I *expect* that a route pointing out an interface will disappear when that interface goes down, and reappear again when the interface comes back up. This behavior is extremely consistent across all the major router brands. - The standard FreeBSD behavior where a static route (added by a manual "route add -net ...") does *not* reappear when an interface comes back up, simply feels incredibly wrong and inconsistent. But I also want the kernel to handle packet *forwarding*, and not routing policy. I guess I'm looking for a a simplified routed which will handle my static routes and can be turned on with a only an xxx_enable in rc.conf and then basically forgotten. If I want something more complicated (typically BGP) I'll install quagga. Steinar Haug, Nethelp consulting, sthaug@nethelp.no From owner-freebsd-net@freebsd.org Tue Dec 12 19:52:56 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4DCC8E82174 for ; Tue, 12 Dec 2017 19:52:56 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id F07B66F69D for ; Tue, 12 Dec 2017 19:52:55 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBCJqktC018814 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 20:52:46 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: freebsd-rwg@pdx.rh.CN85.dnsmgr.net Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBCJqgVh004566; Wed, 13 Dec 2017 02:52:42 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: "Rodney W. Grimes" References: <201712121833.vBCIXXXf087628@pdx.rh.CN85.dnsmgr.net> Cc: Jan Bramkamp , freebsd-net@freebsd.org From: Eugene Grosbein X-Enigmail-Draft-Status: N1110 Message-ID: <5A30338A.4060500@grosbein.net> Date: Wed, 13 Dec 2017 02:52:42 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <201712121833.vBCIXXXf087628@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 19:52:56 -0000 On 13.12.2017 01:33, Rodney W. Grimes wrote: >>> This is all done by correctly configured routing daemon >>> running in userland over the route socket. >> >> Do we have such daemon maintaining directly connected routed in the base system? > > I believe we do, though it uses a fairly rare protocol now a days, > called ripv2. man routed I've tried to use routed for RIPv2, it was badly broken for very-very long time. Unusable at least since FreeBSD 4.x era. Anyway, you misunderstood my question. Again, in other words: do we have routing daemon installing prefixes of addresses assigned to system interfaces to kernel forwarding database (FIB) in the base system? > Also why does this need to ba a "in the base system"? Because Unix routing machine is supposed to perform static routing out-of-the-box. >> I cannot speak for 25+ years but I can for 17+ while there was NO way >> in FreeBSD to assign an address like 192.168.0.1/24 to an interface >> when such prefix already was installed to the kernel by routing daemon. > > That is a differet issue than having the kernel install such routes. > And nomally you do NOT need to do that if your routing protocol > is doing the right things, as it well see the net interface, recompute > its rib and correct the fib It it pretty normal and routine for system administrator or daemon such as ppp(8) to assign new address to an interface. You cannot say "don't do that". And failure of such basic task is unacceptable. >> Pinning loopback prefixes solved this problem at last. > > No, Yes, it did :-) > it only breaks people that run real routing protocols like > OSPF and BGP. Also fixing one problem only to create others is > not the way we should be attacking things, that just leaves > sizeof(bugs) at N. Please describe some practical case when pinning breaks OSPF or BGP. > You can no longer deny that this creates a problem for someone, > as we now have a user that had a working system get borked by > these changes. That setup is easily fixed with small correction of packet filtering rules and did not require loopback route removal in first place. > Again, the maintain_loopback_route stuff was added because someone > couldnt deal with the fact that you loose all routes via an > interface when you down it and then bring it back up. It solves much more problems than that. > That behavior is what you WANT to happen. Having the kernel magically > add routes when an interface comes back up is just bad for > a real router. Cisco and others do the same. This behaviour is "standard de-facto". Deviations should be possible, of course - as alternatives. From owner-freebsd-net@freebsd.org Tue Dec 12 20:00:53 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 28163E82B7A for ; Tue, 12 Dec 2017 20:00:53 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0DCC26FC73 for ; Tue, 12 Dec 2017 20:00:52 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBCK0nJq088144; Tue, 12 Dec 2017 12:00:49 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBCK0nAE088143; Tue, 12 Dec 2017 12:00:49 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712122000.vBCK0nAE088143@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <20171212.203058.74686940.sthaug@nethelp.no> To: sthaug@nethelp.no Date: Tue, 12 Dec 2017 12:00:49 -0800 (PST) CC: eugen@grosbein.net, freebsd-net@freebsd.org, crest@rlwinm.de X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 20:00:53 -0000 > > > >>> The whole maintain_loopback_route should be KILLED from the kernel, > > > >>> it is simply the wrong thing to be doing. > > > >> > > > >> Only if you can supply alternative way to assign highest priority > > > >> (administrative distance = 0) for "directly connected" routes. > > > >> And ability to override dynamically received prefixes with direct > > > >> interface address assignment. > > > > > > > > This is all done by correctly configured routing daemon > > > > running in userland over the route socket. > > > > > > Do we have such daemon maintaining directly connected routed in the base system? > > > > I believe we do, though it uses a fairly rare protocol now a days, > > called ripv2. man routed Both bird and quagga maintain these > > routes as well. I believe that openospfd does too. In fact > > I dont know of a routing daemon that does not try to maintain > > these. > > > > Also why does this need to ba a "in the base system"? Certainly > > sticking a route decision in the kernel that defeats any attempt > > to change it makes that pointless anyway. > > Being a router jockey at my daytime job I can symphatize with both > views here. > > - I *expect* that a route pointing out an interface will disappear > when that interface goes down, and reappear again when the interface > comes back up. This behavior is extremely consistent across all the > major router brands. On a hardware router this is always handled by a configured protocol, try turning off all configured protocols and see what happens. > - The standard FreeBSD behavior where a static route (added by a > manual "route add -net ...") does *not* reappear when an interface > comes back up, simply feels incredibly wrong and inconsistent. Again, your use to that behavior because on the hardware router you always have a routing protocol running. Try a router fresh out of the box with no protocols and see if it instantiats a loop back route, hech, I am not even sure if lo0 exists on some routers unless you create it! > But I also want the kernel to handle packet *forwarding*, and not > routing policy. I guess I'm looking for a a simplified routed which > will handle my static routes and can be turned on with a only an > xxx_enable in rc.conf and then basically forgotten. routed -q Need to test that, but if the code hasnt been broken that should just do the right thing about routes via local interfaces having the local IP added as a lo0 loopback route. I also think that if you use /etc/rc.d/netif and have your variables properly set in /etc/rc.conf that your routes well come and go as you down and up with /etc/rc.d/netif. > If I want something more complicated (typically BGP) I'll install > quagga. One of the problems now is that these programs are fighting with the kernel over these routes and just fill your logs with lots of useless messages and you can not reliably predict the loop back routes even if you ARE running a routing protocol daemon. I also find it hillarious that the code emits a bogous console message when I down an interface that it could not delete the loopback route, that is because it went away when the if went down and it is nonsense to call maintain_loopback_route with a delete flag in this instance. This clearly informs one that the code was not well thought out. Probably written by someone that does not understand what is happening in the kernel automatically when an interface goes down. > Steinar Haug, Nethelp consulting, sthaug@nethelp.no -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Tue Dec 12 20:04:19 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 34F11E82EF8 for ; Tue, 12 Dec 2017 20:04:19 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BF600701A1 for ; Tue, 12 Dec 2017 20:04:18 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBCK4Dla018926 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 21:04:14 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: sthaug@nethelp.no Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBCK494v008106; Wed, 13 Dec 2017 03:04:09 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: sthaug@nethelp.no, freebsd-rwg@pdx.rh.CN85.dnsmgr.net References: <5A301BAA.8010509@grosbein.net> <201712121833.vBCIXXXf087628@pdx.rh.CN85.dnsmgr.net> <20171212.203058.74686940.sthaug@nethelp.no> Cc: freebsd-net@freebsd.org, crest@rlwinm.de From: Eugene Grosbein X-Enigmail-Draft-Status: N1110 Message-ID: <5A303639.3090109@grosbein.net> Date: Wed, 13 Dec 2017 03:04:09 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <20171212.203058.74686940.sthaug@nethelp.no> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 20:04:19 -0000 On 13.12.2017 02:30, sthaug@nethelp.no wrote: > But I also want the kernel to handle packet *forwarding*, and not > routing policy. I guess I'm looking for a a simplified routed which > will handle my static routes and can be turned on with a only an > xxx_enable in rc.conf and then basically forgotten. > > If I want something more complicated (typically BGP) I'll install > quagga. You can still install quagga with simple "pkg install" command and run "zebra" daemon only to get exactly what you want, and no routing protocols: quagga_enable="YES" quagga_daemons="zebra" Then change all your "kernel routes" ("route add") to "static routes" in terms of quagga storing them in the /usr/local/etc/quagga/zebra.conf like I do: ip route 192.168.0.0/16 reject ip route 192.168.2.0/24 10.0.0.2 And so on. This works just as you need. From owner-freebsd-net@freebsd.org Tue Dec 12 20:12:43 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 54BEDE83222 for ; Tue, 12 Dec 2017 20:12:43 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id DEE427075E for ; Tue, 12 Dec 2017 20:12:42 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBCKCc76019008 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 Dec 2017 21:12:38 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: freebsd-rwg@pdx.rh.CN85.dnsmgr.net Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBCKCY7R010652; Wed, 13 Dec 2017 03:12:34 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: "Rodney W. Grimes" , sthaug@nethelp.no References: <201712122000.vBCK0nAE088143@pdx.rh.CN85.dnsmgr.net> Cc: freebsd-net@freebsd.org, crest@rlwinm.de From: Eugene Grosbein Message-ID: <5A303832.6030909@grosbein.net> Date: Wed, 13 Dec 2017 03:12:34 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <201712122000.vBCK0nAE088143@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 20:12:43 -0000 On 13.12.2017 03:00, Rodney W. Grimes wrote: >> If I want something more complicated (typically BGP) I'll install >> quagga. > > One of the problems now is that these programs are fighting with > the kernel over these routes and just fill your logs with lots > of useless messages and you can not reliably predict the loop > back routes even if you ARE running a routing protocol daemon. quagga does not do that. It plays nice with our kernel. > I also find it hillarious that the code emits a bogous console > message when I down an interface that it could not delete the > loopback route This is already fixed. From owner-freebsd-net@freebsd.org Tue Dec 12 20:21:05 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0DFF7E8354C for ; Tue, 12 Dec 2017 20:21:05 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C24C870BA3 for ; Tue, 12 Dec 2017 20:21:04 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBCKL3QX088221; Tue, 12 Dec 2017 12:21:03 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBCKL219088220; Tue, 12 Dec 2017 12:21:02 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712122021.vBCKL219088220@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <5A303639.3090109@grosbein.net> To: Eugene Grosbein Date: Tue, 12 Dec 2017 12:21:02 -0800 (PST) CC: sthaug@nethelp.no, freebsd-net@freebsd.org, crest@rlwinm.de X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 20:21:05 -0000 > On 13.12.2017 02:30, sthaug@nethelp.no wrote: > > > But I also want the kernel to handle packet *forwarding*, and not > > routing policy. I guess I'm looking for a a simplified routed which > > will handle my static routes and can be turned on with a only an > > xxx_enable in rc.conf and then basically forgotten. > > > > If I want something more complicated (typically BGP) I'll install > > quagga. > > You can still install quagga with simple "pkg install" command > and run "zebra" daemon only to get exactly what you want, and no routing protocols: > > quagga_enable="YES" > quagga_daemons="zebra" > > Then change all your "kernel routes" ("route add") to "static routes" in terms of quagga > storing them in the /usr/local/etc/quagga/zebra.conf like I do: > > ip route 192.168.0.0/16 reject > ip route 192.168.2.0/24 10.0.0.2 > > And so on. This works just as you need. Flap your intgerfaces and see what happens when quagga and the kernel fight over who gets to install the local MTU route via lo of the ip address for the interface you flapped. I must stress this is not about static routing, this is about the MTU route that typically is done in /etc/rc.d/ at boot time. This is a route to the local IP address of an interface to route its packets via lo0 so that we pickup the larger MTU. The code I am talking of here is *_maintain_loopback_route() in the kernel, that code just needs to die, it creates more problems that in solves. It has been dead in all my kernels since I found it in my syslogs fighting with bird. You should be able to run totally without these routes, they are there only to optimize local MTU. This has nothing to do with ppp, or the above routes, those are NOT lo0 or loopback routes. I am going to repeat that. You can run without these routes at all, totally not needed for a functional system. It might be non optimal as your connections to a local IP address are going to use the interface MTU rather than the MTU of lo0. Usually 1500 vs 16k. But then things should not really be using this route anyway, it would always be better to open 127.0.0.1 rather than an interface ip. The other thing these routes break is what the user complained of that started this whole thread, his pf or firewall no longer behaves as it did, because now we are forcing packets via lo0 that he was expecting to go via an interface. AND we have left this user no way to turn that function off reliably as he can delete the pinned route, but if his interface flaps it is gona come right back! -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Tue Dec 12 20:24:44 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B75FEE8388E for ; Tue, 12 Dec 2017 20:24:44 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8E2CF71082 for ; Tue, 12 Dec 2017 20:24:44 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBCKOh71088254; Tue, 12 Dec 2017 12:24:43 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBCKOh18088253; Tue, 12 Dec 2017 12:24:43 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712122024.vBCKOh18088253@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <5A303832.6030909@grosbein.net> To: Eugene Grosbein Date: Tue, 12 Dec 2017 12:24:43 -0800 (PST) CC: sthaug@nethelp.no, freebsd-net@freebsd.org, crest@rlwinm.de X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 20:24:44 -0000 > On 13.12.2017 03:00, Rodney W. Grimes wrote: > > >> If I want something more complicated (typically BGP) I'll install > >> quagga. > > > > One of the problems now is that these programs are fighting with > > the kernel over these routes and just fill your logs with lots > > of useless messages and you can not reliably predict the loop > > back routes even if you ARE running a routing protocol daemon. > > quagga does not do that. It plays nice with our kernel. I believe quagga silently ignores that it doesnt own the route it tried to install and bangs on the route socket, but maybe that got fixed. > > > I also find it hillarious that the code emits a bogous console > > message when I down an interface that it could not delete the > > loopback route > > This is already fixed. In what commit? -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Tue Dec 12 21:12:06 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 67A3DE85150 for ; Tue, 12 Dec 2017 21:12:06 +0000 (UTC) (envelope-from rysto32@gmail.com) Received: from mail-qt0-x233.google.com (mail-qt0-x233.google.com [IPv6:2607:f8b0:400d:c0d::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1F8667329F for ; Tue, 12 Dec 2017 21:12:06 +0000 (UTC) (envelope-from rysto32@gmail.com) Received: by mail-qt0-x233.google.com with SMTP id g10so627094qtj.12 for ; Tue, 12 Dec 2017 13:12:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=7lLZu8TIghBL2kQv2AzZDmFciQaZSm17sjD/dkxJ+xI=; b=Az+fiT6393ad2qSl+UWbtUGMFN4j3mOywTi+YrRJUQRC7AWN/t/hvBxj9Socy8SLHC yybzhT/y804orNTCalFNKPWmqFKexdr07AVq7k7LpjiAIunMc0p81VGYU8wgJdlpdYw9 I4G9AvSnoZHHA3MB7TZjK4sWEYtEwNd6CmcmEImVxf+pUbVa2UmSB1vT6Y036VPuVGsu k+MbfxvPJjgg3M8Bf+ZEPJOKhuyUfpNlZ4T0eEY+GkvO6p277uu2isPJg28JRlvZ36sd LEShLUaDUbcNhM2EThWSptQZrK2/UtY1wgzdeK/fZpylmZpgdFGdCbDtGl5XPxbTDZdo oZrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=7lLZu8TIghBL2kQv2AzZDmFciQaZSm17sjD/dkxJ+xI=; b=R77iRxsxh7komU2n+Yn5+bw+K8IudItRkXYueRVVzXUF/6a3M7BPo3JHLfcmMXbKM+ dP2LKyIKm5kxZDaQM7MdmBj8EvTj1OJ00ql6m1eogeDdJAb4vH3w8SJMrZkbyOTx2vhm qhTtJjBtQC59PvbVoewts62BKrVn1qiI/6siIcjikI1ZiauuslsQwvLmHgAMRcKpojo6 ilD3QGNLFGA1lhOcOHUpIg58cPdgx+si5FReVpqJWldKJNvHAVedEAgBV8z9GzYrPksE PM1DbJ9Z8TBzjZb9Xi0Mqa/857I9swF4aHvWSk9WwdKx1z5xoTHmR8RvjKmQ257OuqvL BgPw== X-Gm-Message-State: AKGB3mJSO83ingdE4cHuDjQkebaBRHr2BJCqZXYQWDeG8b+rttHZZr1s 0uYUE9E977ZlTrMjga+tutMCVOTF87cuOFA/H3M= X-Google-Smtp-Source: ACJfBotIJDEXeceI4ARNH12zSDWD8YyA3bSMG5pGm65I12sO9IVWWKkKxL7IPdGakE6twwsN0wWamqLEh33BKMSOp/0= X-Received: by 10.200.63.107 with SMTP id w40mr7542532qtk.24.1513113124306; Tue, 12 Dec 2017 13:12:04 -0800 (PST) MIME-Version: 1.0 Received: by 10.237.39.211 with HTTP; Tue, 12 Dec 2017 13:12:03 -0800 (PST) In-Reply-To: References: From: Ryan Stone Date: Tue, 12 Dec 2017 16:12:03 -0500 Message-ID: Subject: Re: [PATCH] ifaddr leak when modifying a route To: freebsd-net Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 21:12:06 -0000 On Thu, Dec 7, 2017 at 4:59 PM, Ryan Stone wrote: > https://reviews.freebsd.org/D13417 I still haven't received any feedback on this review. If nobody raises an objection by Thursday, I will commit it. From owner-freebsd-net@freebsd.org Tue Dec 12 21:47:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EFCFDE85F99 for ; Tue, 12 Dec 2017 21:47:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DBF8E746D9 for ; Tue, 12 Dec 2017 21:47:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBCLl0ct058995 for ; Tue, 12 Dec 2017 21:47:00 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 221919] ixl: TX queue hang when using TSO and having a high and mixed network load Date: Tue, 12 Dec 2017 21:46:59 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: IntelNetworking X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: wollman@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: erj@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 21:47:01 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221919 Garrett Wollman changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |wollman@FreeBSD.org --- Comment #6 from Garrett Wollman --- Applied the patch from #c3 to my 11.1 source tree and found that it did not improve matters. It would be better if this "feature" could simply be disabled, as the Linux drivers (apparently?) allow. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Tue Dec 12 22:40:43 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9B66DE875F4 for ; Tue, 12 Dec 2017 22:40:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 898C47683E for ; Tue, 12 Dec 2017 22:40:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBCMegG6087878 for ; Tue, 12 Dec 2017 22:40:43 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 221919] ixl: TX queue hang when using TSO and having a high and mixed network load Date: Tue, 12 Dec 2017 22:40:42 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: IntelNetworking X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: rstone@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: erj@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 22:40:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221919 --- Comment #7 from Ryan Stone --- Sorry, there was a mistake in the patch. I think that something got lost in translation when I ported it forward. I've regenerated the patch at the sa= me location, or you can replace this line in ixl_pf_main.c: ifp->if_hw_tsomaxsegpermss =3D IXL_MAX_TX_SEGS; with ifp->if_hw_tsomaxsegpermss =3D IXL_SPARSE_CHAIN; Sorry for the confusion. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Tue Dec 12 22:59:19 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74C26E87E3D for ; Tue, 12 Dec 2017 22:59:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 606F077284 for ; Tue, 12 Dec 2017 22:59:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBCMxI8O032860 for ; Tue, 12 Dec 2017 22:59:18 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 208007] [patch] Int overflow in dhclient(1) Date: Tue, 12 Dec 2017 22:59:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: mmcco@mykolab.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Dec 2017 22:59:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208007 --- Comment #1 from Michael McConville --- Hi guys. Just a reminder that hasn't been applied yet. It's a very simple fix. Thanks for your time, Michael --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Wed Dec 13 11:32:06 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 27563E9AB49 for ; Wed, 13 Dec 2017 11:32:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1542B6CE6D for ; Wed, 13 Dec 2017 11:32:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBDBW5VM089334 for ; Wed, 13 Dec 2017 11:32:05 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224247] [patch] RFC 6980 requires to drop fragmented IPv6 neighbour discovery Date: Wed, 13 Dec 2017 11:32:05 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Dec 2017 11:32:06 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 Andrey V. Elsukov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ae@FreeBSD.org --- Comment #5 from Andrey V. Elsukov --- (In reply to lutz from comment #4) > Thank your for the pointer to functionality duplication in other modules. >=20 > I moved the flag-setting to the fragment header removal code (which is mo= re > appropriate anyway). This code is more likely to be shared by other modul= es > (in the case of pf, it is used). >=20 > Furthermore the flag is renamed to be more self explanatory and the code = was > brushed up to match the existing coding style. >=20 > Did I miss anything else? This looks good to me. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Wed Dec 13 20:39:21 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A56FEE8611F for ; Wed, 13 Dec 2017 20:39:21 +0000 (UTC) (envelope-from johnllyon@gmail.com) Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3BBAB209C for ; Wed, 13 Dec 2017 20:39:21 +0000 (UTC) (envelope-from johnllyon@gmail.com) Received: by mail-wm0-x22a.google.com with SMTP id g130so23471427wme.0 for ; Wed, 13 Dec 2017 12:39:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=ZR2Hh2h1J+R6iYeP7CV7ARjyDkfi8jHmywYqzr12r+s=; b=ZVy5qayl+TRA1fC4le9aY2V8MA2D56vk3xry9EM5OzwrPbIwlfSGfMTEbtEB3N6PZB rbEkdPDPcx1YeFgU6gdMj9rGKIxmGvy3DzhevfxtD0k2ruAJjbqyR1WYa4fk4ecJLn9S fBuqjIXHJJZNp/PlYS42l+Ooai3ooy/6iVPnWLmfVeciKcPs0IHtQIHKXBE0LLCyu4M8 bqAKWKG/OFku74AjwRCZtqwjTtHcXRSJH70MJ5VGYPCZo3QqWp17zmH7f8wnrLnay95m ltLCgYaeS/WahZ83lXIL4wl9sMwIzqNnQt2PEXTZp6d+2xlFluzxekk2GRv9eOUaUO81 M9UA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=ZR2Hh2h1J+R6iYeP7CV7ARjyDkfi8jHmywYqzr12r+s=; b=IPwidvBjn+P2udWFHQBKIASNgRo2Mgu2gPgrDC7iIrf2COmsuzZDsQO5Dvj4Od4/in sGLCf8+YWTt64DioDVNBE4gWa9aaf6OAklCMGvklK5NrigkYHBWl/9dn/nhgcUytSL95 pMrinoFPyFW/leFIpOw/dg9c8b227+RsQvU0/YKcaTOSv3FAOhU40Rm0jhTVfimGPUxA 7mNYkJLAkOq6wq+QpfB+ODXIxLrmiHJGdIIHZZTseVhcC87iV+z2rvpNwVgbH8E318K0 jnWVIFSb6hiKYvr4W3iOP1u1uDb8IbxJFvmMs1I1q3P1aH6FuvaS4KdVxC0wRD5A80ju 2ELA== X-Gm-Message-State: AKGB3mLnH8NZVzDJfkqav+lfBIPJmOvIs8r8cLpSN66OhE2WDwpBSDxX Rlaj93yKsj8qWg4aYF5XPJshUNxftfjeTZLWwQpfH6ww X-Google-Smtp-Source: ACJfBotm04yIWZzsNNFknseeutOEXdZn8dB4zVNb6We8PsMxfnWFadwYeNSzXveeCqL09CxnK8vLFwx7/JIRLjZ0nHk= X-Received: by 10.80.184.52 with SMTP id j49mr9147456ede.160.1513197558548; Wed, 13 Dec 2017 12:39:18 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.211.20 with HTTP; Wed, 13 Dec 2017 12:38:57 -0800 (PST) From: John Lyon Date: Wed, 13 Dec 2017 15:38:57 -0500 Message-ID: Subject: Need Netgraph Help To: freebsd-net@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Dec 2017 20:39:21 -0000 Hello All, I'm a new Netgraph user, but am having some problems with a simple Netgraph script I have written. Unfortunately, the error message is cryptic and I can't tell what I am doing wrong since my script closely follows the example provided in the ng_etf man page. For some context, I'm trying to filter EAP traffic coming in on my LAN interface. Any ethernet frames that correspond to EAP traffic need to be immediately forwarded from the LAN interface to my WAN interface. All other ethernet frames coming in on my LAN interface need to be handled by the kernel's network stack. A (horrid) ASCII art representation of my desired netgraph would look like this: lower -> em0 -> downstream -> ETF -> no match -> upper em0 -> match -> lower em1 The script I have written is this: #! /bin/sh ngctl mkpeer em0: etf lower downstream ngctl name em0:lower lan_filter ngctl connect em0: lan_filter: upper nomatch ngctl msg lan_filter: setfilter { matchhook="em1:lower" ethertype=0x888e } Unfortunately, the last line of my script generates the following error message: ngctl: send msg: Invalid Argument However, I cannot tell which of my arguments is invalid. Moreover, my script does not having any glaring differences from the example script provided by the man page for the Ethernet Filter node (man ng_etf) upon which my script is based. I've been googling and googling, but there are not that many resources and very few Netgraph tutorials (most of them are copies of each other). Any help would be appreciated. Thanks in advance for any help you may be able to give. -------------------------------- John L. Lyon PGP Key Available At: https://www.dropbox.com/s/skmedtscs0tgex7/02150BFE.asc From owner-freebsd-net@freebsd.org Wed Dec 13 20:49:19 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EF159E865C7 for ; Wed, 13 Dec 2017 20:49:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C17CC292F for ; Wed, 13 Dec 2017 20:49:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBDKnIDe033046 for ; Wed, 13 Dec 2017 20:49:18 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 208007] [patch] Int overflow in dhclient(1) Date: Wed, 13 Dec 2017 20:49:18 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Dec 2017 20:49:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208007 --- Comment #2 from commit-hook@freebsd.org --- A commit references this bug: Author: asomers Date: Wed Dec 13 20:48:21 UTC 2017 New revision: 326834 URL: https://svnweb.freebsd.org/changeset/base/326834 Log: dhclient(8): Don't shift through the sign bit of a signed int PR: 208007 Submitted by: Michael McConville MFC after: 3 weeks Changes: head/sbin/dhclient/dhclient.c --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Wed Dec 13 20:50:05 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 765D5E867EF for ; Wed, 13 Dec 2017 20:50:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 763F72F6C for ; Wed, 13 Dec 2017 20:50:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBDKo0RW034193 for ; Wed, 13 Dec 2017 20:50:00 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 208007] [patch] Int overflow in dhclient(1) Date: Wed, 13 Dec 2017 20:50:01 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: asomers@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: asomers@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc assigned_to resolution bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Dec 2017 20:50:05 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208007 Alan Somers changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |asomers@FreeBSD.org Assignee|freebsd-net@FreeBSD.org |asomers@FreeBSD.org Resolution|--- |FIXED Status|New |Closed --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Wed Dec 13 21:47:06 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C8671E887E7 for ; Wed, 13 Dec 2017 21:47:06 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5DB1565B43 for ; Wed, 13 Dec 2017 21:47:06 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: by mail-wm0-x230.google.com with SMTP id r78so7752931wme.5 for ; Wed, 13 Dec 2017 13:47:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=+SU/HuJKmKjZiy7ZLGyAB3EfBn+1ZZdPINBh/WcVe0c=; b=bx0mPZnLFCoFyoUIK6lcGtjx/vG6plWF9fXgnb06nUPVRtBOiTb3iqD7DaeAUrCDEv ayiHcYYjyHOxtPVq7pXFUeD5Lpqzaed/urTOYkMm7fzuMxNSupZfeYlEyUm7QDovZpQo etVs6eWBV9DjeMRa21e12aI/AhuPzeU/O6qZFytq09bNZ4T7aeN82XXDKeu4squFCd5/ 5aIzLPW+lrAoPHqF/cez0yj6nWHwlj4MT9PCHPqntuqPRftKUA9OEqAByUIOgDd3Xtxz j8turlUp4qquY2WetMsPHzhxS/Xt0VJe2hF52AziFYxpdV6M+pOETPRfkh60RPrtMIeu s1gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=+SU/HuJKmKjZiy7ZLGyAB3EfBn+1ZZdPINBh/WcVe0c=; b=ZWdvqouYNN4jPstlj61+Vy7spNZjapwuf2xlm7aPcNIGG5N9I5J/CrtVmW1d/E5djK wn2MoAQSd5da/6zixBWrM9SZ30IMD1v5HOf0vjN+j31HpzK0/PnXtMaCtskYNgG+sE8v 8j8JYSxslSPrXb/Y1LhiHFV0DMBe6qdcG/Y+yxpQnA0v2pw/6mRWT1mUnsdOp8iMt/VP M9/1j3rd+aAeiy1Ni5i4xZfn0AO8PHDvWUnJVkM/6CSiO1pj1it2PgeoFt+IsbGxXdSw nlGJAyMwBAkdM8BteHLrIc8IATzHwZHvZgeuXfcMQFUgGBil0Gjh4oz4Zo6ceIv4roWC IuRg== X-Gm-Message-State: AKGB3mIxqYnC3vacrLUftIy2ZWyXacQWt3sq5zBGZZlvZMHG1kwb4yml tjpAxMOktcTaJ1r4NyrooshZ4g3wk9pK6mTQQs4= X-Google-Smtp-Source: ACJfBot3Wa4SdQZpzZZXFg7TDU4ApAAuCLgktGxoUxFO1WmdAFaxC27NgCJfHiGC0g7JS/gL4ylEpe/cXyQdX4aynfs= X-Received: by 10.28.138.142 with SMTP id m136mr369784wmd.40.1513201624614; Wed, 13 Dec 2017 13:47:04 -0800 (PST) MIME-Version: 1.0 Received: by 10.28.213.11 with HTTP; Wed, 13 Dec 2017 13:47:03 -0800 (PST) In-Reply-To: References: From: Adrian Chadd Date: Wed, 13 Dec 2017 13:47:03 -0800 Message-ID: Subject: Re: run0 wifi device causes kernel panics in 11.1 To: Yuri Cc: "freebsd-net@freebsd.org" Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Dec 2017 21:47:06 -0000 What's the actual stack trace? :) -adrian On 9 December 2017 at 10:55, Yuri wrote: > This started happening after I updated revision from Aug 1, 2017 to Dec 6, > 2017. > > The crash stack begins at syscall_fast. > > > Yuri > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@freebsd.org Thu Dec 14 06:56:27 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 775C9E98D7E for ; Thu, 14 Dec 2017 06:56:27 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0EABA77381 for ; Thu, 14 Dec 2017 06:56:26 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBE6uHgN033424 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 14 Dec 2017 07:56:18 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: freebsd-rwg@pdx.rh.CN85.dnsmgr.net Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBE6uDH4074411; Thu, 14 Dec 2017 13:56:13 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: "Rodney W. Grimes" References: <201712122021.vBCKL219088220@pdx.rh.CN85.dnsmgr.net> Cc: sthaug@nethelp.no, freebsd-net@freebsd.org, crest@rlwinm.de From: Eugene Grosbein X-Enigmail-Draft-Status: N1110 Message-ID: <5A32208D.3070500@grosbein.net> Date: Thu, 14 Dec 2017 13:56:13 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <201712122021.vBCKL219088220@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_Q_PLUS autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_Q_PLUS Date: is over 4 months after Received: date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 06:56:27 -0000 On 13.12.2017 03:21, Rodney W. Grimes wrote: > Flap your intgerfaces and see what happens when quagga and the kernel fight > over who gets to install the local MTU route via lo of the ip address for > the interface you flapped. I do not see any problem here. After service quagga restart: # egrep 'zebra|ospfd' /var/log/messages Dec 14 13:48:43 ptic zebra[96288]: Zebra 1.2.1 starting: vty@2601 ... Dec 14 13:48:46 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif0:192.168.100.234: Loading -> Full (LoadingDone) Dec 14 13:48:46 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif1:192.168.100.134: Loading -> Full (LoadingDone) # ifconfig gif1 down # ifconfig gif1 up This adds to /var/log/messages: Dec 14 13:49:01 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif1:192.168.100.134: Full -> Deleted (KillNbr) Dec 14 13:49:01 ptic zebra[96288]: if_ioctl(SIOCGIFMEDIA) failed: Invalid argument Dec 14 13:49:01 ptic zebra[96288]: kernel_rtm_ipv4: 192.168.100.132/30: rtm_write() unexpectedly returned -4 for command RTM_DELETE Dec 14 13:49:04 ptic zebra[96288]: if_ioctl(SIOCGIFMEDIA) failed: Invalid argument Dec 14 13:49:04 ptic ospfd[96297]: OSPF MPLS-TE: Abort update TE parameters: no Link Parameters for interface Dec 14 13:49:06 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif1:192.168.100.134: Exchange -> Full (ExchangeDone) There is no fight. Why don't you describe *your* setup in a PR so we could handle it right way? Perhaps, we could add another sysctl to disable route pinning if it really unavoidable for such setups. From owner-freebsd-net@freebsd.org Thu Dec 14 07:18:27 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6A5CFE99A15 for ; Thu, 14 Dec 2017 07:18:27 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mx0.gentlemail.de (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1BBCF78126 for ; Thu, 14 Dec 2017 07:18:26 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mh0.gentlemail.de (ezra.dcm1.omnilan.net [IPv6:2a00:e10:2800::a135]) by mx0.gentlemail.de (8.14.5/8.14.5) with ESMTP id vBE7ION3037533; Thu, 14 Dec 2017 08:18:24 +0100 (CET) (envelope-from freebsd@omnilan.de) Received: from titan.inop.mo1.omnilan.net (s1.omnilan.de [217.91.127.234]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mh0.gentlemail.de (Postfix) with ESMTPSA id F2FE76A4; Thu, 14 Dec 2017 08:18:23 +0100 (CET) Message-ID: <5A3225BF.6020205@omnilan.de> Date: Thu, 14 Dec 2017 08:18:23 +0100 From: Harry Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: John Lyon CC: freebsd-net@freebsd.org Subject: Re: Need Netgraph Help References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]); Thu, 14 Dec 2017 08:18:24 +0100 (CET) X-Milter: Spamilter (Reciever: mx0.gentlemail.de; Sender-ip: ; Sender-helo: mh0.gentlemail.de; ) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 07:18:27 -0000 Bezüglich John Lyon's Nachricht vom 13.12.2017 21:38 (localtime): > Hello All, > > I'm a new Netgraph user, but am having some problems with a simple Netgraph > script I have written. Unfortunately, the error message is cryptic and I > can't tell what I am doing wrong since my script closely follows the > example provided in the ng_etf man page. > > For some context, I'm trying to filter EAP traffic coming in on my LAN > interface. Any ethernet frames that correspond to EAP traffic need to be > immediately forwarded from the LAN interface to my WAN interface. All > other ethernet frames coming in on my LAN interface need to be handled by > the kernel's network stack. A (horrid) ASCII art representation of my > desired netgraph would look like this: > > lower -> em0 -> downstream -> ETF -> no match -> upper em0 > -> match -> > lower em1 > > The script I have written is this: > > #! /bin/sh > ngctl mkpeer em0: etf lower downstream > ngctl name em0:lower lan_filter > ngctl connect em0: lan_filter: upper nomatch > ngctl msg lan_filter: setfilter { matchhook="em1:lower" > ethertype=0x888e } > > Unfortunately, the last line of my script generates the following error > message: > > ngctl: send msg: Invalid Argument I strongly guess shell interferes here. Try quoting your braces part. I'm handling auto startup (rc(8) integration) and mitigating quoting issues like that: Put into /etc/start_if.em0: #!/bin/sh if [ -r /etc/rc.conf.d/ng_etf.em0 ]; then if ! /usr/sbin/ngctl show lan_filter: 2>/dev/null | grep -q lan_filter; then /usr/sbin/ngctl -f /etc/rc.conf.d/ng_etf.em0 fi fi Your /etc/rc.conf.d/ng_etf.em0 would look like that: # to be loaded by ngctl script mkpeer em0: etf lower downstream name em0:lower lan_filter connect em0: lan_filter: upper nomatch msg lan_filter: setfilter { matchhook="em1:lower" } Once I had a naming race suspision, so I always do the real control without relying on names, those are just for later admin tasks/reading: # to be loaded by ngctl script mkpeer em0: etf lower downstream name em0:lower lan_filter connect em0: em0:lower upper nomatch msg em0:lower setfilter { matchhook="em1:lower" } Be ware of typos, hope that helps, -harry From owner-freebsd-net@freebsd.org Thu Dec 14 07:27:47 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2CC62E99F9D for ; Thu, 14 Dec 2017 07:27:47 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BA7EF78620 for ; Thu, 14 Dec 2017 07:27:46 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBE7RfXV033681 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 14 Dec 2017 08:27:42 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: freebsd-rwg@pdx.rh.CN85.dnsmgr.net Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id vBE7RbrC004421; Thu, 14 Dec 2017 14:27:37 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Changes to route(8) or routing between r325235 and r326782? To: "Rodney W. Grimes" References: <201712122024.vBCKOh18088253@pdx.rh.CN85.dnsmgr.net> Cc: sthaug@nethelp.no, freebsd-net@freebsd.org, crest@rlwinm.de From: Eugene Grosbein Message-ID: <5A3227E9.9090500@grosbein.net> Date: Thu, 14 Dec 2017 14:27:37 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <201712122024.vBCKOh18088253@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_Q_PLUS autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_Q_PLUS Date: is over 4 months after Received: date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 07:27:47 -0000 On 13.12.2017 03:24, Rodney W. Grimes wrote: >>> I also find it hillarious that the code emits a bogous console >>> message when I down an interface that it could not delete the >>> loopback route >> >> This is already fixed. > > In what commit? r325436, then MFCd with r326011 (stable/11) and r326012 (stable/10). From owner-freebsd-net@freebsd.org Thu Dec 14 14:47:18 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9CBE0E82E14 for ; Thu, 14 Dec 2017 14:47:18 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5E8A867053 for ; Thu, 14 Dec 2017 14:47:17 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id vBEElFQI097328; Thu, 14 Dec 2017 06:47:15 -0800 (PST) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id vBEElFhH097327; Thu, 14 Dec 2017 06:47:15 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201712141447.vBEElFhH097327@pdx.rh.CN85.dnsmgr.net> Subject: Re: Changes to route(8) or routing between r325235 and r326782? In-Reply-To: <5A32208D.3070500@grosbein.net> To: Eugene Grosbein Date: Thu, 14 Dec 2017 06:47:15 -0800 (PST) CC: sthaug@nethelp.no, freebsd-net@freebsd.org, crest@rlwinm.de X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 14:47:18 -0000 > On 13.12.2017 03:21, Rodney W. Grimes wrote: > > > Flap your intgerfaces and see what happens when quagga and the kernel fight > > over who gets to install the local MTU route via lo of the ip address for > > the interface you flapped. > > I do not see any problem here. After service quagga restart: > > # egrep 'zebra|ospfd' /var/log/messages > Dec 14 13:48:43 ptic zebra[96288]: Zebra 1.2.1 starting: vty@2601 > ... > Dec 14 13:48:46 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif0:192.168.100.234: Loading -> Full (LoadingDone) > Dec 14 13:48:46 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif1:192.168.100.134: Loading -> Full (LoadingDone) > > # ifconfig gif1 down Ping the IP address of gif1 here, why can you still ping the if address of an administratively down interface? That is just fundementally wrong in so many ways. > # ifconfig gif1 up > > This adds to /var/log/messages: > > Dec 14 13:49:01 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif1:192.168.100.134: Full -> Deleted (KillNbr) > Dec 14 13:49:01 ptic zebra[96288]: if_ioctl(SIOCGIFMEDIA) failed: Invalid argument > Dec 14 13:49:01 ptic zebra[96288]: kernel_rtm_ipv4: 192.168.100.132/30: rtm_write() unexpectedly returned -4 for command RTM_DELETE > Dec 14 13:49:04 ptic zebra[96288]: if_ioctl(SIOCGIFMEDIA) failed: Invalid argument > Dec 14 13:49:04 ptic ospfd[96297]: OSPF MPLS-TE: Abort update TE parameters: no Link Parameters for interface > Dec 14 13:49:06 ptic ospfd[96297]: AdjChg: Nbr 192.168.7.1 on gif1:192.168.100.134: Exchange -> Full (ExchangeDone) > > There is no fight. Why don't you describe *your* setup in a PR so we could handle it right way? > Perhaps, we could add another sysctl to disable route pinning if it really unavoidable for such setups. I suspect your no longer seeing the bad messages cause your route is now -pinned and does nolonger alterable by anyone other than someone specifically using a -pinned arg to the calls. You have now hardwired a permanent route to the local IP address of any interface weither that interface is up or not. And done so in a way that is not easy to work around without altering kernel source code. Rather than file a PR I well write a differential that simply wraps a knob around all this *maintain_looopback_route() non-sense so that kernels can be bulit without it, and inside that knob add a sysctl to turn the behavior on and off so that those caught, like the reporting person on the mail list that got hammered by your MFC, can quickly recover with a loader.conf variable. Proposed option and sysctl names for bikeshed of colour blue: options MAINTAIN_LOOPBACK_ROUTE #Maintain a pinned and always present #(even when interface is down) route #to the local IP of all interfaces sysctl net.route.maintain_loopback_route=1 The above well be the defaults, IE, in GENERIC and sysctl set to 1, that well maintain YOUR bad behavior, but allow me and others to easily correct for it. OK? -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-net@freebsd.org Thu Dec 14 19:20:09 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9E3EEE8C2A5 for ; Thu, 14 Dec 2017 19:20:09 +0000 (UTC) (envelope-from Ming.Fu@esentire.com) Received: from mail.esentire.com (mail.iim-support.esentire.com [52.129.34.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7A6E2740F0 for ; Thu, 14 Dec 2017 19:20:08 +0000 (UTC) (envelope-from Ming.Fu@esentire.com) Received: from exchange.esentire.com (cas01cmb01p.internal [10.1.120.116]) by mail.esentire.com (Postfix) with ESMTPS id ECB1A180CD7 for ; Thu, 14 Dec 2017 18:00:18 +0000 (UTC) Received: from mbx02cmb01p.esentire.local (10.1.120.125) by mbx02cmb01p.esentire.local (10.1.120.125) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Thu, 14 Dec 2017 13:00:18 -0500 Received: from mbx02cmb01p.esentire.local ([fe80::614a:403b:50de:71e4]) by mbx02cmb01p.esentire.local ([fe80::614a:403b:50de:71e4%12]) with mapi id 15.00.1347.000; Thu, 14 Dec 2017 13:00:18 -0500 From: Ming Fu To: "freebsd-net@freebsd.org" Subject: Netmap: Build a network SPAN/TAP from netmap Thread-Topic: Netmap: Build a network SPAN/TAP from netmap Thread-Index: AdN1BBGKP8KaAKpjRZ+/dKMY9O2pUw== Date: Thu, 14 Dec 2017 18:00:18 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.1.120.131] MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 19:20:09 -0000 Hi, I am trying to explore the possibility to build a network SPAN/TAP from net= map. Similar to the bridge sample, but all packet going through the bridge = also get copied to a SPAN port. How do I duplicate or clone an incoming pac= ket and send the original to bridge peer and the cloned one to the SPAN por= t? Is there an API like FreeBsd m_copypacket() for netmap? Would it work fo= r Linux as well? Thanks Ming From owner-freebsd-net@freebsd.org Thu Dec 14 19:27:55 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 12BE3E8C709 for ; Thu, 14 Dec 2017 19:27:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 007BD748D6 for ; Thu, 14 Dec 2017 19:27:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBEJRskh095590 for ; Thu, 14 Dec 2017 19:27:54 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 208803] ixgbe(4) reports wrong IPv4 checksum when txcsum is enabled Date: Thu, 14 Dec 2017 19:27:55 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.3-RELEASE X-Bugzilla-Keywords: IntelNetworking X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: sbruno@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: Not A Bug X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status cc resolution Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 19:27:55 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208803 Sean Bruno changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Closed CC| |sbruno@FreeBSD.org Resolution|--- |Not A Bug --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Thu Dec 14 21:27:22 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DD640E905B3 for ; Thu, 14 Dec 2017 21:27:22 +0000 (UTC) (envelope-from johnllyon@gmail.com) Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6FA337A610 for ; Thu, 14 Dec 2017 21:27:22 +0000 (UTC) (envelope-from johnllyon@gmail.com) Received: by mail-wm0-x231.google.com with SMTP id b76so14136216wmg.1 for ; Thu, 14 Dec 2017 13:27:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ONf+Ri7eDUt8ReCCbpljDHeiGZlakEnH+lLF2LZ3Kg4=; b=QjT2q1n1Tz1kVsEbDwlhR3Mi8skMW4Q5zNz1fYBsvWlZ30bBKZqXP6qo/7aIqIz8ub sbPTGl/uzwwpWrcekYT7j5tWDp1872JdV8jgwZw+hqyY/5B+lTpAVbPfHRtZZjbY3VAi NAsShUHIrarACPoJQNffRRxashAP3lgPR60eq5l/2lj5qXA7rjaNAXMJjTBDYhgqo5fg hGtfKvK19KAFlb/HjdR9MUWatjg1vPSh0Ziv3iPVw87mO9qpmR1wg8ZOz5EWQbmtOHjo gY8Dbqf5oBd5ZKVD4f/Mjq5zRvpHFBFFjuo/FBKsmzUpHC4Ae4MnnnWK+XZTG/pKeuXm fKqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ONf+Ri7eDUt8ReCCbpljDHeiGZlakEnH+lLF2LZ3Kg4=; b=WqBd9I3MQVxl2mii3Z2m3kK8KxoHet9PYDyf+grHsQmk0e0jWjzqG2SSqMfp7OGKH7 LGL77rFQabtz609OqJ/lK6WjppoVWOWrFb4mrtkaG0Q+DGSjgHRLlZobpBr6Sh1/9inb npJovXXsJeJ5qT2CtOl8QZ5PQkTEkoDKynhcAFNVBFXlS/Jkn3mnBK/3ffN4Gg7ObOJe r2CFgiEkHb4xtKGOZXeF0qDVPH3B9zvGuNKGh5pDMhZWXIX8EH7UhECg1k5bNSb5ruKF 1URpypPj9RkRZDQUWmdFOFp4G8DxlFX79Ci5JcNBnbj1IDlctDax0RFeQ+EkfuJroqZG tkxQ== X-Gm-Message-State: AKGB3mIyHwVLGq2XabmZlhrvi/o2HXr7uHmhqwCx2bBJ9chYxnxifNTB 2rUE95pfrlKCFdsYJ6J6embFADcsdg4BCTkk8VC1XFR2 X-Google-Smtp-Source: ACJfBovk35Plj/VvfS/A2GqnkAkV9r700t76lnt08geonyNOcRmscj8UGfY7TYMK3+7TBDYGidslDpk0OejoR8JB8ts= X-Received: by 10.80.243.18 with SMTP id p18mr14070251edm.38.1513286840671; Thu, 14 Dec 2017 13:27:20 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.211.20 with HTTP; Thu, 14 Dec 2017 13:27:00 -0800 (PST) In-Reply-To: <5A3225BF.6020205@omnilan.de> References: <5A3225BF.6020205@omnilan.de> From: John Lyon Date: Thu, 14 Dec 2017 16:27:00 -0500 Message-ID: Subject: Re: Need Netgraph Help To: Harry Schmalzbauer Cc: freebsd-net@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 21:27:23 -0000 Thanks for the advice. The issue may be a shell issue, but without knowing which argument is "invalid," it's hard to debug. I took your advice and skipped the naming to simplify debugging and also tried different approaches to quoting the braces (or lack thereof), including: msg em0:lower setfilter "{ matchhook=3D\"em1:lower\" ethertype=3D0x888e= }" msg em0:lower setfilter { matchhook=3D\"em1:lower\" ethertype=3D0x888e = } msg em0:lower setfilter { matchhook=3D"em1:lower" ethertype=3D0x888e } msg em0:lower setfilter { matchhook=3Dem1:lower ethertype=3D0x888e } All generate the same error message of "ngctl: send msg: Invalid argument" without any further information to assist in debugging. Moreover, using your example of: msg em0:lower setfilter { matchook=3D"em1:lower" } Gives me the error message of: ngctl: send msg: No such file or directory. At this point, I am at my wit's end. This should be a simple script to write based on the man pages. I am apparently missing something but cannot figure out what it is from the error messages. Any other ideas? Thanks. -------------------------------- John L. Lyon PGP Key Available At: https://www.dropbox.com/s/skmedtscs0tgex7/02150BFE.asc On Thu, Dec 14, 2017 at 2:18 AM, Harry Schmalzbauer wrote: > Bez=C3=BCglich John Lyon's Nachricht vom 13.12.2017 21:38 (localtime): > > Hello All, > > > > I'm a new Netgraph user, but am having some problems with a simple > Netgraph > > script I have written. Unfortunately, the error message is cryptic and= I > > can't tell what I am doing wrong since my script closely follows the > > example provided in the ng_etf man page. > > > > For some context, I'm trying to filter EAP traffic coming in on my LAN > > interface. Any ethernet frames that correspond to EAP traffic need to = be > > immediately forwarded from the LAN interface to my WAN interface. All > > other ethernet frames coming in on my LAN interface need to be handled = by > > the kernel's network stack. A (horrid) ASCII art representation of my > > desired netgraph would look like this: > > > > lower -> em0 -> downstream -> ETF -> no match -> upper em0 > > -> match -> > > lower em1 > > > > The script I have written is this: > > > > #! /bin/sh > > ngctl mkpeer em0: etf lower downstream > > ngctl name em0:lower lan_filter > > ngctl connect em0: lan_filter: upper nomatch > > ngctl msg lan_filter: setfilter { matchhook=3D"em1:lower" > > ethertype=3D0x888e } > > > > Unfortunately, the last line of my script generates the following error > > message: > > > > ngctl: send msg: Invalid Argument > > I strongly guess shell interferes here. Try quoting your braces part. > I'm handling auto startup (rc(8) integration) and mitigating quoting > issues like that: > > Put into /etc/start_if.em0: > > #!/bin/sh > if [ -r /etc/rc.conf.d/ng_etf.em0 ]; then > if ! /usr/sbin/ngctl show lan_filter: 2>/dev/null | grep -q > lan_filter; then > /usr/sbin/ngctl -f /etc/rc.conf.d/ng_etf.em0 > fi > fi > > Your /etc/rc.conf.d/ng_etf.em0 would look like that: > > # to be loaded by ngctl script > mkpeer em0: etf lower downstream > name em0:lower lan_filter > connect em0: lan_filter: upper nomatch > msg lan_filter: setfilter { matchhook=3D"em1:lower" } > > Once I had a naming race suspision, so I always do the real control > without relying on names, those are just for later admin tasks/reading: > # to be loaded by ngctl script > mkpeer em0: etf lower downstream > name em0:lower lan_filter > connect em0: em0:lower upper nomatch > msg em0:lower setfilter { matchhook=3D"em1:lower" } > > > Be ware of typos, hope that helps, > > -harry > > From owner-freebsd-net@freebsd.org Thu Dec 14 22:08:21 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8DDCAE91653 for ; Thu, 14 Dec 2017 22:08:21 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 084447BAD7 for ; Thu, 14 Dec 2017 22:08:19 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vBEM864Y040033 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 14 Dec 2017 23:08:07 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: johnllyon@gmail.com Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id vBEM82dV096907 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 15 Dec 2017 05:08:02 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Need Netgraph Help To: John Lyon , Harry Schmalzbauer References: <5A3225BF.6020205@omnilan.de> Cc: freebsd-net@freebsd.org From: Eugene Grosbein Message-ID: <5A32F63E.8010205@grosbein.net> Date: Fri, 15 Dec 2017 05:07:58 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Dec 2017 22:08:21 -0000 15.12.2017 4:27, John Lyon wrote: >>> I'm a new Netgraph user, but am having some problems with a simple >>> Netgraph >>> script I have written. Unfortunately, the error message is cryptic and I >>> can't tell what I am doing wrong since my script closely follows the >>> example provided in the ng_etf man page. >>> >>> For some context, I'm trying to filter EAP traffic coming in on my LAN >>> interface. Any ethernet frames that correspond to EAP traffic need to be >>> immediately forwarded from the LAN interface to my WAN interface. All >>> other ethernet frames coming in on my LAN interface need to be handled by >>> the kernel's network stack. A (horrid) ASCII art representation of my >>> desired netgraph would look like this: >>> >>> lower -> em0 -> downstream -> ETF -> no match -> upper em0 >>> -> match -> >>> lower em1 >>> >>> The script I have written is this: >>> >>> #! /bin/sh >>> ngctl mkpeer em0: etf lower downstream >>> ngctl name em0:lower lan_filter >>> ngctl connect em0: lan_filter: upper nomatch >>> ngctl msg lan_filter: setfilter { matchhook="em1:lower" >>> ethertype=0x888e } >>> >>> Unfortunately, the last line of my script generates the following error >>> message: >>> >>> ngctl: send msg: Invalid Argument For "setfilter" command to work, ng_etf requires that: 1) referenced "matchook" exists and you should not use "indirect name" here, only hook own name, or else you get error ENOENT (No such file or directory); 2) referenced "matchook" is *not* downstream hook, or else you get error EINVAL (Invalid argument); 3) it was not already configured, or else you get error EEXIST (File exists). From owner-freebsd-net@freebsd.org Fri Dec 15 05:58:57 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 16EA4E9C140 for ; Fri, 15 Dec 2017 05:58:57 +0000 (UTC) (envelope-from jim@netgate.com) Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C6F6F68AA4 for ; Fri, 15 Dec 2017 05:58:56 +0000 (UTC) (envelope-from jim@netgate.com) Received: by mail-oi0-x230.google.com with SMTP id l6so5478207oih.11 for ; Thu, 14 Dec 2017 21:58:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netgate.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5rT23gZZh91gzZJdSdce7lzSNT350ch5Haxq39V4mDI=; b=nEake+i6eB52uqKTizIfGAVWzGLkT6dz2RCenbncdGZiyUr6qdTy2U/ObM2KuwFcdB p3wT6JfIRxwAYn8IDoueBTa2MnKqrom2v/s+1+z9hFZYo0k6Ay6liRjyyKgVfonxd/Q1 QqO6BclG0Upa16LxwQJyt+hPE0zyJ4WGnhwoY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5rT23gZZh91gzZJdSdce7lzSNT350ch5Haxq39V4mDI=; b=SiMjvVxG8719NvNAjWtNDrjz+dt2juDxts4QW9tr1biilqHvbFtmGC/C76CtrAHdzU USkhulRGyGqnUs0LLuaI94j8F6wBPGy7gBrkkdyjJeB8N3NhfLRZJj29wEXkNUnn2amR NDsNRqdGhhylIyr9T3ImRoYwk5x2YJ8Zmnx3nmdHIcFJikrRBx4yfsJTyAVArc6bXQ8V pWSK9xkiVJZHu3wO55fn0HrbJDrHBG6tGeiEwJozreOvqx4vwirY8t1zEDdMv4dkFPl5 2+9XqGGZ8XMeXfHFalvkSJEXNVTKrLyJlk+v9kWd+FRJEf/uR20X91mwkAABPMg2PCvb 3mEw== X-Gm-Message-State: AKGB3mI5EsuYJ24eLGucezJF6mjxDAiii2gYR2jf7pTcRkKVg7IYEFCO YwrDp0Th3UbMqM6d9fA00iV3YQ== X-Google-Smtp-Source: ACJfBovy+NzbTKychHDx6ek0N1hLzta79MsqOz7BY51mJaZI7HFIMsH9FLbiC5eeJl6jRf0bkDOx3w== X-Received: by 10.202.194.214 with SMTP id s205mr5856092oif.357.1513317535735; Thu, 14 Dec 2017 21:58:55 -0800 (PST) Received: from [172.21.0.169] (65-36-116-65.dyn.grandenetworks.net. [65.36.116.65]) by smtp.gmail.com with ESMTPSA id b127sm2638610oih.18.2017.12.14.21.58.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 14 Dec 2017 21:58:55 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\)) Subject: Re: Netmap: Build a network SPAN/TAP from netmap From: Jim Thompson In-Reply-To: Date: Thu, 14 Dec 2017 23:58:54 -0600 Cc: "freebsd-net@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <3F8E159B-33FC-428E-9A18-64CC298EDBDD@netgate.com> References: To: Ming Fu X-Mailer: Apple Mail (2.3445.5.20) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 05:58:57 -0000 > On Dec 14, 2017, at 12:00 PM, Ming Fu wrote: >=20 > Hi, >=20 > I am trying to explore the possibility to build a network SPAN/TAP = from netmap. Similar to the bridge sample, but all packet going through = the bridge also get copied to a SPAN port. How do I duplicate or clone = an incoming packet and send the original to bridge peer and the cloned = one to the SPAN port? Is there an API like FreeBsd m_copypacket() for = netmap? Would it work for Linux as well? >=20 > Thanks > Ming Ming, I=E2=80=99d look at adapting netmap monitors. = https://github.com/luigirizzo/netmap/blob/master/sys/dev/netmap/netmap_mon= itor.c For the rest of the solution, look at netmap_user.h, where it explains = how to open a port in monitor mode. https://github.com/luigirizzo/netmap/blob/master/sys/net/netmap_user.h Essentially, once you have an active netmap port e.g. netmap:ix0, you = can sniff the traffic by opening additional netmap ports named netmap:ix0/r (for rx traffic) or netmap:ix0/t (for tx) or even = netmap:ix0/rt (for both tx and rx) The rest of the code (to inject frames back down another interface) can = be lifted from the bridge sample. You could also look at SF-TAP. http://sf-tap.github.io Jim From owner-freebsd-net@freebsd.org Fri Dec 15 07:56:37 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57B03E9EA1C for ; Fri, 15 Dec 2017 07:56:37 +0000 (UTC) (envelope-from v.maffione@gmail.com) Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0E2C56C12E for ; Fri, 15 Dec 2017 07:56:37 +0000 (UTC) (envelope-from v.maffione@gmail.com) Received: by mail-qk0-x230.google.com with SMTP id d66so9377240qkg.1 for ; Thu, 14 Dec 2017 23:56:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=dAdcpw0ENxjksmJ4jm12WBzK9JydmFofk0ss5rLwAuU=; b=U5E1cxExDTC4F/X4e3ryZO9S1OneFqcNiRoHRBhrwBax/E5RwPQLYScfb/HZywHOmZ e7DCaMQbixshfI2UkU6qFrU3djFLZnImMMrd6bRQ12ACANC4AXfGjX6ppTnnLLVuvASd 0TmVO9VeRO9dCLU3Ry6Povy1c9lv6uRpM56Scvj3OSBy+ExtBKgjPKtPmeAEmYDGrcB0 ndvet8MDIjmZnWgpHJtrvRjoUl01nRHOS9rr+NdaF0AQ8gnimlbJs8sLQxQXyXoms1oq PGenfSL3CdlDo+5MBrmLmV/AsJN6yEtZ/I3q0+7MP7/hyxIS+GhpvFPsFoiYPIyOXef6 sTcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=dAdcpw0ENxjksmJ4jm12WBzK9JydmFofk0ss5rLwAuU=; b=Ta3U/mVFYeybR1QPmAaFDGXFlNnjp4QVRNsKIXcGZc7ZWO5ksC+tCvi25bpwCV+b3t v4nj0oEH/jteXskS4XIGrJiiOfaky6vuke4Apxu3CLWzjrMW+KPZXWIlfbBSGM0F0zVl eVuP6fBC9V2GLhj4zZmGVCVc5auReEAS8FlPTwVLjz3eDBYkZxTfuu0gFWfoJTahjFwo 3PtpaDOTHSDwN5ELSNLkasLAIqPNJEn6czMw/8X0v8UQCpxulby2XV4tUDKNmJflOPQl +mJFCSeXPtsLswcGoJK1AQaLTwcoBJDqzIbZceFsVX+If1BTaEC+qOz7BAWHsf6sczrI qL/Q== X-Gm-Message-State: AKGB3mLktED/6cfpfmP3E/hP5KNAXdNq2Iu+Ydyj9Wa9qNxyB6H2p0bX y78A3f9f7U5RAtkwLr9yGnA1T0ucLJbDsSMKUz55Qg== X-Google-Smtp-Source: ACJfBosSPbSnFrpU9d0VKUvrC0TB3iwVgXFYm+LBlamWUG7IvvUnJT8UUwxrHUkHK5ug/ZGUNNkqBIdVA51qOgaYjI8= X-Received: by 10.55.56.137 with SMTP id f131mr16628364qka.91.1513324595727; Thu, 14 Dec 2017 23:56:35 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.174.5 with HTTP; Thu, 14 Dec 2017 23:56:35 -0800 (PST) In-Reply-To: <3F8E159B-33FC-428E-9A18-64CC298EDBDD@netgate.com> References: <3F8E159B-33FC-428E-9A18-64CC298EDBDD@netgate.com> From: Vincenzo Maffione Date: Fri, 15 Dec 2017 08:56:35 +0100 Message-ID: Subject: Re: Netmap: Build a network SPAN/TAP from netmap To: Jim Thompson Cc: Ming Fu , "freebsd-net@freebsd.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 07:56:37 -0000 Yes, or if you prefer you can simply extend "bridge" forwarding logic to copy every packet to an additional TAP port. Copying a packet in netmap is just a matter of initialize the next struct netmap_slot in the destination (TAP) netmap ring, memcpy() the packet payload and incrementing ring->cur/ring->head (then you need to TXSYNC or poll() at the end of the batch. In any case the application will work on both FreeBSD and Linux, as the API is the same. You may also find useful to look at the netmap tutorial, to see more examples and explanations: https://github.com/vmaffione/netmap-tutorial Cheers, Vincenzo 2017-12-15 6:58 GMT+01:00 Jim Thompson : > > > > On Dec 14, 2017, at 12:00 PM, Ming Fu wrote: > > > > Hi, > > > > I am trying to explore the possibility to build a network SPAN/TAP from > netmap. Similar to the bridge sample, but all packet going through the > bridge also get copied to a SPAN port. How do I duplicate or clone an > incoming packet and send the original to bridge peer and the cloned one t= o > the SPAN port? Is there an API like FreeBsd m_copypacket() for netmap? > Would it work for Linux as well? > > > > Thanks > > Ming > > Ming, > > I=E2=80=99d look at adapting netmap monitors. > > https://github.com/luigirizzo/netmap/blob/master/sys/dev/ > netmap/netmap_monitor.c > > For the rest of the solution, look at netmap_user.h, where it explains ho= w > to open a port in monitor mode. > > https://github.com/luigirizzo/netmap/blob/master/sys/net/netmap_user.h > > Essentially, once you have an active netmap port e.g. netmap:ix0, you can > sniff the traffic by opening additional netmap ports > named netmap:ix0/r (for rx traffic) or netmap:ix0/t (for tx) or even > netmap:ix0/rt (for both tx and rx) > > The rest of the code (to inject frames back down another interface) can b= e > lifted from the bridge sample. > > You could also look at SF-TAP. http://sf-tap.github.io > > Jim > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > --=20 Vincenzo Maffione From owner-freebsd-net@freebsd.org Fri Dec 15 08:48:31 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 514E4E9F9F3 for ; Fri, 15 Dec 2017 08:48:31 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mx0.gentlemail.de (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DF1296D37F for ; Fri, 15 Dec 2017 08:48:30 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mh0.gentlemail.de (ezra.dcm1.omnilan.net [IPv6:2a00:e10:2800::a135]) by mx0.gentlemail.de (8.14.5/8.14.5) with ESMTP id vBF8mQXe053999; Fri, 15 Dec 2017 09:48:27 +0100 (CET) (envelope-from freebsd@omnilan.de) Received: from titan.inop.mo1.omnilan.net (s1.omnilan.de [217.91.127.234]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mh0.gentlemail.de (Postfix) with ESMTPSA id B20118CB; Fri, 15 Dec 2017 09:48:26 +0100 (CET) Message-ID: <5A338C5A.20300@omnilan.de> Date: Fri, 15 Dec 2017 09:48:26 +0100 From: Harry Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: Eugene Grosbein CC: John Lyon , freebsd-net@freebsd.org Subject: Re: Need Netgraph Help References: <5A3225BF.6020205@omnilan.de> <5A32F63E.8010205@grosbein.net> In-Reply-To: <5A32F63E.8010205@grosbein.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]); Fri, 15 Dec 2017 09:48:27 +0100 (CET) X-Milter: Spamilter (Reciever: mx0.gentlemail.de; Sender-ip: ; Sender-helo: mh0.gentlemail.de; ) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 08:48:31 -0000 Bezüglich Eugene Grosbein's Nachricht vom 14.12.2017 23:07 (localtime): > 15.12.2017 4:27, John Lyon wrote: > >>>> I'm a new Netgraph user, but am having some problems with a simple >>>> Netgraph >>>> script I have written. Unfortunately, the error message is cryptic and I >>>> can't tell what I am doing wrong since my script closely follows the >>>> example provided in the ng_etf man page. >>>> >>>> For some context, I'm trying to filter EAP traffic coming in on my LAN >>>> interface. Any ethernet frames that correspond to EAP traffic need to be >>>> immediately forwarded from the LAN interface to my WAN interface. All >>>> other ethernet frames coming in on my LAN interface need to be handled by >>>> the kernel's network stack. A (horrid) ASCII art representation of my >>>> desired netgraph would look like this: >>>> >>>> lower -> em0 -> downstream -> ETF -> no match -> upper em0 >>>> -> match -> >>>> lower em1 >>>> >>>> The script I have written is this: >>>> >>>> #! /bin/sh >>>> ngctl mkpeer em0: etf lower downstream >>>> ngctl name em0:lower lan_filter >>>> ngctl connect em0: lan_filter: upper nomatch >>>> ngctl msg lan_filter: setfilter { matchhook="em1:lower" >>>> ethertype=0x888e } >>>> >>>> Unfortunately, the last line of my script generates the following error >>>> message: >>>> >>>> ngctl: send msg: Invalid Argument > > For "setfilter" command to work, ng_etf requires that: > > 1) referenced "matchook" exists and you should not use "indirect name" here, > only hook own name, or else you get error ENOENT (No such file or directory); > 2) referenced "matchook" is *not* downstream hook, or else you get error > EINVAL (Invalid argument); > 3) it was not already configured, or else you get error EEXIST (File exists). Eugene kindly looked into the code and found that the error is due to wrong matchhook definition. I've never had any contact with ng_etf yet, but according to the man page, you need to set the (additional) filter hook by 'nghook -a lan_filter: mydrain' and use 'matchhook=mydrain' for the 'msg' command. Do idea about the intention, so for the rest you have to tweak as needed. -harry From owner-freebsd-net@freebsd.org Fri Dec 15 12:38:13 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 45D2DE804EB for ; Fri, 15 Dec 2017 12:38:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 32EEB74791 for ; Fri, 15 Dec 2017 12:38:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBFCcCLc076504 for ; Fri, 15 Dec 2017 12:38:13 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224247] [patch] RFC 6980 requires to drop fragmented IPv6 neighbour discovery Date: Fri, 15 Dec 2017 12:38:13 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 12:38:13 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 --- Comment #6 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Fri Dec 15 12:37:32 UTC 2017 New revision: 326876 URL: https://svnweb.freebsd.org/changeset/base/326876 Log: Follow the RFC6980 and silently ignore following IPv6 NDP messages that had the IPv6 fragmentation header: o Neighbor Solicitation o Neighbor Advertisement o Router Solicitation o Router Advertisement o Redirect Introduce M_FRAGMENTED mbuf flag, and set it after IPv6 fragment reassemb= ly is completed. Then check the presence of this flag in correspondig ND6 handling routines. PR: 224247 MFC after: 2 weeks Changes: head/sys/netinet6/frag6.c head/sys/netinet6/icmp6.c head/sys/netinet6/in6.h head/sys/netinet6/nd6_nbr.c head/sys/netinet6/nd6_rtr.c --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Dec 15 13:41:15 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 85A1CE81BD8 for ; Fri, 15 Dec 2017 13:41:15 +0000 (UTC) (envelope-from gerrit.kuehn@aei.mpg.de) Received: from umail2.aei.mpg.de (umail2.aei.mpg.de [194.94.224.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3CA3976578 for ; Fri, 15 Dec 2017 13:41:15 +0000 (UTC) (envelope-from gerrit.kuehn@aei.mpg.de) Received: from mailgate.aei.mpg.de (mailgate.aei.mpg.de [194.94.224.5]) by umail2.aei.mpg.de (Postfix) with ESMTP id 98DD01BA94DC for ; Fri, 15 Dec 2017 14:34:56 +0100 (CET) Received: from mailgate.aei.mpg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 7ECB9406ADE for ; Fri, 15 Dec 2017 14:34:56 +0100 (CET) Received: from intranet.aei.uni-hannover.de (ahin1.aei.uni-hannover.de [130.75.117.40]) by mailgate.aei.mpg.de (Postfix) with ESMTP id 2FDBE406ADB for ; Fri, 15 Dec 2017 14:34:56 +0100 (CET) Received: from arc.aei.uni-hannover.de ([130.75.117.1]) by intranet.aei.uni-hannover.de (IBM Domino Release 9.0.1FP8) with ESMTP id 2017121514345595-39245 ; Fri, 15 Dec 2017 14:34:55 +0100 Date: Fri, 15 Dec 2017 14:34:56 +0100 From: Gerrit =?ISO-8859-1?Q?K=FChn?= To: freebsd-net@freebsd.org Subject: Fw: 100.chksetuid handging on nfs mounts Message-Id: <20171215143456.278a3dc31bb09c9217e83927@aei.mpg.de> Organization: Max Planck Gesellschaft X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; amd64-portbld-freebsd11.0) Mime-Version: 1.0 X-MIMETrack: Itemize by SMTP Server on intranet/aei-hannover(Release 9.0.1FP8|February 23, 2017) at 15/12/2017 14:34:55, Serialize by Router on intranet/aei-hannover(Release 9.0.1FP8|February 23, 2017) at 15/12/2017 14:34:56, Serialize complete at 15/12/2017 14:34:56 X-TNEFEvaluated: 1 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=ISO-8859-1 X-PMX-Version: 6.0.2.2308539, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2017.12.15.132416 X-PerlMx-Spam: Gauge=IIIIIIII, Probability=8%, Report=' HTML_00_01 0.05, HTML_00_10 0.05, MIME_LOWER_CASE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1000_1099 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, LEGITIMATE_SIGNS 0, MSG_THREAD 0, SINGLE_URI_IN_BODY 0, URI_WITH_PATH_ONLY 0, __ANY_URI 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CANPHARM_UNSUB_LINK 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __HTTPS_URI 0, __MIME_TEXT_ONLY 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_VERSION 0, __NO_HTML_TAG_RAW 0, __SANE_MSGID 0, __SINGLE_URI_TEXT 0, __SUBJ_ALPHA_END 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0, __URI_IN_BODY 0, __URI_NOT_IMG 0, __URI_NO_WWW 0, __URI_NS , __URI_WITH_PATH 0' X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 13:41:15 -0000 Hello all, As I got no response at all on freebsd-fs, I try again here... Begin forwarded message: Date: Tue, 5 Dec 2017 09:04:51 +0100 From: Gerrit K=FChn To: freebsd-fs@freebsd.org Subject: 100.chksetuid handging on nfs mounts Hello all, I just found that the daily security job on a system here was hanging on chksetuid due to a defunct nfs server. Specifically, it turned out that it was hanging on this find: --- find -sx / /dev/null -type f \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \( -perm -u+s -or -perm -g+s \) -exec ls -liTd \{\} \+ --- My understanding up to now was that "-x" should prevent find from accessing mounted nfs dirs (/ is on local disk, the hanging nfs mounts are somewhere under /data/...). Why does the thing still hang, and how can I prevent this? cu Gerrit _______________________________________________ freebsd-fs@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-fs To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" From owner-freebsd-net@freebsd.org Fri Dec 15 14:08:52 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BFD9FE82427 for ; Fri, 15 Dec 2017 14:08:52 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-lf0-x22d.google.com (mail-lf0-x22d.google.com [IPv6:2a00:1450:4010:c07::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3AB7376FB5 for ; Fri, 15 Dec 2017 14:08:52 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-lf0-x22d.google.com with SMTP id g80so6139535lfg.0 for ; Fri, 15 Dec 2017 06:08:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=FDTTHTALRYYvKY/PpPXJBEOkA6+7LJeIf5CZ0lK//KA=; b=e9mR5gOjzrzcUdHx+Uu8RJE3PZgX2F4SIRELDzG5QpMzKvGGwdAYuSwBynLCDyHG3y eJ+sZVPr0EJgs4YLStG8ZuMR2U0NW8tlig60IrBJ28cCyQTlrC+64zZh5uNaSZ3O8/Nf apSfspIh5xVdWRH0BkMekduc208PQe69dDJIuRo9av44je1+GZcb+PCJOryjbsYhINZu hTFHbhn0HW5vWPSshwcdkH/vZ1KhJL/KfSC6ZfV8Hk+VeUvDMRg33iFoEcOL8tMSIJDr tN258LLBQkTb4nUnA7Pdrp3/qSr8KwFpWWi+SNeTH4AuoAaiNp3nOM2mPUr6tODJ3Su3 Tw7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=FDTTHTALRYYvKY/PpPXJBEOkA6+7LJeIf5CZ0lK//KA=; b=unOu+ss4q0hXP+bB5cVHPlaQ7vpUpnadxcdsM690GXq0k9KepAeCYvppVInxIlh9B+ ceHUMRdk5nujKlWh/yWkqC/lQcH/LVV5EqxU/L1sG7GSv1NCJbyhNQjI9NXPqPu3hbmv O4B3BAANg/GNIRWtjGLVpDim6NPxhwaX5R+nxvmtTZBD5Vkp95kT4c17Pmp37PP4YL5D wtO+RB/ImHN5tZcohzjGyD+42QgD6tBYPoLC3cyBBWoDNa5ad6ftbqm/GTG/i/JWJr6f RVNVP/Zt5HLf3igaQsr3RFOZuSHZ+5IrEypJIdonzu1L27JDX9zSjAUdqmrWj10+bmlT LWGg== X-Gm-Message-State: AKGB3mK0+05Mi5YbWPg0wNvMvOCWywShTyr6wXxLp0TWmFUwaGzHWr0i Rlt05meAKh9K2h+S7ufe7oSJIwFJxERQ745KjI8= X-Google-Smtp-Source: ACJfBosz1FD2c+D7Ne6cYVFqI05AK7dbzTQ329v2zcxWIeY5LVSk/4VZ9q2YrwWSX2dTlQpM6jUkb4WoUFyFhlzjue0= X-Received: by 10.46.27.24 with SMTP id b24mr6061882ljb.54.1513346929552; Fri, 15 Dec 2017 06:08:49 -0800 (PST) MIME-Version: 1.0 Sender: asomers@gmail.com Received: by 10.179.76.19 with HTTP; Fri, 15 Dec 2017 06:08:48 -0800 (PST) In-Reply-To: <20171215143456.278a3dc31bb09c9217e83927@aei.mpg.de> References: <20171215143456.278a3dc31bb09c9217e83927@aei.mpg.de> From: Alan Somers Date: Fri, 15 Dec 2017 07:08:48 -0700 X-Google-Sender-Auth: l8MwKYDe08Tw7W47g3Ry20m1jJA Message-ID: Subject: Re: Fw: 100.chksetuid handging on nfs mounts To: =?UTF-8?B?R2Vycml0IEvDvGhu?= Cc: FreeBSD Net Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 14:08:52 -0000 On Fri, Dec 15, 2017 at 6:34 AM, Gerrit K=C3=BChn wrote: > Hello all, > > As I got no response at all on freebsd-fs, I try again here... > > > > Begin forwarded message: > > Date: Tue, 5 Dec 2017 09:04:51 +0100 > From: Gerrit K=C3=BChn > To: freebsd-fs@freebsd.org > Subject: 100.chksetuid handging on nfs mounts > > > Hello all, > > I just found that the daily security job on a system here was hanging on > chksetuid due to a defunct nfs server. Specifically, it turned out that i= t > was hanging on this find: > > --- > find -sx / /dev/null -type f \( -perm -u+x -or -perm -g+x -or -perm -o+x > \) \( -perm -u+s -or -perm -g+s \) -exec ls -liTd \{\} \+ > --- > > > My understanding up to now was that "-x" should prevent find from > accessing mounted nfs dirs (/ is on local disk, the hanging nfs mounts > are somewhere under /data/...). Why does the thing still hang, and how ca= n > I prevent this? > > > cu > Gerrit > > This is a known bug. It happens when an NFS filesystem is mounted on the same mountpoint as a local filesystem. It's fixed by [1] and MFCed by [2] and [3]. What version are you using? [1] https://svnweb.freebsd.org/base?view=3Drevision&revision=3D306048 [2] https://svnweb.freebsd.org/base?view=3Drevision&revision=3D306642 [3] https://svnweb.freebsd.org/base?view=3Drevision&revision=3D306644 From owner-freebsd-net@freebsd.org Fri Dec 15 14:47:02 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B1295E831F1 for ; Fri, 15 Dec 2017 14:47:02 +0000 (UTC) (envelope-from gerrit.kuehn@aei.mpg.de) Received: from umail2.aei.mpg.de (umail2.aei.mpg.de [194.94.224.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 64CD778233 for ; Fri, 15 Dec 2017 14:47:01 +0000 (UTC) (envelope-from gerrit.kuehn@aei.mpg.de) Received: from mailgate.aei.mpg.de (mailgate.aei.mpg.de [194.94.224.5]) by umail2.aei.mpg.de (Postfix) with ESMTP id BBB5B1BAAAFD for ; Fri, 15 Dec 2017 15:46:59 +0100 (CET) Received: from mailgate.aei.mpg.de (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id AD965406ADE for ; Fri, 15 Dec 2017 15:46:59 +0100 (CET) Received: from intranet.aei.uni-hannover.de (ahin1.aei.uni-hannover.de [130.75.117.40]) by mailgate.aei.mpg.de (Postfix) with ESMTP id 85E3E406ADB for ; Fri, 15 Dec 2017 15:46:59 +0100 (CET) Received: from arc.aei.uni-hannover.de ([130.75.117.1]) by intranet.aei.uni-hannover.de (IBM Domino Release 9.0.1FP8) with ESMTP id 2017121515465889-39397 ; Fri, 15 Dec 2017 15:46:58 +0100 Date: Fri, 15 Dec 2017 15:46:59 +0100 From: Gerrit =?ISO-8859-1?Q?K=FChn?= To: FreeBSD Net Subject: Re: Fw: 100.chksetuid handging on nfs mounts Message-Id: <20171215154659.c8a7f21317a06ab64e480955@aei.mpg.de> In-Reply-To: References: <20171215143456.278a3dc31bb09c9217e83927@aei.mpg.de> Organization: Max Planck Gesellschaft X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; amd64-portbld-freebsd11.0) Mime-Version: 1.0 X-MIMETrack: Itemize by SMTP Server on intranet/aei-hannover(Release 9.0.1FP8|February 23, 2017) at 15/12/2017 15:46:58, Serialize by Router on intranet/aei-hannover(Release 9.0.1FP8|February 23, 2017) at 15/12/2017 15:46:58, Serialize complete at 15/12/2017 15:46:58 X-TNEFEvaluated: 1 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-PMX-Version: 6.0.2.2308539, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2017.12.15.144216 X-PerlMx-Spam: Gauge=IIIIIIII, Probability=8%, Report=' HTML_00_01 0.05, HTML_00_10 0.05, MIME_LOWER_CASE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1000_LESS 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, BODY_SIZE_700_799 0, IN_REP_TO 0, LEGITIMATE_SIGNS 0, MSG_THREAD 0, REFERENCES 0, URI_WITH_PATH_ONLY 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __HTTPS_URI 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_VERSION 0, __MULTIPLE_URI_TEXT 0, __NO_HTML_TAG_RAW 0, __REFERENCES 0, __SANE_MSGID 0, __SUBJ_ALPHA_END 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NAME 0, __TO_NAME_DIFF_FROM_ACC 0, __TO_REAL_NAMES 0, __URI_IN_BODY 0, __URI_NOT_IMG 0, __URI_NO_WWW 0, __URI_NS , __URI_WITH_PATH 0' X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 14:47:02 -0000 On Fri, 15 Dec 2017 07:08:48 -0700 Alan Somers wrote about Re: Fw: 100.chksetuid handging on nfs mounts: Dear Alan, > This is a known bug. It happens when an NFS filesystem is mounted on the > same mountpoint as a local filesystem. It's fixed by [1] and MFCed by > [2] and [3]. What version are you using? ~ # freebsd-version 10.3-RELEASE-p17 > [1] https://svnweb.freebsd.org/base?view=revision&revision=306048 > [2] https://svnweb.freebsd.org/base?view=revision&revision=306642 > [3] https://svnweb.freebsd.org/base?view=revision&revision=306644 Looks like 10.3 didn't get this fix, but 10.4 has it. The system is due for an update, anyway. Thanks for the pointers! cu Gerrit From owner-freebsd-net@freebsd.org Fri Dec 15 19:00:11 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 77BA7E896D4 for ; Fri, 15 Dec 2017 19:00:11 +0000 (UTC) (envelope-from johnllyon@gmail.com) Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1761A179B for ; Fri, 15 Dec 2017 19:00:11 +0000 (UTC) (envelope-from johnllyon@gmail.com) Received: by mail-wm0-x230.google.com with SMTP id t8so19282625wmc.3 for ; Fri, 15 Dec 2017 11:00:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=krZUc5r2kMs/00lPl7OFXxscVuKFDJCU/dy7bUQjl8Y=; b=og4MBm+3n1kzgVB6Y/e/vIamYDrbUHwDhRLx9nt4K1QWlpBKwWTKn/V+IXAmmX9bbr vioyeyTdTPVtrDGNbGe6YHsaePKXUQqYpHELCd4ialNB4+w2Xi1uYsDPxWJdFKOqNqyD Y8xnVy/dnegp5V97e5O1iXovLPU9+udz20wJ9OshqhyuVpTEpGj2w4w5IzYAaqqltedV T137IRNVVss8hih0YOR7H5ZY1xqD0m3Z2V9Lo9CWe2RW8IwfzswEAqrQ5yVfYoNglt95 56IOqXtLVpjCMa2X9dP5ybeN63B7L/eTV6BsRnW0MNPU6fMMwJmGItiEl10dMIBTwbCY tlOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=krZUc5r2kMs/00lPl7OFXxscVuKFDJCU/dy7bUQjl8Y=; b=fRkoXXYraBBjFZJywLarSuvmYB1MXwy03ApmdOczg388DVPzZfOIUY5mhMHzyKHRVe u64CBbFg9+yAS53UHspvfW0n7MFIP4xquTsdeThAZ1mVMTU6/bx1tsi4qWpC9dFaqVG/ zCw4+J0z7pDcSz9MqGJrjDpjQPiIjCnOAHPSXTAv1mcb571VDMSVcK6yo1mH6fDGVb6R R51YpT6/Pi1neOmWn0s/vp9nPgvgI5c4Xv5ppe4RAg1g2mOZQvSeCqqEKnMphrdv6CUV hVegHglU6vA2vz3Ft/pMyvfRCfFy228Qo0agVydx0462bEt1FnUXCiMsvxZuRzwL45ey Krqw== X-Gm-Message-State: AKGB3mJzP9jJ7iHxwzLCfdHdgy2IaPlhsLk3Ol1qnspejOuEQxcDpxK5 RUZME1NS/nNTaVYePNQIcbE711WlCPAuM7jTLGm38JfO X-Google-Smtp-Source: ACJfBotifGvQVmUQ8pWKzPvDtip3wQL7c/Jsov/pAmXgUloSBT3QWcnZ8Wy4T8Q1AJ+FFwV/I/OgQ+/AaIyeX+1pxmQ= X-Received: by 10.80.243.18 with SMTP id p18mr18358358edm.38.1513364409224; Fri, 15 Dec 2017 11:00:09 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.211.20 with HTTP; Fri, 15 Dec 2017 10:59:48 -0800 (PST) In-Reply-To: <5A338C5A.20300@omnilan.de> References: <5A3225BF.6020205@omnilan.de> <5A32F63E.8010205@grosbein.net> <5A338C5A.20300@omnilan.de> From: John Lyon Date: Fri, 15 Dec 2017 13:59:48 -0500 Message-ID: Subject: Re: Need Netgraph Help To: Harry Schmalzbauer Cc: Eugene Grosbein , freebsd-net@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 19:00:11 -0000 Harry and Eugene (and others), I appreciate all of your help. It's been really insightful. Although I feel like I'm getting much closer to the solution, I don't think my problem has been diagnosed. I've outlined my thought process below. Can you please tell me if I am misunderstanding something? Admittedly, I am not a kernel developer and my C language skills have atrophied the last few years. However, I've reviewed my script and I looked in the code for ng_etf.c and I don't think I am violating any of the requirements for linking a hook for no match. As Eugene stated: >>1) referenced "matchook" exists and you should not use "indirect name" here, >>only hook own name, or else you get error ENOENT (No such file or directory); This does not seem to be a problem as the upper and lower hooks for the em1 already exist (I can confirm this). >>2) referenced "matchook" is *not* downstream hook, or else you get error >>EINVAL (Invalid argument); I read the ng_etf.c file in the source tree and found this little snippet: /* and is not the downstream hook */ if (hook =3D=3D etfp->downstream_hook.hook) { error =3D EINVAL; break; } This appears to be an error check to make sure you are not creating a cycle in the graph by referencing the ETF node's own downstream hook (i.e. filtering incoming traffic and circularly feeding non-matching frames back into the ETF's own filter). I'm not doing this. I am feeding non-matching packets into the *lower* hook of another ether node and not back into the *downstream* hook of the etf node I am creating. As a result, my netgraph should not be triggering this error condition. >>3) it was not already configured, or else you get error EEXIST (File exists). I am not getting this error, so it appears not to be an issue in my case. What am I missing here? The man page states that "*any other *hook" can be used for the non-matching packets. So the man page says this should work, and there's no explicit error condition that I see (caveat, I have not written in C for at least 10 years - PEBKAC is entirely possible) that would be triggered in the ng_etf code. So what is going wrong? Thanks for all of your help, patience, and understanding. -------------------------------- John L. Lyon PGP Key Available At: https://www.dropbox.com/s/skmedtscs0tgex7/02150BFE.asc On Fri, Dec 15, 2017 at 3:48 AM, Harry Schmalzbauer wrote: > Bez=C3=BCglich Eugene Grosbein's Nachricht vom 14.12.2017 23:07 (localtim= e): > > 15.12.2017 4:27, John Lyon wrote: > > > >>>> I'm a new Netgraph user, but am having some problems with a simple > >>>> Netgraph > >>>> script I have written. Unfortunately, the error message is cryptic > and I > >>>> can't tell what I am doing wrong since my script closely follows the > >>>> example provided in the ng_etf man page. > >>>> > >>>> For some context, I'm trying to filter EAP traffic coming in on my L= AN > >>>> interface. Any ethernet frames that correspond to EAP traffic need > to be > >>>> immediately forwarded from the LAN interface to my WAN interface. A= ll > >>>> other ethernet frames coming in on my LAN interface need to be > handled by > >>>> the kernel's network stack. A (horrid) ASCII art representation of = my > >>>> desired netgraph would look like this: > >>>> > >>>> lower -> em0 -> downstream -> ETF -> no match -> upper em0 > >>>> -> match = -> > >>>> lower em1 > >>>> > >>>> The script I have written is this: > >>>> > >>>> #! /bin/sh > >>>> ngctl mkpeer em0: etf lower downstream > >>>> ngctl name em0:lower lan_filter > >>>> ngctl connect em0: lan_filter: upper nomatch > >>>> ngctl msg lan_filter: setfilter { matchhook=3D"em1:lower" > >>>> ethertype=3D0x888e } > >>>> > >>>> Unfortunately, the last line of my script generates the following > error > >>>> message: > >>>> > >>>> ngctl: send msg: Invalid Argument > > > > For "setfilter" command to work, ng_etf requires that: > > > > 1) referenced "matchook" exists and you should not use "indirect name" > here, > > only hook own name, or else you get error ENOENT (No such file or > directory); > > 2) referenced "matchook" is *not* downstream hook, or else you get erro= r > > EINVAL (Invalid argument); > > 3) it was not already configured, or else you get error EEXIST (File > exists). > > Eugene kindly looked into the code and found that the error is due to > wrong matchhook definition. > I've never had any contact with ng_etf yet, but according to the man > page, you need to set the (additional) filter hook by 'nghook -a > lan_filter: mydrain' and use 'matchhook=3Dmydrain' for the 'msg' command. > > Do idea about the intention, so for the rest you have to tweak as needed. > > -harry > > From owner-freebsd-net@freebsd.org Fri Dec 15 19:29:38 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE79CE8A5FC for ; Fri, 15 Dec 2017 19:29:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CC3C93043 for ; Fri, 15 Dec 2017 19:29:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBFJTc0J011856 for ; Fri, 15 Dec 2017 19:29:38 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224371] vxlan leaks memory Date: Fri, 15 Dec 2017 19:29:38 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to keywords Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Dec 2017 19:29:39 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224371 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|freebsd-bugs@FreeBSD.org |freebsd-net@FreeBSD.org Keywords| |patch --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sat Dec 16 05:59:49 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C2BB7E9E560 for ; Sat, 16 Dec 2017 05:59:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B147178CE1 for ; Sat, 16 Dec 2017 05:59:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBG5xlfA075363 for ; Sat, 16 Dec 2017 05:59:49 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 208205] re0 watchdog timeout Date: Sat, 16 Dec 2017 05:59:47 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.3-BETA2 X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: dinoex@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Dec 2017 05:59:49 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208205 Dirk Meyer changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dinoex@FreeBSD.org --- Comment #17 from Dirk Meyer --- Hosted environment: with FreeBSD 11.1-RELEASE. Dual-Stack: re0: flags=3D8843 metric 0 mtu 1500 options=3D82088 nd6 options=3D21 media: Ethernet autoselect (1000baseT ) status: active under load > 64 Mbit full dumplex I see the problem: kernel: re0: watchdog timeout kernel: re0: link state changed to DOWN kernel: re0: link state changed to UP after a few times the card goes offline until reboot. hw swap did not help. hardware1: re0: port 0xe000-0xe0ff mem 0xf0004000-0xf0004fff,0xf0000000-0xf0003fff irq 17 at dev= ice 0.0 on pci2 re0: MSI count : 1 re0: MSI-X count : 4 re0: attempting to allocate 1 MSI-X vectors (4 supported) re0: using IRQ 265 for MSI-X re0: Using 1 MSI-X message re0: turning off MSI enable bit. re0: Chip rev. 0x2c800000 re0: MAC rev. 0x00100000 miibus0: on re0 re0: Using defaults for TSO: 65518/35/2048 re0: bpf attached hardware2: re0: port 0xe000-0xe0ff mem 0xf7c00000-0xf7c00fff,0xf0000000-0xf0003fff irq 16 at dev= ice 0.0 on pci1 re0: MSI count : 1 re0: MSI-X count : 4 re0: attempting to allocate 1 MSI-X vectors (4 supported) re0: using IRQ 266 for MSI-X re0: Using 1 MSI-X message re0: Chip rev. 0x4c000000 re0: MAC rev. 0x00000000 miibus0: on re0 re0: Using defaults for TSO: 65518/35/2048 re0: bpf attached re0: Ethernet address: 44:8a:5b:d4:49:6d re0: netmap queues/slots: TX 1/256, RX 1/256 random: harvesting attach, 8 bytes (4 bits) from re0 --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sat Dec 16 06:03:22 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5F3FCE9E806 for ; Sat, 16 Dec 2017 06:03:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4D702790E3 for ; Sat, 16 Dec 2017 06:03:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBG63LLf036610 for ; Sat, 16 Dec 2017 06:03:22 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 208205] re0 watchdog timeout Date: Sat, 16 Dec 2017 06:03:21 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.3-BETA2 X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: dinoex@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Dec 2017 06:03:22 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208205 --- Comment #18 from Dirk Meyer --- (In reply to Dirk Meyer from comment #17) pciconf -v -l hardware1: re0@pci0:2:0:0: class=3D0x020000 card=3D0x78161462 chip=3D0x816810ec rev=3D= 0x06 hdr=3D0x00 vendor =3D 'Realtek Semiconductor Co., Ltd.' device =3D 'RTL8111/8168/8411 PCI Express Gigabit Ethernet Controll= er' class =3D network subclass =3D ethernet hardware2: re0@pci0:2:0:0: class=3D0x020000 card=3D0x78231462 chip=3D0x816810ec rev=3D= 0x0c hdr=3D0x00 vendor =3D 'Realtek Semiconductor Co., Ltd.' device =3D 'RTL8111/8168/8411 PCI Express Gigabit Ethernet Controll= er' class =3D network subclass =3D ethernet --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sat Dec 16 09:31:01 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 335F9EA261B for ; Sat, 16 Dec 2017 09:31:01 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mx0.gentlemail.de (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BC48F7E242 for ; Sat, 16 Dec 2017 09:31:00 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mh0.gentlemail.de (mh0.gentlemail.de [78.138.80.135]) by mx0.gentlemail.de (8.14.5/8.14.5) with ESMTP id vBG9UtET069531; Sat, 16 Dec 2017 10:30:55 +0100 (CET) (envelope-from freebsd@omnilan.de) Received: from titan.inop.mo1.omnilan.net (s1.omnilan.de [217.91.127.234]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mh0.gentlemail.de (Postfix) with ESMTPSA id A0D61AE1; Sat, 16 Dec 2017 10:30:55 +0100 (CET) Message-ID: <5A34E7CF.2000104@omnilan.de> Date: Sat, 16 Dec 2017 10:30:55 +0100 From: Harry Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: John Lyon CC: freebsd-net@freebsd.org, Eugene Grosbein Subject: Re: Need Netgraph Help References: <5A3225BF.6020205@omnilan.de> <5A32F63E.8010205@grosbein.net> <5A338C5A.20300@omnilan.de> In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Greylist: ACL 129 matched, not delayed by milter-greylist-4.2.7 (mx0.gentlemail.de [78.138.80.130]); Sat, 16 Dec 2017 10:30:57 +0100 (CET) X-Milter: Spamilter (Reciever: mx0.gentlemail.de; Sender-ip: 78.138.80.135; Sender-helo: mh0.gentlemail.de; ) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Dec 2017 09:31:01 -0000 Bezüglich John Lyon's Nachricht vom 15.12.2017 19:59 (localtime): > Harry and Eugene (and others), > > I appreciate all of your help. It's been really insightful. Although I > feel like I'm getting much closer to the solution, I don't think my problem > has been diagnosed. I've outlined my thought process below. Can you > please tell me if I am misunderstanding something? Admittedly, I am not a > kernel developer and my C language skills have atrophied the last few > years. However, I've reviewed my script and I looked in the code for > ng_etf.c and I don't think I am violating any of the requirements for > linking a hook for no match. > > As Eugene stated: > >>> 1) referenced "matchook" exists and you should not use "indirect name" > here, >>> only hook own name, or else you get error ENOENT (No such file or > directory); > > This does not seem to be a problem as the upper and lower hooks for the em1 > already exist (I can confirm this). > >>> 2) referenced "matchook" is *not* downstream hook, or else you get error >>> EINVAL (Invalid argument); > > I read the ng_etf.c file in the source tree and found this little snippet: > > /* and is not the downstream hook */ > if (hook == etfp->downstream_hook.hook) { > error = EINVAL; > break; > } > > This appears to be an error check to make sure you are not creating a cycle > in the graph by referencing the ETF node's own downstream hook (i.e. > filtering incoming traffic and circularly feeding non-matching frames back > into the ETF's own filter). I'm not doing this. I am feeding non-matching > packets into the *lower* hook of another ether node and not back into the > *downstream* hook of the etf node I am creating. As a result, my netgraph Ah, sorry, I was reading your setup too quickly and missed that em0|em1 detail. Since I'm no netgraph expert and also no kernel hacker due to C skills, and on top I don't have any ng_etf experience, I'm out at this point unfortunately. I just remembered the shell quoting issue I had once myself and thougth this would be an easy one ;-) I _think_ it's not possible to redierct the packets that way with ng_etf. You'd need at least to add the third hook to ng_etf. In the manpage, it's a user land hook. Have you tried if ngctl connect em1: lan_filter: lower mydrain works? If so, your "setfilter" message might also work. I think the missing third hook is the key to your solution – while I don't know your intention, but I guess you want to get specific type-tagged frames beeing transmitted on a dedicated interface. Pleas see http://www.netbsd.org/gallery/presentations/ast/2012_AsiaBSDCon/Tutorial_NETGRAPH.pdf on page 32+33. That example corresponds to the man page. Hope that helps, -harry From owner-freebsd-net@freebsd.org Sat Dec 16 14:37:18 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E63A6E8414A for ; Sat, 16 Dec 2017 14:37:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D4AB8661BE for ; Sat, 16 Dec 2017 14:37:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id vBGEbIis084790 for ; Sat, 16 Dec 2017 14:37:18 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 224371] vxlan leaks memory Date: Sat, 16 Dec 2017 14:37:18 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Dec 2017 14:37:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224371 --- Comment #1 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Sat Dec 16 14:36:21 UTC 2017 New revision: 326898 URL: https://svnweb.freebsd.org/changeset/base/326898 Log: Fix possible memory leak. vxlan_ftable entries are sorted in ascending order, due to wrong arguments order it is possible to stop search before existing element will be found. Then new element will be allocated in vxlan_ftable_update_locked() and can be inserted in the list second time or trigger MPASS() assertion with enabled INVARIANTS. PR: 224371 MFC after: 1 week Changes: head/sys/net/if_vxlan.c --=20 You are receiving this mail because: You are the assignee for the bug.=