From owner-freebsd-net@freebsd.org Sun Jan 31 21:00:27 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 654C2526253 for ; Sun, 31 Jan 2021 21:00:27 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DTNky6pJTz4fD9 for ; Sun, 31 Jan 2021 21:00:26 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.nyi.freebsd.org (Postfix) id D40AB5261BE; Sun, 31 Jan 2021 21:00:26 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C1552526504 for ; Sun, 31 Jan 2021 21:00:26 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTNky2j8Gz4f5R for ; Sun, 31 Jan 2021 21:00:26 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E077D6CF0 for ; Sun, 31 Jan 2021 21:00:25 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 10VL0PFK060851 for ; Sun, 31 Jan 2021 21:00:25 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 10VL0PDu060850 for net@FreeBSD.org; Sun, 31 Jan 2021 21:00:25 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <202101312100.10VL0PDu060850@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: net@FreeBSD.org Subject: Problem reports for net@FreeBSD.org that need special attention Date: Sun, 31 Jan 2021 21:00:25 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Jan 2021 21:00:27 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- In Progress | 235700 | oce(4) driver causes fatal trap 12 on boot with e New | 204438 | setsockopt() handling of kern.ipc.maxsockbuf limi New | 213410 | [carp] service netif restart causes hang only whe Open | 7556 | ppp: sl_compress_init() will fail if called anyth Open | 166724 | if_re(4): watchdog timeout Open | 187835 | ngctl(8) strange behavior when adding more than 5 Open | 193452 | Dell PowerEdge 210 II -- Kernel panic bce (broadc Open | 194453 | dummynet(4): pipe config bw parameter limited to Open | 200319 | Bridge+CARP crashes/freezes Open | 202510 | [CARP] advertisements sourced from CARP IP cause Open | 207261 | netmap: Doesn't do TX sync with kqueue Open | 217978 | dhclient: Support supersede statement for option Open | 220468 | libfetch: Does not handle 407 (proxy auth) when c Open | 225438 | panic in6_unlink_ifa() due to race Open | 227720 | Kernel panic in ppp server Open | 230807 | if_alc(4): Driver not working for Killer Networki Open | 235524 | igb(4): Ethernet interface loses active link stat Open | 236888 | ppp daemon: Allow MTU to be overridden for PPPoE Open | 236983 | bnxt(4) VLAN not operational unless explicit "ifc Open | 237072 | netgraph(4): performance issue [on HardenedBSD]? Open | 237840 | Removed dummynet dependency on ipfw Open | 238324 | Add XG-C100C/AQtion AQC107 10GbE NIC driver Open | 240944 | em(4): Crash with Intel 82571EB NIC with AMD Pile Open | 240969 | netinet6: Neighbour reachability detection broken Open | 241106 | tun/ppp: panic: vm_fault: fault on nofault entry Open | 241162 | Panic in closefp() triggered by nginx (uwsgi with Open | 243463 | ix0: Watchdog timeout Open | 244066 | divert: Add sysctls for divert socket send and re Open | 244706 | panic: NULL dereference inside __mtx_lock_sleep() Open | 118111 | rc: network.subr Add MAC address based interface 30 problems total for which you should take action. From owner-freebsd-net@freebsd.org Mon Feb 1 12:26:33 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 156E64FD9E1 for ; Mon, 1 Feb 2021 12:26:33 +0000 (UTC) (envelope-from vegeta@tuxpowered.net) Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTnHX0p1pz3Cp2 for ; Mon, 1 Feb 2021 12:26:31 +0000 (UTC) (envelope-from vegeta@tuxpowered.net) Received: by mail-ej1-x631.google.com with SMTP id r12so24026076ejb.9 for ; Mon, 01 Feb 2021 04:26:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tuxpowered-net.20150623.gappssmtp.com; s=20150623; h=to:references:from:subject:message-id:date:user-agent:mime-version :in-reply-to; bh=HHopF0T5TGC7iy5AG11VC6zPOTmAZq5nXLS+szKeQnY=; b=VKeX6Wo/jPgLp8ygq00hdOwA1oGrjLgK/FzZH04cA+wL8wSMh5yN266xy8RdaUaT3r 5SP7bjjS0AKaPHEmnHMUGUdEMiAEyT67gzG7HQm0AAmga1X6zzayAtQVwVHx8RNfyIgt AlWubd/VKV09//0NNgTZ9Q7UXa8ZnZaYiSrkJawTJLINsr2sF7BfJCw7nqJFIQwkmtsq beUcnXbiZgnyOhARVbnmIriKMc0f3OB51AjArd+6ge9Vet3jt3bdn6yUWoAjof+STBOF b6srBUnG+sNkk6j2P8CBHEALncJqqybJT/kEeHH1C9daGFtNljUKmRA1oFbR1b9Gw/q2 bXsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:references:from:subject:message-id:date :user-agent:mime-version:in-reply-to; bh=HHopF0T5TGC7iy5AG11VC6zPOTmAZq5nXLS+szKeQnY=; b=tH6YFxyfCHKPQ3a83LkGFcZIZbhaEyuWkCashMr3NyBwM8RxT0mDFJEL0WZ6FvEIyJ VtxAk+wYEuAb+Mha5/O01qg3b956H6wuVKfV/cOAkHy07zPh/sWWRBci9DcoFal7nbwX E7FPbciutX6+JQIt7yQ4j5RW27fAKxUVwb8/cpAwCvRKBCcO61hExpJl65hsiaYAX7tk cKPsG5jAiEwdyRNndwii18Y6B6tU1OaqCTSnXDiPSNymdb/kMUOl1lqZKnK2WNWmAZ2I FAo+hFh27M+AC8iM0KjJRS4ujcPLIfjh5R99pTZXiYb2hSGyz6ayytH0Bcd4tZ+Zvdzl 19LQ== X-Gm-Message-State: AOAM531+OJw+vIsXsZll8eaj7/St2wDDt6N938JDGWl8pVoxp0gfGMya ovvPpILyJ2o4LiN43UTQk+OzOcfxL2ESfA== X-Google-Smtp-Source: ABdhPJzLbkOWDJHXVSPnoWMw8zOI6mE3+V/2N13WfCvyYn/qI0xFuLXXHlDQ3I6U9L8W+C0QeGVBbA== X-Received: by 2002:a17:906:57d4:: with SMTP id u20mr1313580ejr.247.1612182390127; Mon, 01 Feb 2021 04:26:30 -0800 (PST) Received: from proton.tuxpowered.net ([2a04:4540:6a17:ad00:ecc9:4b5c:1cfd:a738]) by smtp.gmail.com with ESMTPSA id g14sm8615722edm.31.2021.02.01.04.26.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 01 Feb 2021 04:26:29 -0800 (PST) To: Eugene Grosbein , freebsd-net@FreeBSD.org References: <14fc5e0a-7d36-e040-f87c-48cf54490b7b@grosbein.net> From: Kajetan Staszkiewicz Subject: Re: How to not send traffic to TCP/IP stack Message-ID: <2abf8b29-41c3-6a98-fde6-24b33fe3ccfd@tuxpowered.net> Date: Mon, 1 Feb 2021 13:26:28 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <14fc5e0a-7d36-e040-f87c-48cf54490b7b@grosbein.net> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="muG0wZl4cI4HMkA7p8Vc1edf4mhPwZ81x" X-Rspamd-Queue-Id: 4DTnHX0p1pz3Cp2 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=tuxpowered-net.20150623.gappssmtp.com header.s=20150623 header.b=VKeX6Wo/; dmarc=none; spf=pass (mx1.freebsd.org: domain of vegeta@tuxpowered.net designates 2a00:1450:4864:20::631 as permitted sender) smtp.mailfrom=vegeta@tuxpowered.net X-Spamd-Result: default: False [-5.60 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; HAS_ATTACHMENT(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[tuxpowered-net.20150623.gappssmtp.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::631:from]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[tuxpowered-net.20150623.gappssmtp.com:s=20150623]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; DMARC_NA(0.00)[tuxpowered.net]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::631:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::631:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 12:26:33 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --muG0wZl4cI4HMkA7p8Vc1edf4mhPwZ81x Content-Type: multipart/mixed; boundary="jl6Rptj1MYcPNx1Py4puuIRp8PelDXknu"; protected-headers="v1" From: Kajetan Staszkiewicz To: Eugene Grosbein , freebsd-net@FreeBSD.org Message-ID: <2abf8b29-41c3-6a98-fde6-24b33fe3ccfd@tuxpowered.net> Subject: Re: How to not send traffic to TCP/IP stack References: <14fc5e0a-7d36-e040-f87c-48cf54490b7b@grosbein.net> In-Reply-To: <14fc5e0a-7d36-e040-f87c-48cf54490b7b@grosbein.net> --jl6Rptj1MYcPNx1Py4puuIRp8PelDXknu Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: quoted-printable On 29.01.21 19:45, Eugene Grosbein wrote: > 29.01.2021 22:15, Kajetan Staszkiewicz wrote: >=20 >> So far so good. But what if a LB wants to access the service? >> >> SYN: >> 1. LB sends out a packet through public interface becuase that's where= >> the default gateway points. >> 2. Core router sends the packet to one of LBs, in this case the same o= ne >> who originated the packet. >> 3. It arrives at the public interface of LB where it is matched again= st >> a route-to pf rule. A public-side pf state is created, a tag is assign= ed. >> 4. pf's rout-to routes it to a LB Node / target. >> 5. Leaves the LB over internal interface, matches the tag, another sta= te >> is created. >> >> ACK: >> 1. From LB Node >> 2. Hits internal interface of LB, the state is already there. >> 3. Normal routing decision of LB decides to send the packet to IP stac= k. >> 4. The packet never hits the pf state on the public side of LB. >> 5. The public side pf state never sees ACK from the LB Node, the state= >> times out very fast. >> >> My goal is to have loadbalanced connections to *always* behave like th= ey >> come from the Internet, that is to leave the LB and bounce off the cor= e >> router. >=20 > I'm not a pf user, so I wonder: why do you need to create any firewall = state > for such traffic at all? Can't you route such packets in stateless mode= ? > I don't see any value in pf states for such packets. Which ones? There is a total of 3 pf states created here, 2 on public side (outgoing, incoming-LB), 1 on internal (post-LB). That would still not allow me to avoid sending packets to the IP stack, would it? The only way I've found to force outgoing interface while skipping routing is via "reply-to" target of pf, but that requires static gateway in pf rules, which is not an option for me because gateway is installed from BGP. --=20 | pozdrawiam / greetings | Powered by macOS, Debian and FreeBSD | | Kajetan Staszkiewicz | www: http://vegeta.tuxpowered.net | `------------------------^--------------------------------------' --jl6Rptj1MYcPNx1Py4puuIRp8PelDXknu-- --muG0wZl4cI4HMkA7p8Vc1edf4mhPwZ81x Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wmMEABEIACMWIQSOEQZObv2B8mf0JbnjtFCvbXs6FAUCYBfzdAUDAAAAAAAKCRDjtFCvbXs6FDwC AKCvlIy6lleWraAKqVn3PuzjPrCFpACg5FsOVOagi86Nm1PHLOLgktxjwEA= =36HQ -----END PGP SIGNATURE----- --muG0wZl4cI4HMkA7p8Vc1edf4mhPwZ81x-- From owner-freebsd-net@freebsd.org Mon Feb 1 13:58:41 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 37C2D52A8F2 for ; Mon, 1 Feb 2021 13:58:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DTqKs0vtDz3RLb for ; Mon, 1 Feb 2021 13:58:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 1D6FC52AB99; Mon, 1 Feb 2021 13:58:41 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1D3B952AB24 for ; Mon, 1 Feb 2021 13:58:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTqKs0Gtmz3RHk for ; Mon, 1 Feb 2021 13:58:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id ED4401BEE3 for ; Mon, 1 Feb 2021 13:58:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111DwejK023945 for ; Mon, 1 Feb 2021 13:58:40 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111DwedK023944 for net@FreeBSD.org; Mon, 1 Feb 2021 13:58:40 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 241462] netgraph/ng_tag: Variable length data can not be set for all length Date: Mon, 01 Feb 2021 13:58:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 13:58:41 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D241462 --- Comment #2 from commit-hook@FreeBSD.org --- A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D305b3ca5f40cbfff1e29f7e2e10a63633= 1a8575c commit 305b3ca5f40cbfff1e29f7e2e10a636331a8575c Author: Lutz Donnerhacke AuthorDate: 2021-01-02 13:58:17 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-02-01 13:55:42 +0000 netgraph/ng_tag: permit variable length data ng_tag(4) operate on arbitrary data of mbuf_tags(9). Those structures are padded to the next multiple of the alignment by the compiler. Hence a valid argument has be at most as long as the data received. PR: 241462 Reviewed by: kp Approved by: philip (mentor) Differential Revision: https://reviews.freebsd.org/D22140 (cherry picked from commit 7c7c231c14246a709270bf3f3a4593208e84d01a) sys/netgraph/ng_tag.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Feb 1 14:08:43 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DFA7052B610 for ; Mon, 1 Feb 2021 14:08:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DTqYR5pJyz3hdb for ; Mon, 1 Feb 2021 14:08:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id C559A52B4C2; Mon, 1 Feb 2021 14:08:43 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C521952B60F for ; Mon, 1 Feb 2021 14:08:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTqYR55Bhz3hpW for ; Mon, 1 Feb 2021 14:08:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A1AFF1C958 for ; Mon, 1 Feb 2021 14:08:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111E8hsL028066 for ; Mon, 1 Feb 2021 14:08:43 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111E8hPo028065 for net@FreeBSD.org; Mon, 1 Feb 2021 14:08:43 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 241462] netgraph/ng_tag: Variable length data can not be set for all length Date: Mon, 01 Feb 2021 14:08:44 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 14:08:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D241462 --- Comment #3 from commit-hook@FreeBSD.org --- A commit in branch stable/11 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D90d158c0cf2598fde2ea1c7cd58909cf5= a21c471 commit 90d158c0cf2598fde2ea1c7cd58909cf5a21c471 Author: Lutz Donnerhacke AuthorDate: 2021-01-02 13:58:17 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-02-01 14:07:31 +0000 netgraph/ng_tag: permit variable length data ng_tag(4) operate on arbitrary data of mbuf_tags(9). Those structures are padded to the next multiple of the alignment by the compiler. Hence a valid argument has be at most as long as the data received. PR: 241462 Reviewed by: kp Approved by: philip (mentor) Differential Revision: https://reviews.freebsd.org/D22140 (cherry picked from commit 7c7c231c14246a709270bf3f3a4593208e84d01a) sys/netgraph/ng_tag.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Feb 1 17:01:18 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5ED1752FF05 for ; Mon, 1 Feb 2021 17:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DTvNZ23nfz4RSg for ; Mon, 1 Feb 2021 17:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 46B0252FF04; Mon, 1 Feb 2021 17:01:18 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4677B52FBB2 for ; Mon, 1 Feb 2021 17:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTvNZ1SVmz4RKk for ; Mon, 1 Feb 2021 17:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2533D1E97C for ; Mon, 1 Feb 2021 17:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111H1ISK020296 for ; Mon, 1 Feb 2021 17:01:18 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111H1Igf020295 for net@FreeBSD.org; Mon, 1 Feb 2021 17:01:18 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253154] wireguard - add peer alias Date: Mon, 01 Feb 2021 17:01:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: short_desc assigned_to component keywords Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 17:01:18 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253154 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|[PATCH] wireguard - add |wireguard - add peer alias |peer alias | Assignee|bugs@FreeBSD.org |net@FreeBSD.org Component|misc |kern Keywords|patch | --- Comment #1 from Mark Linimon --- ^Triage: assign to net@. Also, note that we have deprecated using [patch] and the 'patch' Keyword in favor of deriving that information from the Bugzilla metadata (e.g. from the Attachments themselves). --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Feb 1 18:45:59 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A42C0531AD9 for ; Mon, 1 Feb 2021 18:45:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DTxjM0ydqz4XxG for ; Mon, 1 Feb 2021 18:45:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id EB2A2531E84; Mon, 1 Feb 2021 18:45:58 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E9C79531BDC for ; Mon, 1 Feb 2021 18:45:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTxjK0739z4Y0Z for ; Mon, 1 Feb 2021 18:45:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E7B3420594 for ; Mon, 1 Feb 2021 18:45:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111IjuDf075726 for ; Mon, 1 Feb 2021 18:45:56 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111IjuBC075725 for net@FreeBSD.org; Mon, 1 Feb 2021 18:45:56 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 252958] [tcp] Kernel panic in tcp_prr_partialack() Date: Mon, 01 Feb 2021 18:45:56 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: rscheff@freebsd.org X-Bugzilla-Flags: mfc-stable13+ X-Bugzilla-Changed-Fields: resolution flagtypes.name bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 18:45:59 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D252958 Michael Tuexen changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Flags|mfc-stable13? |mfc-stable13+ Status|New |Closed --- Comment #7 from Michael Tuexen --- https://cgit.FreeBSD.org/src/commit/?id=3D76dd854f47f4aea703093647a158f280d= 383ea6d fixes it in stable/13. Therefore closing the issue. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Mon Feb 1 18:50:50 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 64F04532001 for ; Mon, 1 Feb 2021 18:50:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4DTxpy2Dd0z4YHp for ; Mon, 1 Feb 2021 18:50:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 4C8E7531CF9; Mon, 1 Feb 2021 18:50:50 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4C584531873 for ; Mon, 1 Feb 2021 18:50:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTxpy1dDgz4YYs for ; Mon, 1 Feb 2021 18:50:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2B1011FFE8 for ; Mon, 1 Feb 2021 18:50:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111IooSi078748 for ; Mon, 1 Feb 2021 18:50:50 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111Ioojr078747 for net@FreeBSD.org; Mon, 1 Feb 2021 18:50:50 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 219991] [tcp][PATCH] TCP process bogus packets with too large ACK Date: Mon, 01 Feb 2021 18:50:50 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.3-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: Feedback Timeout X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: resolution bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 18:50:50 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D219991 Michael Tuexen changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |Feedback Timeout Status|New |Closed --- Comment #2 from Michael Tuexen --- No response in two years and FreeBSD 10 is not supported anymore. Please re-open, if the problem persists. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Feb 1 20:28:02 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7DA4A535E47 for ; Mon, 1 Feb 2021 20:28:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DTzz62wwVz4tj8 for ; Mon, 1 Feb 2021 20:28:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 64797535B73; Mon, 1 Feb 2021 20:28:02 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 64440535C61 for ; Mon, 1 Feb 2021 20:28:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DTzz61tWFz4tsg for ; Mon, 1 Feb 2021 20:28:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 337A021C03 for ; Mon, 1 Feb 2021 20:28:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111KS2Z5031564 for ; Mon, 1 Feb 2021 20:28:02 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111KS2tN031563 for net@FreeBSD.org; Mon, 1 Feb 2021 20:28:02 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] TCP MD5 not supported with net.inet.tcp.functions_default=rack Date: Mon, 01 Feb 2021 20:28:02 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: short_desc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 20:28:02 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253096 Marek Zarychta changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|TCP MD5 regression on |TCP MD5 not supported with |STABLE/13 |net.inet.tcp.functions_defa | |ult=3Drack --- Comment #3 from Marek Zarychta --- The setting net.inet.tcp.functions_default=3Drack was the culprit. Probably= TCP RACK is not supposed to support TCP MD5 and this bug has to be closed, but = let people from the project decide and give some feedback here. I have done more tests with the most recent stable{12,13} and it looks like that with net.inet.tcp.functions_default=3Dfreebsd TCP MD5 signatures are supported fine. I have tried to revert this setting to default prior to reporting this as a bug but it not always worked. I am sorry for the noise on Bugzilla and freebsd-net@ mailing list, but in initial tests disabling RACK wasn't sufficient to get TCP MD5 working (prob= ably due to accidentally flushing IPsec rules in the meantime), so I took some ad-hoc steps to repair it quickly, disabling some devices, reverting sysclt= s to default values etc. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Feb 1 20:52:22 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A3AFE536B14 for ; Mon, 1 Feb 2021 20:52:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DV0WB434Bz3Cds for ; Mon, 1 Feb 2021 20:52:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 8AE4C5366E0; Mon, 1 Feb 2021 20:52:22 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8AA9B536997 for ; Mon, 1 Feb 2021 20:52:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DV0WB3RwYz3CH7 for ; Mon, 1 Feb 2021 20:52:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 67A6E21E40 for ; Mon, 1 Feb 2021 20:52:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111KqMg5044109 for ; Mon, 1 Feb 2021 20:52:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111KqMsC044108 for net@FreeBSD.org; Mon, 1 Feb 2021 20:52:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] [tcp] RACK does not support TCP MD5 Date: Mon, 01 Feb 2021 20:52:22 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: short_desc cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 20:52:22 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253096 Michael Tuexen changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|TCP MD5 not supported with |[tcp] RACK does not support |net.inet.tcp.functions_defa |TCP MD5 |ult=3Drack | CC| |rrs@FreeBSD.org, | |tuexen@freebsd.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Feb 1 20:58:16 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 36804536B3A for ; Mon, 1 Feb 2021 20:58:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DV0f00tM7z3Cpj for ; Mon, 1 Feb 2021 20:58:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 1C74B536B39; Mon, 1 Feb 2021 20:58:16 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1C3F1536CA2 for ; Mon, 1 Feb 2021 20:58:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DV0f00G98z3Cr7 for ; Mon, 1 Feb 2021 20:58:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F08F52228A for ; Mon, 1 Feb 2021 20:58:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 111KwFEF046456 for ; Mon, 1 Feb 2021 20:58:15 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 111KwFZr046455 for net@FreeBSD.org; Mon, 1 Feb 2021 20:58:15 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] [tcp] RACK does not support TCP MD5 Date: Mon, 01 Feb 2021 20:58:15 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2021 20:58:16 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253096 --- Comment #4 from Michael Tuexen --- I think neither RACK nor BBR do support TCP MD5. Up to now, this was also n= ot intended, I think, but I'll let rrs@ confirm. I don't think it is a regression in the sense that RACK did not support it = in the past. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Feb 2 00:35:14 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7DA784EDE2F for ; Tue, 2 Feb 2021 00:35:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DV5SL2xjrz3jRw for ; Tue, 2 Feb 2021 00:35:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 650CB4EDE2C; Tue, 2 Feb 2021 00:35:14 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 64D904EDC46 for ; Tue, 2 Feb 2021 00:35:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DV5SL2Mp8z3jKl for ; Tue, 2 Feb 2021 00:35:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 43D4724B7E for ; Tue, 2 Feb 2021 00:35:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1120ZEeZ062095 for ; Tue, 2 Feb 2021 00:35:14 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1120ZE8c062094 for net@FreeBSD.org; Tue, 2 Feb 2021 00:35:14 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253172] Intel e1000 - Interface Stalls After Media Type is Changed Date: Tue, 02 Feb 2021 00:35:14 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: IntelNetworking X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to keywords Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 00:35:14 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253172 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |net@FreeBSD.org Keywords| |IntelNetworking --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Feb 2 01:36:43 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8E8794F9778 for ; Tue, 2 Feb 2021 01:36:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4DV6qH3SRFz3qDF for ; Tue, 2 Feb 2021 01:36:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 76B8B4F9D09; Tue, 2 Feb 2021 01:36:43 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 768264F9D08 for ; Tue, 2 Feb 2021 01:36:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DV6qH2t46z3qG6 for ; Tue, 2 Feb 2021 01:36:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5528D25BCF for ; Tue, 2 Feb 2021 01:36:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1121ahj5093616 for ; Tue, 2 Feb 2021 01:36:43 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1121ahlh093615 for net@FreeBSD.org; Tue, 2 Feb 2021 01:36:43 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] [tcp] RACK does not support TCP MD5 Date: Tue, 02 Feb 2021 01:36:42 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: rgrimes@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 01:36:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253096 Rodney W. Grimes changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rgrimes@FreeBSD.org --- Comment #5 from Rodney W. Grimes --- (In reply to Michael Tuexen from comment #4) > I think neither RACK nor BBR do support TCP MD5. Up to now, this was also= not intended, I think, but I'll let rrs@ confirm. Do and of the stacks support TCP-AO? I think that should be a requirement since that is the replacement for TCP-MD5. And though TCP-MD5 is officially depricated giving the nature of how slowly TCP-AO has rolled out it would probably be a good idea to have continued support for TCP-MD5 in all stacks (this is not a hard thing to implement) until TCP-AO is more widely deploye= d.=20 Most of my BGP peers have a fall back stance to TCP-MD5 if you can't do TCP= -AO. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Feb 2 08:52:59 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6A35D52AA5E for ; Tue, 2 Feb 2021 08:52:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DVJVg2Nxzz4hlC for ; Tue, 2 Feb 2021 08:52:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 5200752AACA; Tue, 2 Feb 2021 08:52:59 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 51C8452AA5D for ; Tue, 2 Feb 2021 08:52:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DVJVg1q3yz4hq7 for ; Tue, 2 Feb 2021 08:52:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 31B1836FD for ; Tue, 2 Feb 2021 08:52:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1128qxHG020100 for ; Tue, 2 Feb 2021 08:52:59 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1128qxRC020099 for net@FreeBSD.org; Tue, 2 Feb 2021 08:52:59 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] [tcp] RACK does not support TCP MD5 Date: Tue, 02 Feb 2021 08:52:59 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 08:52:59 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253096 --- Comment #6 from Michael Tuexen --- (In reply to Rodney W. Grimes from comment #5) Is TCP-AO supported by the base stack? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Feb 2 11:25:22 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8416C52DFE3 for ; Tue, 2 Feb 2021 11:25:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4DVMtV3BGJz4qtY for ; Tue, 2 Feb 2021 11:25:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 6D5E652DFE2; Tue, 2 Feb 2021 11:25:22 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6D22952E28B for ; Tue, 2 Feb 2021 11:25:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DVMtV2XJBz4qj2 for ; Tue, 2 Feb 2021 11:25:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 49FAA5460 for ; Tue, 2 Feb 2021 11:25:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 112BPM2r092717 for ; Tue, 2 Feb 2021 11:25:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 112BPMcM092716 for net@FreeBSD.org; Tue, 2 Feb 2021 11:25:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 238741] [tcp] RACK stack causes connections to hang Date: Tue, 02 Feb 2021 11:25:22 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 11:25:22 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238741 --- Comment #2 from Michael Tuexen --- I can confirm that the combination of CDG and RACK results in a stalled transfer. I tested this with FreeBSD current. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Feb 2 11:25:50 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8FED652E0E6 for ; Tue, 2 Feb 2021 11:25:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DVMv23Tpqz4r94 for ; Tue, 2 Feb 2021 11:25:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 778BB52E20E; Tue, 2 Feb 2021 11:25:50 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 774D752E0E5 for ; Tue, 2 Feb 2021 11:25:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DVMv22t8Xz4r4M for ; Tue, 2 Feb 2021 11:25:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 54A9D5716 for ; Tue, 2 Feb 2021 11:25:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 112BPotK092834 for ; Tue, 2 Feb 2021 11:25:50 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 112BPoc5092833 for net@FreeBSD.org; Tue, 2 Feb 2021 11:25:50 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 238741] [tcp] Using RACK with CDG CC causes connections to hang Date: Tue, 02 Feb 2021 11:25:50 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: tuexen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: short_desc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 11:25:50 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238741 Michael Tuexen changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|[tcp] RACK stack causes |[tcp] Using RACK with CDG |connections to hang |CC causes connections to | |hang --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Feb 2 12:57:43 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 91A0053162B for ; Tue, 2 Feb 2021 12:57:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4DVPx33XxCz3F6B for ; Tue, 2 Feb 2021 12:57:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 799EC53162A; Tue, 2 Feb 2021 12:57:43 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7966C53171C for ; Tue, 2 Feb 2021 12:57:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DVPx32xwvz3FLY for ; Tue, 2 Feb 2021 12:57:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 58ADA68B9 for ; Tue, 2 Feb 2021 12:57:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 112Cvhqb040884 for ; Tue, 2 Feb 2021 12:57:43 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 112Cvhc6040883 for net@FreeBSD.org; Tue, 2 Feb 2021 12:57:43 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] [tcp] RACK does not support TCP MD5 Date: Tue, 02 Feb 2021 12:57:42 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: rgrimes@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 12:57:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253096 --- Comment #7 from Rodney W. Grimes --- (In reply to Michael Tuexen from comment #6) Not that I can find, though I find some stuff on the internet that suggests Juniper sponsored some work on it, where that ended up I have no idea. This is one of my reasons for wanting tcp-md5 support to be prevalent as without it you can not protect BGP sessions, and most BGP peers request at a minimum md5 protection. Its probably ok that RACK does not have it, and th= at should be somehow documented or at least an error condition asserted if one tries to use it with RACK. Silent failure like this person experienced is painful, and people dealing with BGP already have enough pain. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Feb 2 15:05:21 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1E97F534FBE for ; Tue, 2 Feb 2021 15:05:21 +0000 (UTC) (envelope-from peter.garshtja@ambient-md.com) Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DVSmJ0Kkgz3PlP for ; Tue, 2 Feb 2021 15:05:19 +0000 (UTC) (envelope-from peter.garshtja@ambient-md.com) Received: by mail-qt1-x82d.google.com with SMTP id v3so15120369qtw.4 for ; Tue, 02 Feb 2021 07:05:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ambient-md-com.20150623.gappssmtp.com; s=20150623; h=to:from:subject:message-id:date:user-agent:mime-version :content-language; bh=lKQkOc54AYqrEUEV/dhF+ZyPCXvH4EyO7K87ka7j+B8=; b=JBuVuYHYpVy9dADFc/5JF+1TFS1Vgh5Tf55m0NQzDL1Z/lUi9dFZIVEN775It3gaBX J7f96z/rZOQWgJltgk7QGkvwdy9k0jeOstgc8i+Okb6o4O+PsfJg/Q97fU6aRo+6RZeL XdSM+WmeX2p9bP0zy3kyesyN2n0H0z1jvnrV3ddmdahGYl/U2Zs6YZKPEezkQsg7Es16 NlBrrHNzvxpmpMjroSRYPRsFe5MxpcguM5D8rQsUKTLMbHkLe+v56k9ek5mWvVVgFyd0 25ZPfWxdjungIjvlgZgR7lsyqc6LVnh0bYCzjrN1jOZ7ZReYN4IgRC8p0WHU2qbAkh4m WJug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-language; bh=lKQkOc54AYqrEUEV/dhF+ZyPCXvH4EyO7K87ka7j+B8=; b=SzdmQILZ4tmO7uKmr/gu3t9Iz5X5+hBfTjoJqeZzq4KPctG1151fRoOiuiJCpjJXWT c9heV8DVJaDumN3Sp3aW9fKLpOqkn0dbcGYBpstjsLwWaTalwCVX/IlOiUCfSX9x8awi TW/vhqEbRSPMkG7hXH17Pw4131d+eco9rmvlM8fW6qjqu9yBNfaQWydqu1qDIlrz7sZH l/9hyVbjibqyswcXrYJe0eCB6IcAEbixnLjEeD1gjM8feV4yB1ViGrSGxWyqelG6orVJ E0/SJaXNwV0WSYrf1GUPg1MEFEXLejtmECLiLs4XrLQs/WAtb20uuAj9FqAx211ZiAXq CyEw== X-Gm-Message-State: AOAM533jAy8CKRNvDPuo2Bb5DQqwIeFjtOKtXeTa6khSdx6OHhlNtjzR XdGJ/rEbEaKmkb25i6cbxZuTz7F5xYi+YLnP X-Google-Smtp-Source: ABdhPJxKIA7zCZH5jbn4gkRXlhy3tJxHRGDZT4kXl/zH7uBSM+/eUcpMiAYDavW+yjD+rFWNK9azCA== X-Received: by 2002:ac8:70c:: with SMTP id g12mr12979094qth.133.1612278318506; Tue, 02 Feb 2021 07:05:18 -0800 (PST) Received: from ?IPv6:2001:470:1c:38d::4? ([2001:470:1c:38d::4]) by smtp.gmail.com with ESMTPSA id p18sm16567436qkj.130.2021.02.02.07.05.16 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 02 Feb 2021 07:05:17 -0800 (PST) To: freebsd-net@freebsd.org From: petru garstea Subject: netgraph with ng_netflow and ng_gridge nodes Message-ID: <43cf5dc9-521c-dcc4-f025-398173608062@ambient-md.com> Date: Tue, 2 Feb 2021 10:05:15 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 Content-Language: en-US X-Rspamd-Queue-Id: 4DVSmJ0Kkgz3PlP X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ambient-md-com.20150623.gappssmtp.com header.s=20150623 header.b=JBuVuYHY; dmarc=none; spf=none (mx1.freebsd.org: domain of peter.garshtja@ambient-md.com has no SPF policy when checking 2607:f8b0:4864:20::82d) smtp.mailfrom=peter.garshtja@ambient-md.com X-Spamd-Result: default: False [-1.32 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[ambient-md-com.20150623.gappssmtp.com:s=20150623]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::82d:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; DMARC_NA(0.00)[ambient-md.com]; NEURAL_SPAM_SHORT(0.98)[0.976]; DKIM_TRACE(0.00)[ambient-md-com.20150623.gappssmtp.com:+]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::82d:from]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::82d:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-Mailman-Approved-At: Tue, 02 Feb 2021 17:22:51 +0000 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 15:05:21 -0000 Hi, I need help to unify 2 netgraphs 1st ng_bridge netgraph ngctl mkpeer fxp0: bridge lower link0 ngctl connect fxp0: em0:lower upper link1 ngctl name fxp0:lower em0Bridge ngctl mkpeer fxp0:lower eiface link3 ether 2nd ng_netflow netgraph mkpeer fxp0: netflow lower iface0 name fxp0:lower netflow connect fxp0: netflow: upper out0 mkpeer netflow: ksocket export inet/dgram/udp msg netflow:export connect inet/10.0.0.1:4444 I cannot run both graphs at the same time because both of them are trying to use fxp0 interface lower and upper hooks. I believe it is necessary to introduce an extra node but I am not sure. Please advise Cheers, Petru From owner-freebsd-net@freebsd.org Tue Feb 2 20:17:04 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 66C0D53BFDB for ; Tue, 2 Feb 2021 20:17:04 +0000 (UTC) (envelope-from lutz@iks-jena.de) Received: from annwfn.iks-jena.de (annwfn.iks-jena.de [IPv6:2001:4bd8::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DVbgz1Yqhz4W6w for ; Tue, 2 Feb 2021 20:17:02 +0000 (UTC) (envelope-from lutz@iks-jena.de) X-SMTP-Sender: IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f Received: from belenus.iks-jena.de (belenus.iks-jena.de [IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f]) by annwfn.iks-jena.de (8.15.2/8.15.2) with ESMTPS id 112KGnMi031833 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 2 Feb 2021 21:16:49 +0100 X-MSA-Host: belenus.iks-jena.de Received: (from lutz@localhost) by belenus.iks-jena.de (8.14.3/8.14.1/Submit) id 112KGn0K031770; Tue, 2 Feb 2021 21:16:49 +0100 Date: Tue, 2 Feb 2021 21:16:49 +0100 From: Lutz Donnerhacke To: petru garstea Cc: freebsd-net@freebsd.org Subject: Re: netgraph with ng_netflow and ng_gridge nodes Message-ID: <20210202201649.GA31653@belenus.iks-jena.de> References: <43cf5dc9-521c-dcc4-f025-398173608062@ambient-md.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <43cf5dc9-521c-dcc4-f025-398173608062@ambient-md.com> X-message-flag: Please send plain text messages only. Thank you. User-Agent: Mutt/1.5.17 (2007-11-01) X-Rspamd-Queue-Id: 4DVbgz1Yqhz4W6w X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of lutz@iks-jena.de designates 2001:4bd8::19 as permitted sender) smtp.mailfrom=lutz@iks-jena.de X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2001:4bd8::/48]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[donnerhacke.de]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:4bd8::19:from]; SPAMHAUS_ZRD(0.00)[2001:4bd8::19:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[lutz@donnerhacke.de,lutz@iks-jena.de]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15725, ipnet:2001:4bd8::/29, country:DE]; FROM_NEQ_ENVFROM(0.00)[lutz@donnerhacke.de,lutz@iks-jena.de]; MAILMAN_DEST(0.00)[freebsd-net]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 20:17:04 -0000 On Tue, Feb 02, 2021 at 10:05:15AM -0500, petru garstea wrote: > Hi, > > I need help to unify 2 netgraphs > > 1st ng_bridge netgraph > > ngctl mkpeer fxp0: bridge lower link0 > ngctl connect fxp0: em0:lower upper link1 > ngctl name fxp0:lower em0Bridge > ngctl mkpeer fxp0:lower eiface link3 ether So you tap the fxp0 with a bridge and attach an virtual interface. > 2nd ng_netflow netgraph > > mkpeer fxp0: netflow lower iface0 > name fxp0:lower netflow > connect fxp0: netflow: upper out0 > mkpeer netflow: ksocket export inet/dgram/udp > msg netflow:export connect inet/10.0.0.1:4444 So you inject a bidirectional netflow analyser into the fxp0 interface. > I cannot run both graphs at the same time because both of them are trying to use fxp0 interface lower and upper hooks. > I believe it is necessary to introduce an extra node but I am not sure. You need to define which communication you want to analyse with netflow. I.e. you want to analyze the traffic on the wire: fxp0.lower -- iface0.netgraph.out0 -- link1.bridge.link2 -- upper.fxp0 \.link3 -- ether.eiface This will exclude the traffic between the eiface and the fxp0 IP-stack. From owner-freebsd-net@freebsd.org Tue Feb 2 20:27:08 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1B44253C7AC for ; Tue, 2 Feb 2021 20:27:08 +0000 (UTC) (envelope-from lutz@iks-jena.de) Received: from annwfn.iks-jena.de (annwfn.iks-jena.de [IPv6:2001:4bd8::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DVbvb2BY8z4Wdw for ; Tue, 2 Feb 2021 20:27:07 +0000 (UTC) (envelope-from lutz@iks-jena.de) X-SMTP-Sender: IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f Received: from belenus.iks-jena.de (belenus.iks-jena.de [IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f]) by annwfn.iks-jena.de (8.15.2/8.15.2) with ESMTPS id 112KQpS7000579 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 2 Feb 2021 21:26:51 +0100 X-MSA-Host: belenus.iks-jena.de Received: (from lutz@localhost) by belenus.iks-jena.de (8.14.3/8.14.1/Submit) id 112KQpqE032046; Tue, 2 Feb 2021 21:26:51 +0100 Date: Tue, 2 Feb 2021 21:26:51 +0100 From: Lutz Donnerhacke To: petru garstea Cc: freebsd-net@freebsd.org Subject: Re: netgraph with ng_netflow and ng_gridge nodes Message-ID: <20210202202651.GA31946@belenus.iks-jena.de> References: <43cf5dc9-521c-dcc4-f025-398173608062@ambient-md.com> <20210202201649.GA31653@belenus.iks-jena.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210202201649.GA31653@belenus.iks-jena.de> X-message-flag: Please send plain text messages only. Thank you. User-Agent: Mutt/1.5.17 (2007-11-01) X-Rspamd-Queue-Id: 4DVbvb2BY8z4Wdw X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of lutz@iks-jena.de designates 2001:4bd8::19 as permitted sender) smtp.mailfrom=lutz@iks-jena.de X-Spamd-Result: default: False [-3.00 / 15.00]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:4bd8::19:from]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2001:4bd8::/48:c]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[donnerhacke.de]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SPAMHAUS_ZRD(0.00)[2001:4bd8::19:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[lutz@donnerhacke.de,lutz@iks-jena.de]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15725, ipnet:2001:4bd8::/29, country:DE]; FROM_NEQ_ENVFROM(0.00)[lutz@donnerhacke.de,lutz@iks-jena.de]; MAILMAN_DEST(0.00)[freebsd-net]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2021 20:27:08 -0000 On Tue, Feb 02, 2021 at 09:16:49PM +0100, Lutz Donnerhacke wrote: > fxp0.lower -- iface0.netgraph.out0 -- link1.bridge.link2 -- upper.fxp0 > \.link3 -- ether.eiface The strange thing is, that both fxp0 and eiface provide an interface to the kernel IP stack. This is confusing (for the kernel). I'd like to point you to ng_tee instead of ng_bridge for a read only access to the communitcation (depending on the direction). Even ng_one2many or ng_hub might be a better solution. If you only need the eiface to attach tcpdump, you can omit it completely, because tcpdump is able to sniff on the fxp0 even if the netgraph hooks are set. From owner-freebsd-net@freebsd.org Wed Feb 3 20:12:58 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AAC3E52ADA9 for ; Wed, 3 Feb 2021 20:12:58 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "plan-b.pwste.edu.pl", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DWCXn3ZHnz3lkV for ; Wed, 3 Feb 2021 20:12:57 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from fomalhaut.potoki.eu ([IPv6:2001:470:71:d47:59cd:b6ea:ae99:ce03]) (authenticated bits=0) by plan-b.pwste.edu.pl (8.16.1/8.16.1) with ESMTPSA id 113KCkns087960 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Wed, 3 Feb 2021 21:12:47 +0100 (CET) (envelope-from zarychtam@plan-b.pwste.edu.pl) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl; s=plan-b-mailer; t=1612383168; bh=kpAy5bgdrvsmTXWbGF4uBjqVbJmUFvy7mnBHmF2r3qQ=; h=From:To:References:Subject:Date:In-Reply-To; b=0AlO3sLiDD6m78ohMu7HFTsealiBCs+YVL8vNfKMxzmDY+1XzO6vIGzVNA3XptoTK hOQAZxqCUvHND6vGs5JIcZ6tULLEJGu1kKIrZX278MWGUs+vKSqpfNPUNfUG3k5WE+ hhKqwbesc2JML2yjc1G+H3s4LrSjxhf01I2r91YLbzkHnnE1VVu/QWIrEcbQbqA7Sp hO2LmkymWEainYEs/patRj/9HTU7OfTgUIzxZ3AHPTVqRy/e9rqIQ0CKUgH30xJEMu gMGa47upuyhmrlFmEUZXpctbdu4lFyZEZLKoHpS4FUiJLQb1zjtUptfOMZaZ4VtGPL V+A8I8wGi1WmQ== X-Authentication-Warning: plan-b.pwste.edu.pl: Host [IPv6:2001:470:71:d47:59cd:b6ea:ae99:ce03] claimed to be fomalhaut.potoki.eu From: Marek Zarychta To: freebsd-net@freebsd.org References: <6d9afa54-d0be-df3e-9377-e19243279a70@plan-b.pwste.edu.pl> Subject: Re: new in-kernel wireguard and IPv6 endpoint Message-ID: Date: Wed, 3 Feb 2021 21:12:46 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <6d9afa54-d0be-df3e-9377-e19243279a70@plan-b.pwste.edu.pl> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Content-Language: en-US X-Rspamd-Queue-Id: 4DWCXn3ZHnz3lkV X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=plan-b.pwste.edu.pl header.s=plan-b-mailer header.b=0AlO3sLi; dmarc=pass (policy=none) header.from=plan-b.pwste.edu.pl; spf=none (mx1.freebsd.org: domain of zarychtam@plan-b.pwste.edu.pl has no SPF policy when checking 2001:678:618::40) smtp.mailfrom=zarychtam@plan-b.pwste.edu.pl X-Spamd-Result: default: False [-5.80 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_XAW(0.00)[]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[plan-b.pwste.edu.pl:+]; DMARC_POLICY_ALLOW(-0.50)[plan-b.pwste.edu.pl,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:678:618::40:from]; ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[plan-b.pwste.edu.pl:s=plan-b-mailer]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_MED(-2.00)[pwste.edu.pl:dkim]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2001:678:618::40:from:127.0.2.255]; R_SPF_NA(0.00)[no SPF record]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2021 20:12:58 -0000 W dniu 21.01.2021 o=C2=A020:03, Marek Zarychta pisze: > Dear subscribers, > > please let me know if is it possible to use IPv6 addressed endpoint=20 > for the tunnel? I have tried to specify the address enclosed in []=20 > followed by the port number, for example: [2001:db8:0:1::1]:54333,=20 > have tried without it: 2001:db8:0:1::1:54333. I have also tried to=20 > specify it with prefix length, like this one:=20 > [2001:db8:0:1::1]/128:54333, but neither works. > > I got only some errors: > > matchaddr failed > peer not found - dropping 0xfffff802099b6700 > wg0: wg_peer_add bad length for endpoint 28 > > Is it possible to utilize IPv6 address as an endpoint for the tunnel=20 > with this implementation? > > There was not much feedback on the mailing list, so I changed the code a = bit to not validate endpoint length so strictly and check if IPv6=20 address as endpoint is supported. This resulted in a partial success.=20 The handshake over IPv6 looks like established from the endpoint (as=20 it's reported by "wg show" command), but the tunnel is neither capable=20 to carry any data nor keepalives are send. Here is the handshake as sniffed on the endpoint: 00:00:00.000000 IP6 (hlim 57, next-header UDP (17) payload length: 156)=20 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, length = 148 00:00:00.002860 IP6 (hlim 64, next-header UDP (17) payload length: 100)=20 2001:db8::b.55667 > 2001:db8:d47::c:100d.12345: [bad udp cksum 0x6f50 -> = 0x62b4!] UDP, length 92 00:00:00.000892 IP6 (hlim 57, next-header UDP (17) payload length: 120)=20 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, length = 112 Perhaps the incompatibility with IPv6 should be mentioned at least in=20 just added wg(4) manual page[1]? [1] https://cgit.freebsd.org/src/commit/?id=3De59d9cb41284 --=20 Marek Zarychta From owner-freebsd-net@freebsd.org Wed Feb 3 20:14:52 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EB2CA52B197 for ; Wed, 3 Feb 2021 20:14:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DWCb068kXz3mC2 for ; Wed, 3 Feb 2021 20:14:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id D0E8A52B118; Wed, 3 Feb 2021 20:14:52 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D0B0752B215 for ; Wed, 3 Feb 2021 20:14:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DWCb05VSXz3lvl for ; Wed, 3 Feb 2021 20:14:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AFCB426CCC for ; Wed, 3 Feb 2021 20:14:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 113KEqgX095033 for ; Wed, 3 Feb 2021 20:14:52 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 113KEqYb095032 for net@FreeBSD.org; Wed, 3 Feb 2021 20:14:52 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 210488] ue0 axge AX88179 Ierrs errors under havy network load Date: Wed, 03 Feb 2021 20:14:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.3-RELEASE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: rassilkum@ngs.ru X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2021 20:14:53 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D210488 MaximusBaton changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rassilkum@ngs.ru --- Comment #10 from MaximusBaton --- so far no update on this driver? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Thu Feb 4 04:25:31 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 554FA5371E4 for ; Thu, 4 Feb 2021 04:25:31 +0000 (UTC) (envelope-from shamaz.mazum@gmail.com) Received: from mail-oo1-xc32.google.com (mail-oo1-xc32.google.com [IPv6:2607:f8b0:4864:20::c32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DWQT649ryz4n5Y for ; Thu, 4 Feb 2021 04:25:30 +0000 (UTC) (envelope-from shamaz.mazum@gmail.com) Received: by mail-oo1-xc32.google.com with SMTP id y21so452261oot.12 for ; Wed, 03 Feb 2021 20:25:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=J46fuBRZPstdKYM+6uQsFCXGV+dPpG0BZgu4KCB0vQU=; b=F0n2S8HXoJSHDt4jeuFw5UqfC097Dml/q7XdDflM9fY3EgMpVLc+ViAb8KBxu2t+iO xm2rxwxf5JoUlHSNfzqPAa8NTIRkKPgb8S/HSLDi9LXK+ZJ5pYkN7DPrXtjkZ2DzIKVm //jKrRBHOSEydhxCqNuSpNRpoe7OB3wVcdECk9c/3kkobsKjFv2uhXp+Ukv/l60mp4jO OPM4I6UAiHInQ5gHxvslet8RlL454pAdyyzUsHOtbVKXOom3Olb0Qb8H1aB6WgZgZJ+X QyYe85sOwnA5T4iVEJmXLqoJWtKlaDQCwkE2ntBbCreX7EHwpa33AF2n8ZalXNHULned oYUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=J46fuBRZPstdKYM+6uQsFCXGV+dPpG0BZgu4KCB0vQU=; b=VdlKu2Is9/1UZmb7xQEDRq4GD50pxCpmJWu0yu8N6M9YVrS/OBHQ5TnlP7SiQRFzeu eDxHChIMMDPrLkLhRXZrHALPkrLwSlOJh0NkZ82pC73kZtRHs0UjmWUzE/DMaWZixLGh le+eyg2zQM35kyWWrGuCphxy8oGxuCRTOXg3wb/K+9Qzo0ot3TmNg0bHAbEzQWF6lVDM QRuZALSjxj1DYLoN/tbdHUT1b2m4IQlV7rWB3yj1zD5yAyh54KMlhJZy3h5UWhfGEa4N hr/M9FC4LswLXUj70GCdV4C1L3SOwSiW0Ydo9XZ42IAec0HM5Mp14BEAwVhTQ/xp/6I8 trvw== X-Gm-Message-State: AOAM533A2Y7yeCrzBWmMSRgtxGQx8ELE0RgH0Ap7rx5UB/fBpcfsemSm g+kXA/uiLUu+76ZpOt+Yxx9EHC+CdsyZIAjM8kwfGjX6VCc= X-Google-Smtp-Source: ABdhPJwmKG5GOJCfMZ0cz6fFbNaWDTpKfjbP85Q5Ek4tZKTju7l7MFm/FvXYCBUAAAS3vgrzmYtzUW21aJTKALG7d84= X-Received: by 2002:a4a:970b:: with SMTP id u11mr4441978ooi.79.1612412728990; Wed, 03 Feb 2021 20:25:28 -0800 (PST) MIME-Version: 1.0 References: <6d9afa54-d0be-df3e-9377-e19243279a70@plan-b.pwste.edu.pl> In-Reply-To: From: Vasily Postnicov Date: Thu, 4 Feb 2021 07:25:16 +0300 Message-ID: Subject: Re: new in-kernel wireguard and IPv6 endpoint To: Marek Zarychta Cc: freebsd-net@freebsd.org X-Rspamd-Queue-Id: 4DWQT649ryz4n5Y X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=F0n2S8HX; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of shamazmazum@gmail.com designates 2607:f8b0:4864:20::c32 as permitted sender) smtp.mailfrom=shamazmazum@gmail.com X-Spamd-Result: default: False [-4.00 / 15.00]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::c32:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::c32:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::c32:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2021 04:25:31 -0000 If the endpoint does not use the same WireGuard implementation from FreeBSD, try to cherry-pick this commit first and then rebuild and reinstall the kernel. https://cgit.freebsd.org/src/commit/?id=3D5aaea4b99e5cc724e97e24a68876e8768= d3d8012 =D1=81=D1=80, 3 =D1=84=D0=B5=D0=B2=D1=80. 2021 =D0=B3., 23:13 Marek Zarycht= a : > W dniu 21.01.2021 o 20:03, Marek Zarychta pisze: > > Dear subscribers, > > > > please let me know if is it possible to use IPv6 addressed endpoint > > for the tunnel? I have tried to specify the address enclosed in [] > > followed by the port number, for example: [2001:db8:0:1::1]:54333, > > have tried without it: 2001:db8:0:1::1:54333. I have also tried to > > specify it with prefix length, like this one: > > [2001:db8:0:1::1]/128:54333, but neither works. > > > > I got only some errors: > > > > matchaddr failed > > peer not found - dropping 0xfffff802099b6700 > > wg0: wg_peer_add bad length for endpoint 28 > > > > Is it possible to utilize IPv6 address as an endpoint for the tunnel > > with this implementation? > > > > > There was not much feedback on the mailing list, so I changed the code a > bit to not validate endpoint length so strictly and check if IPv6 > address as endpoint is supported. This resulted in a partial success. > The handshake over IPv6 looks like established from the endpoint (as > it's reported by "wg show" command), but the tunnel is neither capable > to carry any data nor keepalives are send. > > Here is the handshake as sniffed on the endpoint: > > 00:00:00.000000 IP6 (hlim 57, next-header UDP (17) payload length: 156) > 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, length > 148 > 00:00:00.002860 IP6 (hlim 64, next-header UDP (17) payload length: 100) > 2001:db8::b.55667 > 2001:db8:d47::c:100d.12345: [bad udp cksum 0x6f50 -> > 0x62b4!] UDP, length 92 > 00:00:00.000892 IP6 (hlim 57, next-header UDP (17) payload length: 120) > 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, length > 112 > > Perhaps the incompatibility with IPv6 should be mentioned at least in > just added wg(4) manual page[1]? > > [1] https://cgit.freebsd.org/src/commit/?id=3De59d9cb41284 > > -- > Marek Zarychta > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@freebsd.org Thu Feb 4 07:44:57 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 82BF253B77F for ; Thu, 4 Feb 2021 07:44:57 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "plan-b.pwste.edu.pl", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DWVvC4ldnz3FrG for ; Thu, 4 Feb 2021 07:44:55 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from fomalhaut.potoki.eu ([IPv6:2001:470:71:d47:79ee:fad5:6a59:d13]) (authenticated bits=0) by plan-b.pwste.edu.pl (8.16.1/8.16.1) with ESMTPSA id 1147io0e026383 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 4 Feb 2021 08:44:50 +0100 (CET) (envelope-from zarychtam@plan-b.pwste.edu.pl) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl; s=plan-b-mailer; t=1612424691; bh=abv70n7ovWCIEvKQGZLf3FV4WlwLsqC4x6DJu/DEa0A=; h=To:Cc:References:From:Subject:Date:In-Reply-To; b=HmY2c8wvvazE6gCXBCrXmIfySMYHA7G6h2kxYaBXXTIV8YZEywVskIXsZPGkwWCbb GbbB4zajBXqJcWEKKGGj7ZNJ/0YzPOX03lOb+LVBbOWoI/2ckFT0euPyybFHk18sp6 x6GhgJsYMD92sCrzOOYhvnhiTyiURf69B/M5wVN58zvhMgACHQH+ec4hptIXiLu2Fn PQGLfswkbNeUTbEGyAdJEbZrWLcrzjsolCgheAGukFU8ubgd6MAm6lH0RmlwZMGk/M a+jJKJVnZCoN+W2i1Aa4GEMNQkgd/nw8Fx/PQwhgbDngpAm7E9oD1+LaNWgrkH2jkS Y73cT9P8P6OOw== X-Authentication-Warning: plan-b.pwste.edu.pl: Host [IPv6:2001:470:71:d47:79ee:fad5:6a59:d13] claimed to be fomalhaut.potoki.eu To: Vasily Postnicov Cc: freebsd-net@freebsd.org References: <6d9afa54-d0be-df3e-9377-e19243279a70@plan-b.pwste.edu.pl> From: Marek Zarychta Subject: Re: new in-kernel wireguard and IPv6 endpoint Message-ID: <0706606b-d14e-14ee-cb02-5aeef0492798@plan-b.pwste.edu.pl> Date: Thu, 4 Feb 2021 08:44:49 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US X-Rspamd-Queue-Id: 4DWVvC4ldnz3FrG X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=plan-b.pwste.edu.pl header.s=plan-b-mailer header.b=HmY2c8wv; dmarc=pass (policy=none) header.from=plan-b.pwste.edu.pl; spf=none (mx1.freebsd.org: domain of zarychtam@plan-b.pwste.edu.pl has no SPF policy when checking 2001:678:618::40) smtp.mailfrom=zarychtam@plan-b.pwste.edu.pl X-Spamd-Result: default: False [-5.80 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; HAS_XAW(0.00)[]; DKIM_TRACE(0.00)[plan-b.pwste.edu.pl:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[plan-b.pwste.edu.pl,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:678:618::40:from]; ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[plan-b.pwste.edu.pl:s=plan-b-mailer]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_MED(-2.00)[pwste.edu.pl:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; SPAMHAUS_ZRD(0.00)[2001:678:618::40:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_NA(0.00)[no SPF record]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2021 07:44:57 -0000 W dniu 04.02.2021 o=C2=A005:25, Vasily Postnicov pisze: > If the endpoint does not use the same WireGuard implementation from=20 > FreeBSD, try to cherry-pick this commit first and then rebuild and=20 > reinstall the kernel. > > https://cgit.freebsd.org/src/commit/?id=3D5aaea4b99e5cc724e97e24a68876e= 8768d3d8012=20 > Thank you for the reply, Vasily. Indeed, the second endpoint uses in Go=20 implementation from ports (net/wireguard-go) and this version is capable = to utilize IPv6 endpoints for the tunnels since a while (almost from the = early beginning of the existence of the port). Thank you for the clue=20 with cherry-picking the commit above, but my latest tests were done=20 yesterday on 14-CURRENT already after this fix was committed. The only thing I modified was touching the code in line 590 of file=20 sys/dev/if_wg/module/module.c b/sys/dev/if_wg/module/module.c which is=20 validating the endpoint length size. It always appeared to be 28 for=20 IPv6 endpoints and 16 for legacy IP endpoints. Without this ugly hack,=20 IPv6 endpoints were not accepted at all, but the code itself suggested=20 that such an endpoint should be parsed if supplied in the correct form=20 ie.: [IPv6_address]:port. Perhaps the endpoint length is not correctly calculated for IPv6 sockets = or there is an overflow which happens there? > > =D1=81=D1=80, 3 =D1=84=D0=B5=D0=B2=D1=80. 2021 =D0=B3., 23:13 Marek Zar= ychta=20 > >:= > > W dniu 21.01.2021 o=C2=A020:03, Marek Zarychta pisze: > > Dear subscribers, > > > > please let me know if is it possible to use IPv6 addressed endpoi= nt > > for the tunnel? I have tried to specify the address enclosed in [= ] > > followed by the port number, for example: [2001:db8:0:1::1]:54333= , > > have tried without it: 2001:db8:0:1::1:54333. I have also tried t= o > > specify it with prefix length, like this one: > > [2001:db8:0:1::1]/128:54333, but neither works. > > > > I got only some errors: > > > > matchaddr failed > > peer not found - dropping 0xfffff802099b6700 > > wg0: wg_peer_add bad length for endpoint 28 > > > > Is it possible to utilize IPv6 address as an endpoint for the > tunnel > > with this implementation? > > > > > There was not much feedback on the mailing list, so I changed the > code a > bit to not validate endpoint length so strictly and check if IPv6 > address as endpoint is supported. This resulted in a partial succes= s. > The handshake over IPv6 looks like established from the endpoint (a= s > it's reported by "wg show" command), but the tunnel is neither > capable > to carry any data nor keepalives are send. > > Here is the handshake as sniffed on the endpoint: > > 00:00:00.000000 IP6 (hlim 57, next-header UDP (17) payload length: > 156) > 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, > length 148 > 00:00:00.002860 IP6 (hlim 64, next-header UDP (17) payload length: > 100) > 2001:db8::b.55667 > 2001:db8:d47::c:100d.12345: [bad udp cksum > 0x6f50 -> > 0x62b4!] UDP, length 92 > 00:00:00.000892 IP6 (hlim 57, next-header UDP (17) payload length: > 120) > 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, > length 112 > > Perhaps the incompatibility with IPv6 should be mentioned at least = in > just added wg(4) manual page[1]? > > [1] https://cgit.freebsd.org/src/commit/?id=3De59d9cb41284 > > --=20 Marek Zarychta From owner-freebsd-net@freebsd.org Thu Feb 4 07:47:33 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4949D53B8FE for ; Thu, 4 Feb 2021 07:47:33 +0000 (UTC) (envelope-from shamaz.mazum@gmail.com) Received: from mail-ot1-x330.google.com (mail-ot1-x330.google.com [IPv6:2607:f8b0:4864:20::330]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DWVyD4Qb1z3G9R for ; Thu, 4 Feb 2021 07:47:32 +0000 (UTC) (envelope-from shamaz.mazum@gmail.com) Received: by mail-ot1-x330.google.com with SMTP id d7so272346otq.6 for ; Wed, 03 Feb 2021 23:47:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kKEsJUOH8FJq9vlMMW752vwLRF7pc0lA0nQrjmirKvw=; b=iCx4iT0fblLBYIs1VDbDFvQ+dN6IOQxwzUnYdwKnzLhMCT3Wp1lQZ2fbJe1BofvDBg OpoVBcylMw/mOqKhxJLt1bklfLpWX8Io1WtyoApBfPRBuCpHXhJJN8UJV+y8Y/w6INbL g+FAS1pGzG67IBFDChvTAOtTzUUb7K7yRFmrYHKxXXi3MyCfjLW//mqUnpcCcbu8FPJa vkcLK+4f2A1BBgKwj2FxgNwPS0GWEHOIQqX525JC8ox59kA7J1h3e3OplLY5+sZSdjy+ Uu+O26dDiMT6ZfcAD/rjscPCjIla8ex4gUXY+ymwx9VvYkVGYbo08tHHhKKKzdDYfGNs Herw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kKEsJUOH8FJq9vlMMW752vwLRF7pc0lA0nQrjmirKvw=; b=laXHNfMczQtJw+i/s+ggbMy3EYjSncb89fbVHqvVZPfhphfoGQxa2BdKh+87euxaHh gJf0IeA04Hl3zROMJxr9RSmeJuAN3bgpKSXVQXkCerXijR/yD+iVnPAJ8VhZQpXcWJ4p +dea+gghcAwchLa6uXtAjqoJXjhUHTRpp3bkP4mAhVTFW3v9VMkz5krhybs4Dc+23A+Q 6xaRmEAR54CxuiezvKyWErR5whrC3mOz42zshvykvhMUBjbc3Ml9YJMkqxc7pKI+sgJg pdhCiHxP97lreB9Intw259JmfNnagqIZFG1gpJvjyBZ1se0BsF+jNtB3oOYZwsajnvUN 417g== X-Gm-Message-State: AOAM532dLkNNP6srqTT+S0sJBWLdvfvwDT8gecyDkyVBi4nNuLsuGpYy g+e4aau3g5sof324JHcJDzSt++4BJlI9YutmVpA6yDMnTfT9/g== X-Google-Smtp-Source: ABdhPJyIgkFQ5aWom6b9nzT80HS8sFxfqV8OsrcsDE17657Fj9tK+Len8FkinL28oj+0JVCZYrZXILUOKUcx/TXDgLc= X-Received: by 2002:a9d:37c4:: with SMTP id x62mr4940549otb.87.1612424851253; Wed, 03 Feb 2021 23:47:31 -0800 (PST) MIME-Version: 1.0 References: <6d9afa54-d0be-df3e-9377-e19243279a70@plan-b.pwste.edu.pl> <0706606b-d14e-14ee-cb02-5aeef0492798@plan-b.pwste.edu.pl> In-Reply-To: <0706606b-d14e-14ee-cb02-5aeef0492798@plan-b.pwste.edu.pl> From: Vasily Postnicov Date: Thu, 4 Feb 2021 10:47:18 +0300 Message-ID: Subject: Re: new in-kernel wireguard and IPv6 endpoint To: Marek Zarychta Cc: freebsd-net@freebsd.org X-Rspamd-Queue-Id: 4DWVyD4Qb1z3G9R X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=iCx4iT0f; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of shamazmazum@gmail.com designates 2607:f8b0:4864:20::330 as permitted sender) smtp.mailfrom=shamazmazum@gmail.com X-Spamd-Result: default: False [-4.00 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-0.996]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::330:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::330:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::330:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2021 07:47:33 -0000 May be. I have nothing to suggest, sorry. I never used IPv6 in real life. =D1=87=D1=82, 4 =D1=84=D0=B5=D0=B2=D1=80. 2021 =D0=B3., 10:44 Marek Zarycht= a : > W dniu 04.02.2021 o 05:25, Vasily Postnicov pisze: > > If the endpoint does not use the same WireGuard implementation from > FreeBSD, try to cherry-pick this commit first and then rebuild and > reinstall the kernel. > > > https://cgit.freebsd.org/src/commit/?id=3D5aaea4b99e5cc724e97e24a68876e87= 68d3d8012 > > > Thank you for the reply, Vasily. Indeed, the second endpoint uses in Go > implementation from ports (net/wireguard-go) and this version is capable = to > utilize IPv6 endpoints for the tunnels since a while (almost from the ear= ly > beginning of the existence of the port). Thank you for the clue with > cherry-picking the commit above, but my latest tests were done yesterday = on > 14-CURRENT already after this fix was committed. > > The only thing I modified was touching the code in line 590 of file > sys/dev/if_wg/module/module.c b/sys/dev/if_wg/module/module.c which is > validating the endpoint length size. It always appeared to be 28 for IPv6 > endpoints and 16 for legacy IP endpoints. Without this ugly hack, IPv6 > endpoints were not accepted at all, but the code itself suggested that su= ch > an endpoint should be parsed if supplied in the correct form ie.: > [IPv6_address]:port. > > Perhaps the endpoint length is not correctly calculated for IPv6 sockets > or there is an overflow which happens there? > > > > =D1=81=D1=80, 3 =D1=84=D0=B5=D0=B2=D1=80. 2021 =D0=B3., 23:13 Marek Zaryc= hta : > >> W dniu 21.01.2021 o 20:03, Marek Zarychta pisze: >> > Dear subscribers, >> > >> > please let me know if is it possible to use IPv6 addressed endpoint >> > for the tunnel? I have tried to specify the address enclosed in [] >> > followed by the port number, for example: [2001:db8:0:1::1]:54333, >> > have tried without it: 2001:db8:0:1::1:54333. I have also tried to >> > specify it with prefix length, like this one: >> > [2001:db8:0:1::1]/128:54333, but neither works. >> > >> > I got only some errors: >> > >> > matchaddr failed >> > peer not found - dropping 0xfffff802099b6700 >> > wg0: wg_peer_add bad length for endpoint 28 >> > >> > Is it possible to utilize IPv6 address as an endpoint for the tunnel >> > with this implementation? >> > >> > >> There was not much feedback on the mailing list, so I changed the code a >> bit to not validate endpoint length so strictly and check if IPv6 >> address as endpoint is supported. This resulted in a partial success. >> The handshake over IPv6 looks like established from the endpoint (as >> it's reported by "wg show" command), but the tunnel is neither capable >> to carry any data nor keepalives are send. >> >> Here is the handshake as sniffed on the endpoint: >> >> 00:00:00.000000 IP6 (hlim 57, next-header UDP (17) payload length: 156) >> 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, length >> 148 >> 00:00:00.002860 IP6 (hlim 64, next-header UDP (17) payload length: 100) >> 2001:db8::b.55667 > 2001:db8:d47::c:100d.12345: [bad udp cksum 0x6f50 -> >> 0x62b4!] UDP, length 92 >> 00:00:00.000892 IP6 (hlim 57, next-header UDP (17) payload length: 120) >> 2001:db8:d47::c:100d.12345 > 2001:db8::b.55667: [udp sum ok] UDP, length >> 112 >> >> Perhaps the incompatibility with IPv6 should be mentioned at least in >> just added wg(4) manual page[1]? >> >> [1] https://cgit.freebsd.org/src/commit/?id=3De59d9cb41284 >> >> -- > > Marek Zarychta > > From owner-freebsd-net@freebsd.org Thu Feb 4 20:56:47 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AFE7C52EEB6 for ; Thu, 4 Feb 2021 20:56:47 +0000 (UTC) (envelope-from johalun0@gmail.com) Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DWrSt4XXTz4tZr for ; Thu, 4 Feb 2021 20:56:46 +0000 (UTC) (envelope-from johalun0@gmail.com) Received: by mail-pg1-x52f.google.com with SMTP id z21so2984937pgj.4 for ; Thu, 04 Feb 2021 12:56:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding:content-language; bh=HS4wR8duGVHusMba3iDqFsXWeq/rGMbnAlrE+DjmiIs=; b=YncLJ+DLL7XYEYmQdqH604WBkPjvEKda2N6y7tz+wgynLrpTTclmOtcdTrrPDBmnxp zDAmY2xuz/ZaAgOEcoSRilGeqBS1cDXeuD3CFFxDGQoqRBygmR18vUuXK9ah8aFxHwbK wJKSXqT4txuOT/4D5sI7npdHViYDFqKnq/v48k+ZNkpRsRCMuRD+lJW7+niHpbez0Q96 F7Vp/Q+X8WrFI/GPY58jETG3JC6JFe0J7Zi9WatYfZE8njJ/m7Cq2aGrfSTdXEvqAc9r xj9HLmPv/hLDbmPZSDKrHHRJgGTGFmpqJI0bUOw4m0RNIfDOAZbgXs+enXvoNw0MbJ+v QouA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding:content-language; bh=HS4wR8duGVHusMba3iDqFsXWeq/rGMbnAlrE+DjmiIs=; b=Asb/tLj4x0k+ZgzRAHkvTj7V0rxkoJE0OeszHGT+ZQAbBi4VLOuG0NYLbPefgspn4Y 1svmyr1Im4FB1DXeGCdb08awcOkXUaw8WHPGmerIIFsYFsTHRAtSNa08JQFOqisjkykr Atf9/NchNxp1cBIvPLuZWK2kqXsistApkAtmwPrsFC5etjC2/c9U+jhtKmQ9+/aqa/Lc 9XINl0BQ2FOXLVdX1bPbnNwDyc2N6y8o4rgF7OJR+gVTsYiqFqYIFjBXvOR87KWrMOb3 JV8h6sGufK8qlf7uC7UMgfBqotFoA4gPhHi1LKpth53K9ZAIiPhD2YjrWyg+Jgq94IYN nGDA== X-Gm-Message-State: AOAM531twPPB+yc4zzENMEtdDnnB4AVDwG1th6Krjpq4NPiu22CIneqS aADpjjcqr67WP320ahJ7Ap99DabhWSsyOA== X-Google-Smtp-Source: ABdhPJzBwjLLpYfBj6MGHdWqDNC2pOfMrzRYG3NuUK2YxXIYV5wIuhvORKeUJEb4487Ec3a+mJnNEw== X-Received: by 2002:a63:4c0e:: with SMTP id z14mr847587pga.408.1612472204579; Thu, 04 Feb 2021 12:56:44 -0800 (PST) Received: from ?IPv6:2600:8800:6081:f400::3589? ([2600:8800:6081:f400::3589]) by smtp.gmail.com with ESMTPSA id ck10sm6276512pjb.3.2021.02.04.12.56.43 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 04 Feb 2021 12:56:44 -0800 (PST) To: freebsd-net@freebsd.org From: Johannes Lundberg Subject: LACP BPDU packets priority? Message-ID: <84ad7d46-d103-1bf2-29df-2085d4949d30@gmail.com> Date: Thu, 4 Feb 2021 13:56:42 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 4DWrSt4XXTz4tZr X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=YncLJ+DL; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of johalun0@gmail.com designates 2607:f8b0:4864:20::52f as permitted sender) smtp.mailfrom=johalun0@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-0.998]; FROM_EQ_ENVFROM(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::52f:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::52f:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::52f:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-Mailman-Approved-At: Thu, 04 Feb 2021 21:34:34 +0000 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2021 20:56:47 -0000 Hi We're experiencing unstable lacp lagg and not seeing BPDU packets coming to the switch we when expect them to. Can anyone answer what is the priority of those packets? Could it be that they are not being sent from the FreeBSD host because they are stuck in outgoing queue? Please cc me since I'm not subscribed. Thanks! From owner-freebsd-net@freebsd.org Thu Feb 4 22:33:40 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 464DF530FD7 for ; Thu, 4 Feb 2021 22:33:40 +0000 (UTC) (envelope-from prvs=26691ef901=mark.saad@lucera.com) Received: from mx0a-0017d602.pphosted.com (mx0a-0017d602.pphosted.com [148.163.149.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.pphosted.com", Issuer "Thawte RSA CA 2018" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DWtcg0C8tz3Gcx for ; Thu, 4 Feb 2021 22:33:38 +0000 (UTC) (envelope-from prvs=26691ef901=mark.saad@lucera.com) Received: from pps.filterd (m0101318.ppops.net [127.0.0.1]) by mx0b-0017d602.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 114MTLro004536; Thu, 4 Feb 2021 17:33:37 -0500 Received: from nam04-dm6-obe.outbound.protection.outlook.com (mail-dm6nam08lp2044.outbound.protection.outlook.com [104.47.73.44]) by mx0b-0017d602.pphosted.com with ESMTP id 36g08umsyf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Feb 2021 17:33:37 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QAiIQrZKbdFRJqR3H+XxjEMNVitr79vXuc8CAhn/QJnl4MtQCdGclMWLEcJIA5d3sYmegszC5eRqigZJK1wY/GwfGXvkrdo+KCjeFb9e32Hs+tDTM45iobRNQtCJ03QmpeBMAw3MZ+kb5dI4yJjHLEWc6yorSwFbMeR/J+YRpN321JExU6T0X2hPceOgZihjqcmARgKybgmUJq8+31V0bImcTwh1VQ5XbA5tOB44tY+K+W61tZPk0YgStJHIJhfnl9F+WjdyjB+giQaKUM+9hyWueGUZNECaSCcA2YkbdpWZm/nfsKoInF6f577o//3I0pCEWS216ELlE2N/Det8HA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3FB50HaHT+7Y88x1ppBQxSpcut44WyH3huSWPiBR7Vs=; b=giXznWsBm6C8lcxhjMwrdlt6i4WGqD4lZCWy9pUhmjM0k2IeCtd6JkbhnBxXKJjgYFur1VB67bzV/Rqx4tRprqjhd0gbuH4B6rsqc2h+oRlKlMqWUsHXoWQ4aoK9OrxiL8p/q5NqQaFbn5PXZIW6doxQ7DwXAwZElcdKCX6L/d4iIDSfv0ZEhjXtyPfipE2GdGlROq56VMwGP1zkjGlBunT1A6BR3HvCSA6JeuCC/odGbFDZnjSq/NhopygU6MxDajpgFRrjIt6OibHNG10fAxA+2PcZuns/Cgc3kPZsVRplQ9dLoPxk+iDDHzwsFD5C5AYYp+ykpJTrnVcG++J6dQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=lucera.com; dmarc=pass action=none header.from=lucera.com; dkim=pass header.d=lucera.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bgccs.onmicrosoft.com; s=selector1-bgccs-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3FB50HaHT+7Y88x1ppBQxSpcut44WyH3huSWPiBR7Vs=; b=j9N0a/J1cstZ2fl6AUwxcd3qFHNf0vJ5ZNeWcCJWPfZgtifBiFnBqKMrFwp4yw5NkkJgsJRAerE5o1iun8FQ38UWnHoNZ1CHpQoAwCEPbX341c7/p36v6e3VoFF51mAqw29sZQdABOUH+JA73aI9x7MMvYdAh1MhP8WEDJTlrlQ= Received: from BL0PR12MB4756.namprd12.prod.outlook.com (2603:10b6:208:8d::29) by BL0PR12MB4660.namprd12.prod.outlook.com (2603:10b6:207:34::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.17; Thu, 4 Feb 2021 22:33:34 +0000 Received: from BL0PR12MB4756.namprd12.prod.outlook.com ([fe80::a001:503d:4045:73f]) by BL0PR12MB4756.namprd12.prod.outlook.com ([fe80::a001:503d:4045:73f%6]) with mapi id 15.20.3805.028; Thu, 4 Feb 2021 22:33:34 +0000 From: "Saad, Mark" To: Johannes Lundberg , "freebsd-net@freebsd.org" Subject: Re: LACP BPDU packets priority? Thread-Topic: LACP BPDU packets priority? Thread-Index: AQHW+z2UpBCpDJLyH0Kc7r6HQ0ANoKpIiE4N Date: Thu, 4 Feb 2021 22:33:34 +0000 Message-ID: References: <84ad7d46-d103-1bf2-29df-2085d4949d30@gmail.com> In-Reply-To: <84ad7d46-d103-1bf2-29df-2085d4949d30@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [96.232.87.29] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1a087b0e-40d5-4e38-8a2d-08d8c95ce830 x-ms-traffictypediagnostic: BL0PR12MB4660: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: XVksO/K6pCsrsRT/Z2cx6gI9U3X3REw4mG6El+wyZHFe4+GpVKeoirU5WHDX+rS98f36QlZLigTWeJCFWpqqvntYWaeFafaveNpDxtMvcjAe85Tf+i+DJcH0Jxqy7HnA3CclMZC5KmobXBPzymkqHh+g5BpRgNtLoealmV/R2CRqh5JRgr0ZdBiZi9Iom+HHjkUlXeZACtsU3uSYmKMp+8slw3ksVYzllUb8gT94zUo41BAURi822ktSvFGyNiTz4dPa51QsuvvvJpwxeD2q2xNZRYY6QGRQCfentl61z0HF/eAEZ8EjFMNJKyBsfIWmdpXmF+CnCVLMkYut9HGeUTwhjoKiA8aMVfIg0x2kadkjpwaxwkcbzCL0PyHHZ+T8W7K5D3osAYaI5fqCWmZV9HsxTM9yHRsBqbpYADICQfTf6JWFRKWCD2I5UNQdU2QaeAPS5Ch5ulIw6aDoJ+31H3C2JB0tONWkok6PnZUDGEOq/8kPYfU/WH4HmQnVaaluveCP/IECvpS/klljVyfoUEzSZi3Y7nshwm37ODKhetc9oI0PMuY+qpJ/+Ox3Ug2y/Ivyajs3lO6kE6Hv6ubNPJPEDhxlzAv3wNAXrHNS3ig= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR12MB4756.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(39860400002)(396003)(376002)(366004)(136003)(186003)(76116006)(2906002)(3480700007)(5660300002)(66556008)(478600001)(55016002)(966005)(33656002)(66476007)(8936002)(66446008)(9686003)(53546011)(6506007)(71200400001)(316002)(110136005)(8676002)(86362001)(66946007)(26005)(7696005)(64756008)(52536014); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?iso-8859-1?Q?FHMdYv9JrHygKpstaOFmT3YIfPTs29J/PXgImQpCCi8NgUi3cEQXvqINxV?= =?iso-8859-1?Q?PcEm2Y1xIAjwhtL0oN+JZNgnrwSh+6+VopPLdDi8bAvct+gT1aB+tKRiue?= =?iso-8859-1?Q?VTbv83xtEoZf8B8ibjzlsy1ojrHnlZTepi0uAUXnJTiBKeuPhkq+k7tOc5?= =?iso-8859-1?Q?sXMA09hcLphQ5rBHEYfNnMbCczufH0Td2sKdNzx1qEShTzShqPv8wiq3vT?= =?iso-8859-1?Q?WI7J6ekWdPl/508AOWGk4HqhcBEzdqlc74NEyAuqsvVTOjL5qhzPrtevpo?= =?iso-8859-1?Q?NhnrcMOl7Ae/M3BzqbYZZs7cmEsnrfMBttJwnVPWbL++gNWspGQg6dxvNJ?= =?iso-8859-1?Q?GrN5kKZCljvhmbVJRFHuD7ZkK8jwnh/6nElrNCnA92BQSLjExO8B9JVf0R?= =?iso-8859-1?Q?lOS2CGkq0hATiRjpmJVE0erzH/ygLwQKlzdjD374nOb5Ea6P9O9ybDqRQ6?= =?iso-8859-1?Q?K+AL7MZP2ABx9XnGQJRJ663bwPXWybFcUlcTxFlJO3Tnekp5vUC1gF3Pxa?= =?iso-8859-1?Q?iAr5bR+pxiZxV2+pL926U/HyXg+Ayw/YQ6lH+hNCA55RJXLDp/rVTjKKp2?= =?iso-8859-1?Q?M2GSAYM9johEYZ3aGFTPUANCcuU3ylkS5t+1hTZqiYAKgejg6eiqW+PbpF?= =?iso-8859-1?Q?CHb49/ipHa5RWKyTqTTwrzAJ50NER4f3bH7+UqVPJ6QncO7hqLp8H+fSHB?= =?iso-8859-1?Q?vuCAIEaK6N+ycGpozmTJj6FFa/Eas4VYqjkkDQySLvUGmE5EVmLizjhAva?= =?iso-8859-1?Q?Qrb3VKlRTnldJsk604z2SGiuncMj1OZBI7icYWR9y0l0XMUW71PQGY4LsR?= =?iso-8859-1?Q?rjgunL6Cplutt/y7/Vd6sywJ98YE8ch1DiMXtxIRjECC4o/OiQlvDDcSQC?= =?iso-8859-1?Q?VPhFS1mC3v1p4Fm6quJXliomiFb/oVeClYHgU4bkTOXkoXwrSpurwHfOhZ?= =?iso-8859-1?Q?Gp/F8/gwc8A7DQrHToRPa2hL588Sy+YU5mEwYNOvo/6LlP9Ou9rXO1cLqd?= =?iso-8859-1?Q?EVT5sleC7mKf6zERHhVk3dcFfAdx5Ibb5lGRHxzVYS48jmj3DeTzzCSJ+Y?= =?iso-8859-1?Q?uZzsod0hYYx2EUuG4ushg60=3D?= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: lucera.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BL0PR12MB4756.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1a087b0e-40d5-4e38-8a2d-08d8c95ce830 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Feb 2021 22:33:34.1765 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: cfeb5f5e-839a-44b8-ab46-47157d8f1241 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 9OTYipcw4WSJOpRHNcFLso0MYWH25qh0H3Upof9Lt+G+1hdAamK5hjyHBx2cav4V85rNIDBDfkRZs/dOWxP1Qg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB4660 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.737 definitions=2021-02-04_12:2021-02-04, 2021-02-04 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 priorityscore=1501 adultscore=0 clxscore=1011 impostorscore=0 mlxlogscore=999 suspectscore=0 mlxscore=0 spamscore=0 lowpriorityscore=0 bulkscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2102040136 X-Rspamd-Queue-Id: 4DWtcg0C8tz3Gcx X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=bgccs.onmicrosoft.com header.s=selector1-bgccs-onmicrosoft-com header.b=j9N0a/J1; arc=pass (microsoft.com:s=arcselector9901:i=1); dmarc=none; spf=pass (mx1.freebsd.org: domain of prvs=26691ef901=mark.saad@lucera.com designates 148.163.149.125 as permitted sender) smtp.mailfrom=prvs=26691ef901=mark.saad@lucera.com X-Spamd-Result: default: False [-3.59 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; HAS_XOIP(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; DKIM_TRACE(0.00)[bgccs.onmicrosoft.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.99)[-0.995]; FREEMAIL_TO(0.00)[gmail.com,freebsd.org]; RCVD_IN_DNSWL_LOW(-0.10)[148.163.149.125:from]; SUBJECT_ENDS_QUESTION(1.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[148.163.149.125:from]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; MIME_TRACE(0.00)[0:+]; FROM_NEQ_ENVFROM(0.00)[Mark.Saad@lucera.com,prvs=26691ef901=mark.saad@lucera.com]; ASN(0.00)[asn:26211, ipnet:148.163.148.0/22, country:US]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_COUNT_FIVE(0.00)[5]; R_DKIM_ALLOW(-0.20)[bgccs.onmicrosoft.com:s=selector1-bgccs-onmicrosoft-com]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[lucera.com]; FORGED_SENDER_VERP_SRS(0.00)[]; SPAMHAUS_ZRD(0.00)[148.163.149.125:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[148.163.149.125:from]; MAILMAN_DEST(0.00)[freebsd-net] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2021 22:33:40 -0000 Johannes=0A= This is dependent on the NIC Driver. Chelsio's have a option to prioriti= ze "slow-protocols"=0A= into a dedicated queue. The iflib drivers I believe in 12-STABLE and newer= have this ability as well. =0A= Non iflib nics like Solarflare do not have any way to prioritize this and 1= 1-STABLE does not have it at all. =0A= =0A= For the Chelsios you need to set hw.cxgbe.rsrv_noflowq=3D1" in /boot/loader= .conf or use kenv to set it before loading the=0A= module.=0A= =0A= =0A= =0A= ---=0A= Mark Saad=0A= Lucera Financial Infrastructures, LLC=0A= msaad@lucera.com=0A= =0A= =0A= =0A= ________________________________________=0A= From: owner-freebsd-net@freebsd.org on beha= lf of Johannes Lundberg =0A= Sent: Thursday, February 4, 2021 3:56 PM=0A= To: freebsd-net@freebsd.org=0A= Subject: LACP BPDU packets priority?=0A= =0A= =0A= =0A= *This email originated from outside the Firm*=0A= =0A= =0A= Hi=0A= =0A= We're experiencing unstable lacp lagg and not seeing BPDU packets coming=0A= to the switch we when expect them to. Can anyone answer what is the=0A= priority of those packets? Could it be that they are not being sent from=0A= the FreeBSD host because they are stuck in outgoing queue?=0A= =0A= Please cc me since I'm not subscribed.=0A= =0A= Thanks!=0A= =0A= =0A= _______________________________________________=0A= freebsd-net@freebsd.org mailing list=0A= https://urldefense.proofpoint.com/v2/url?u=3Dhttps-3A__lists.freebsd.org_ma= ilman_listinfo_freebsd-2Dnet&d=3DDwICAg&c=3D3v6EBbtpnn9A7jIZYjOw6KN7Pe17Woi= mzcinOq2Xztg&r=3D8bLoOmn5oHKNIAaZMn9vT-uGFHfHl2RsDt1Gm40H5Lc&m=3Dmx28wt94q1= 3tdR7gIPooZnaYD9Es1sqgdrkPg_RJe34&s=3DcVMoX_GVJf9o8tmtbBi2RY6nAdbHCJT5iNhm9= JzHIso&e=3D=0A= To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"=0A= =0A= From owner-freebsd-net@freebsd.org Fri Feb 5 07:04:33 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1B50253EC34 for ; Fri, 5 Feb 2021 07:04:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DX5y90572z4bSZ for ; Fri, 5 Feb 2021 07:04:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 02F6B53EC33; Fri, 5 Feb 2021 07:04:33 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 02C1453EA64 for ; Fri, 5 Feb 2021 07:04:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DX5y86cgnz4bBf for ; Fri, 5 Feb 2021 07:04:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D3B251A26B for ; Fri, 5 Feb 2021 07:04:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 11574Wpd041620 for ; Fri, 5 Feb 2021 07:04:32 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 11574W2q041619 for net@FreeBSD.org; Fri, 5 Feb 2021 07:04:32 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 252437] ng_bridge does not filter unicast packets Date: Fri, 05 Feb 2021 07:04:32 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: donner@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status resolution Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Feb 2021 07:04:33 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D252437 Lutz Donnerhacke changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Closed Resolution|--- |FIXED --- Comment #3 from Lutz Donnerhacke --- Bridge code was modified to distinguish between "classic" and "private" behavior for "unknown" MACs in the case of using "uplink" ports. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Feb 5 07:06:05 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id ACA7653F07E for ; Fri, 5 Feb 2021 07:06:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4DX5zx4KLWz4bNl for ; Fri, 5 Feb 2021 07:06:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 9451853F19A; Fri, 5 Feb 2021 07:06:05 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 941AA53EEED for ; Fri, 5 Feb 2021 07:06:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DX5zx3kC9z4bNk for ; Fri, 5 Feb 2021 07:06:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 714281A7C0 for ; Fri, 5 Feb 2021 07:06:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 115765fl041976 for ; Fri, 5 Feb 2021 07:06:05 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 11576572041975 for net@FreeBSD.org; Fri, 5 Feb 2021 07:06:05 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 240685] netgraph/ng_vlan_rotate: IEEE 802.1ad VLAN manipulation netgraph node type (new type) Date: Fri, 05 Feb 2021 07:06:05 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: donner@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status resolution Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Feb 2021 07:06:05 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D240685 Lutz Donnerhacke changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Closed Resolution|--- |FIXED --- Comment #7 from Lutz Donnerhacke --- Node is now part of the system. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Feb 5 16:07:53 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 068C354B2FF for ; Fri, 5 Feb 2021 16:07:53 +0000 (UTC) (envelope-from johalun0@gmail.com) Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DXL140kZlz3hSR for ; Fri, 5 Feb 2021 16:07:51 +0000 (UTC) (envelope-from johalun0@gmail.com) Received: by mail-pg1-x52b.google.com with SMTP id o21so3442908pgn.12 for ; Fri, 05 Feb 2021 08:07:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=xMy34BT7qkCLHyGPJHp5qCXXsSE+Ulbzxdrgt6YXmGA=; b=PBwmhNi9qB8p8LsN7KvyvGtMMwqbRo0PUzt21coMc6o0U0pB8JIp1aM/b7jJ7gqVqd ntwOt7Ufy2Ajp4ISOPzEX8rYlco/ZbfM/bZFRx4SSlSNG7HDjKsMvGhytIIVOnFIdFXY 5cdUPZ0GnDmFZIRVzoc3M2KUFUGYRRhiTOY28PGLugDJa3XCeXdZzx5c4anyw5zFzI2Q IENzVWb2cOo5J6iVLaK9dK6k2V/F6nZtsO9ThR9mmyMHYGNyJinPfGnQCs7PZtPplYuO MY3CZcE/Ccek/Sh5EfCaf7eFIhXR5DwhitUNe8SfsjjQ23/P02aIPvMw1dQOb9nHzQ6e 3lCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=xMy34BT7qkCLHyGPJHp5qCXXsSE+Ulbzxdrgt6YXmGA=; b=Sed3EcnOjB7pFaoKtWgv8uYFaqMX2tkCTCj4E70uSMBHkGU6AZr1juvZtDAYdY92Jw xko9WW3I8lUGDELN+udEDD/UMY+e9xT4aXT/GNR2397CLiecyIFxZ8beNfA/ZKNa81Bw CKWhrz/q4eUmI7f6KPhvkhxGci/0p8sU6We70vHyKjTlxcBNneX5qrQtnlneyKH/WtPQ oS3U4x56WfMeJJKU7Z4faF3utdhtL0pp33RT9asFxGvck7Ufx7YWbyPai5xWFddS5+Nm BJl3eg4hw+QfR9bDVyPlFDj0iLhRFnRu+ZvbB127jvtu3VbtgnPMWTZnPVrAti1cVoNd PIRg== X-Gm-Message-State: AOAM531YzPy172LdKWxEc5j2EA1DafePrUBThDwAqKp54XJ538K54Juk 5O37nlY7KPjbRcio1EBLZJC6XVCtN2NA5Q== X-Google-Smtp-Source: ABdhPJzYX+1rwMHDoM9x6HWcD+4tzfyLZzTnCIrvnaMBmPkCn185clHzCYB9jv2VrVrritBXx7BDEQ== X-Received: by 2002:a63:d446:: with SMTP id i6mr4994688pgj.446.1612541270278; Fri, 05 Feb 2021 08:07:50 -0800 (PST) Received: from ?IPv6:2600:8800:6081:f400::3589? ([2600:8800:6081:f400::3589]) by smtp.gmail.com with ESMTPSA id v19sm8687646pjh.37.2021.02.05.08.07.48 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 05 Feb 2021 08:07:49 -0800 (PST) Subject: Re: LACP BPDU packets priority? To: "Saad, Mark" , "freebsd-net@freebsd.org" References: <84ad7d46-d103-1bf2-29df-2085d4949d30@gmail.com> From: Johannes Lundberg Message-ID: Date: Fri, 5 Feb 2021 09:07:47 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 4DXL140kZlz3hSR X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=PBwmhNi9; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of johalun0@gmail.com designates 2607:f8b0:4864:20::52b as permitted sender) smtp.mailfrom=johalun0@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-0.996]; FROM_EQ_ENVFROM(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MID_RHS_MATCH_FROM(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::52b:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::52b:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::52b:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-Mailman-Approved-At: Fri, 05 Feb 2021 17:34:40 +0000 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Feb 2021 16:07:53 -0000 Thanks Mark! That is great information. Do you know what the iflib option is to control this? On 2/4/21 3:33 PM, Saad, Mark wrote: > Johannes > This is dependent on the NIC Driver. Chelsio's have a option to prioritize "slow-protocols" > into a dedicated queue. The iflib drivers I believe in 12-STABLE and newer have this ability as well. > Non iflib nics like Solarflare do not have any way to prioritize this and 11-STABLE does not have it at all. > > For the Chelsios you need to set hw.cxgbe.rsrv_noflowq=1" in /boot/loader.conf or use kenv to set it before loading the > module. > > > > --- > Mark Saad > Lucera Financial Infrastructures, LLC > msaad@lucera.com > > > > ________________________________________ > From: owner-freebsd-net@freebsd.org on behalf of Johannes Lundberg > Sent: Thursday, February 4, 2021 3:56 PM > To: freebsd-net@freebsd.org > Subject: LACP BPDU packets priority? > > > > *This email originated from outside the Firm* > > > Hi > > We're experiencing unstable lacp lagg and not seeing BPDU packets coming > to the switch we when expect them to. Can anyone answer what is the > priority of those packets? Could it be that they are not being sent from > the FreeBSD host because they are stuck in outgoing queue? > > Please cc me since I'm not subscribed. > > Thanks! > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.freebsd.org_mailman_listinfo_freebsd-2Dnet&d=DwICAg&c=3v6EBbtpnn9A7jIZYjOw6KN7Pe17WoimzcinOq2Xztg&r=8bLoOmn5oHKNIAaZMn9vT-uGFHfHl2RsDt1Gm40H5Lc&m=mx28wt94q13tdR7gIPooZnaYD9Es1sqgdrkPg_RJe34&s=cVMoX_GVJf9o8tmtbBi2RY6nAdbHCJT5iNhm9JzHIso&e= > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@freebsd.org Sat Feb 6 16:49:08 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3174D52E99A for ; Sat, 6 Feb 2021 16:49:08 +0000 (UTC) (envelope-from lutz@iks-jena.de) Received: from annwfn.iks-jena.de (annwfn.iks-jena.de [IPv6:2001:4bd8::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DXytB6Jr5z4plC for ; Sat, 6 Feb 2021 16:49:06 +0000 (UTC) (envelope-from lutz@iks-jena.de) X-SMTP-Sender: IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f Received: from belenus.iks-jena.de (belenus.iks-jena.de [IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f]) by annwfn.iks-jena.de (8.15.2/8.15.2) with ESMTPS id 116Gmsuw023696 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 6 Feb 2021 17:48:55 +0100 X-MSA-Host: belenus.iks-jena.de Received: (from lutz@localhost) by belenus.iks-jena.de (8.14.3/8.14.1/Submit) id 116GmsxL001479; Sat, 6 Feb 2021 17:48:54 +0100 Date: Sat, 6 Feb 2021 17:48:54 +0100 From: Lutz Donnerhacke To: petru garstea Cc: freebsd-net@freebsd.org Subject: Re: netgraph with ng_netflow and ng_gridge nodes Message-ID: <20210206164854.GA1074@belenus.iks-jena.de> References: <43cf5dc9-521c-dcc4-f025-398173608062@ambient-md.com> <20210202201649.GA31653@belenus.iks-jena.de> <20210202202651.GA31946@belenus.iks-jena.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-message-flag: Please send plain text messages only. Thank you. User-Agent: Mutt/1.5.17 (2007-11-01) X-Rspamd-Queue-Id: 4DXytB6Jr5z4plC X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of lutz@iks-jena.de designates 2001:4bd8::19 as permitted sender) smtp.mailfrom=lutz@iks-jena.de X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2001:4bd8::/48]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[donnerhacke.de]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:4bd8::19:from]; SPAMHAUS_ZRD(0.00)[2001:4bd8::19:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[lutz@donnerhacke.de,lutz@iks-jena.de]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15725, ipnet:2001:4bd8::/29, country:DE]; FROM_NEQ_ENVFROM(0.00)[lutz@donnerhacke.de,lutz@iks-jena.de]; MAILMAN_DEST(0.00)[freebsd-net]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2021 16:49:08 -0000 On Sat, Feb 06, 2021 at 11:10:29AM -0500, petru garstea wrote: > Greetings, > > I have come up with a graph with no use of ng_tee, ng_hub or ng_one2many. > > Also I validated the flows on a collector > > In case anybody has the same use case I am sharing the graph > > mkpeer re0: netflow lower iface0 > name re0:lower netflow > connect re0: netflow: upper out1 > mkpeer netflow: bridge out0 link0 > name netflow:out0 re0bridge > connect re0bridge: netflow: link1 iface1 > mkpeer re0bridge: eiface link2 ether > name re0bridge:link2 ng0 > mkpeer netflow: ksocket export9 inet/dgram/udp > msg re0: setpromisc 1 > msg re0: setautosrc 0 > msg netflow: setconfig {iface=0 conf=11} > msg netflow: setconfig {iface=1 conf=11} > msg netflow:export9 connect inet/${collector_ip}:${port} bridge.link0 ----- out0.netflow.iface0 --- lower.re0 \.link1 --- iface1./ \.out1 ----- upper./ \.link2 ----------------------------- ether.ng0 So you collect the data from the outside world to the re0 interface (IP stack) twice, but you can catch the data from the ng0 interface to re0 separate from the data to outside. If this is your desired setup, fine. If you like to understand your network, try: # ngctl dot [-c] and paste the output to http://www.webgraphviz.com/ HTH From owner-freebsd-net@freebsd.org Sat Feb 6 16:10:34 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5654552D661 for ; Sat, 6 Feb 2021 16:10:34 +0000 (UTC) (envelope-from peter.garshtja@ambient-md.com) Received: from mail-qk1-x731.google.com (mail-qk1-x731.google.com [IPv6:2607:f8b0:4864:20::731]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DXy1j2krvz4mhm for ; Sat, 6 Feb 2021 16:10:33 +0000 (UTC) (envelope-from peter.garshtja@ambient-md.com) Received: by mail-qk1-x731.google.com with SMTP id a19so10167258qka.2 for ; Sat, 06 Feb 2021 08:10:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ambient-md-com.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=U2Kd6imONJk/wVJZIdr+g85Qk7scmlHD1lAc4xzTWqA=; b=zEWj2Q9fbxmAlvkAEWK6iaEELKZENS+RzCxzI8saYAiD0iIuxdSgkajPwbscvCB9Pg Ag7Wm9wuC1Jbwr3AkpOBdD1qlbmNocMn2A3705oeL33fptEFrWjEIPvezLQyLfOPAdbI NJCRka6Iwz1Vh/BamjfJOeY8KEiLHw4zeKSBV7ruzzcRUWvAeU2nj/51DKEc9s2TNze7 WX4OtY7ESPNNLyk6pGpD2BL4hi81GWI2vRY850TLmuoUzFFpCgEOPU+cotE+8jUhvZ5D nlQFPjmHv0foE6fx5no7XL8V390t5V3Caa8m64evLwL1Xpb0VYeWi/Hm/RHw2AATL+aM DPIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=U2Kd6imONJk/wVJZIdr+g85Qk7scmlHD1lAc4xzTWqA=; b=NQWwx4GY7rSJGjh9zL2os7z29dKi1uIRt3arfrK3mNVkdkjrHKzmYiOrAT6W659v49 svRn/d4TIbxMaMmpSDN5Dl7DodBWlw7m4Rrzs50nicRhfvHXSwbLXZRNtlcS8Kcljg4b bLPzoKOgu7ELSnz1hWUY8n+Pt4alHZdfSGQ58q6IJyOQ7ND/w4S/rAxO68o6P06Aw6Um ZjQ3Uc/7jwD+EtJVIyeIkF/0Vs/E7bGPATox18Io7P6N6JbuwnqTglNy33KeY+jZsslA c8cys5xsuVmASm9uc+AcDX+vvSPxv1kRSgNivPxkYnPDVyvN+ItaYBks7hQeZaLSRSt/ +jdQ== X-Gm-Message-State: AOAM530SXwDP4UjJZsM8yXngt8Xe4lVVUAVNpBCk1bq3Qc8r11tE2uvb bDo8ldUltzy/qE4E4Hem5BRtu8Tde/PhPgWb X-Google-Smtp-Source: ABdhPJwRSlkOjrXwvulsll8Cppc4AHxYobNNKpJOSgBhwIggKTNtJu4u7Dgv5Z4MCUF0LWBKw3zjEQ== X-Received: by 2002:a05:620a:113a:: with SMTP id p26mr9173588qkk.154.1612627831812; Sat, 06 Feb 2021 08:10:31 -0800 (PST) Received: from ?IPv6:2001:470:1c:38d::4? ([2001:470:1c:38d::4]) by smtp.gmail.com with ESMTPSA id r18sm11344763qtp.41.2021.02.06.08.10.30 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 06 Feb 2021 08:10:31 -0800 (PST) Subject: Re: netgraph with ng_netflow and ng_gridge nodes To: Lutz Donnerhacke Cc: freebsd-net@freebsd.org References: <43cf5dc9-521c-dcc4-f025-398173608062@ambient-md.com> <20210202201649.GA31653@belenus.iks-jena.de> <20210202202651.GA31946@belenus.iks-jena.de> From: petru garstea Message-ID: Date: Sat, 6 Feb 2021 11:10:29 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <20210202202651.GA31946@belenus.iks-jena.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 4DXy1j2krvz4mhm X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ambient-md-com.20150623.gappssmtp.com header.s=20150623 header.b=zEWj2Q9f; dmarc=none; spf=none (mx1.freebsd.org: domain of peter.garshtja@ambient-md.com has no SPF policy when checking 2607:f8b0:4864:20::731) smtp.mailfrom=peter.garshtja@ambient-md.com X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[ambient-md-com.20150623.gappssmtp.com:s=20150623]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; DMARC_NA(0.00)[ambient-md.com]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::731:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[ambient-md-com.20150623.gappssmtp.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::731:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::731:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-Mailman-Approved-At: Sat, 06 Feb 2021 18:08:43 +0000 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2021 16:10:34 -0000 Greetings, I have come up with a graph with no use of ng_tee, ng_hub or ng_one2many. Also I validated the flows on a collector In case anybody has the same use case I am sharing the graph mkpeer re0: netflow lower iface0 name re0:lower netflow connect re0: netflow: upper out1 mkpeer netflow: bridge out0 link0 name netflow:out0 re0bridge connect re0bridge: netflow: link1 iface1 mkpeer re0bridge: eiface link2 ether name re0bridge:link2 ng0 mkpeer netflow: ksocket export9 inet/dgram/udp msg re0: setpromisc 1 msg re0: setautosrc 0 msg netflow: setconfig {iface=0 conf=11} msg netflow: setconfig {iface=1 conf=11} msg netflow:export9 connect inet/${collector_ip}:${port} Cheers, Petru Garstea On 2/2/21 3:26 PM, Lutz Donnerhacke wrote: > On Tue, Feb 02, 2021 at 09:16:49PM +0100, Lutz Donnerhacke wrote: >> fxp0.lower -- iface0.netgraph.out0 -- link1.bridge.link2 -- upper.fxp0 >> \.link3 -- ether.eiface > The strange thing is, that both fxp0 and eiface provide an interface to the > kernel IP stack. This is confusing (for the kernel). > > I'd like to point you to ng_tee instead of ng_bridge for a read only access > to the communitcation (depending on the direction). Even ng_one2many or > ng_hub might be a better solution. > > If you only need the eiface to attach tcpdump, you can omit it completely, > because tcpdump is able to sniff on the fxp0 even if the netgraph hooks are > set. From owner-freebsd-net@freebsd.org Sat Feb 6 17:15:18 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 84A6352F3E3 for ; Sat, 6 Feb 2021 17:15:18 +0000 (UTC) (envelope-from peter.garshtja@ambient-md.com) Received: from mail-qk1-x733.google.com (mail-qk1-x733.google.com [IPv6:2607:f8b0:4864:20::733]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DXzSP5JjDz4rTc for ; Sat, 6 Feb 2021 17:15:17 +0000 (UTC) (envelope-from peter.garshtja@ambient-md.com) Received: by mail-qk1-x733.google.com with SMTP id x81so10289839qkb.0 for ; Sat, 06 Feb 2021 09:15:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ambient-md-com.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=m8yU7On4HCDe/QTweGlRgtbudi61t6DlrwnU7XW1LMs=; b=OtMnP0lB1rcYHfhww/QbnFTgRFu5kP3S1b3f0ZCTTQF4ETtLeE1DMEqmUMQiODPBdt pVrGuCGzOVJxxMQCFd330uM4YCEsAwb1Iyj67DHb3J6ln+npB1w6cJNV8kjY5Zu813m3 9DgLl/wlNbGve/DGBSEV1w3QHAZSyzUDopQrmRL+xxPPtO0UQMI0BGKfxFriusUmuAD1 dHjxezP4c+3MK0Ot98mcZBP0lroICzCVMFY94OmLmhRBhCE16kf44rZLRhMDWavlV0C6 eg7LdXdLj7pbulX+KxqPTNQ7rALe/ujvp6jKVeF8dWrdVkju5tNvLoRxVXoPSbVu3/sI QjTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=m8yU7On4HCDe/QTweGlRgtbudi61t6DlrwnU7XW1LMs=; b=LtSGTdprjEGodI2bixcOsrNkQqzd4THEpE4U5OI/F8lgF9qfSczdM1lCkdV2F8gR1I 6wPVm1zzCs9RLcnkDJ6RedYNEd+q0FR45mnkRPf0gItqC/Ox5gw0k+FZWgwT8sTt4nAn 4/A4/pfOiqwhCFaVGajyinlG+vVER74mmlIsahcvdcrxjfnFK/f8Re/56F/6WJvjPqxc VFf0yDHaPo0bFvgRWUDjF2XaPaO+LvoSkkbIoZxLGyDm0whp8Ro2T4BjG8zEE9oDrkdN JKe42reuclTAur/of2nVaffldKUe3IAvNH3MThTCkhotXQr8HvMP88Ah1r8GyJdSnyg8 GnVg== X-Gm-Message-State: AOAM531a1mv06WbwlmpumEW3rxDmCSr25ooXYjhmfxMW/+mX7bH869FH C/DdIKfr3TkQZI98Rzs/17JetzaONbvbWcxK X-Google-Smtp-Source: ABdhPJxmgccsSQuAPnmw7EdQIstKXwTxAYUrDGw/j/VNFOWfL0JqdWfPEkPIHPrsEAHOgweZ+iJNtQ== X-Received: by 2002:a37:8287:: with SMTP id e129mr1169336qkd.134.1612631716403; Sat, 06 Feb 2021 09:15:16 -0800 (PST) Received: from ?IPv6:2001:470:1c:38d::4? ([2001:470:1c:38d::4]) by smtp.gmail.com with ESMTPSA id 62sm13015165qkn.136.2021.02.06.09.15.15 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 06 Feb 2021 09:15:16 -0800 (PST) Subject: Re: netgraph with ng_netflow and ng_gridge nodes To: Lutz Donnerhacke Cc: freebsd-net@freebsd.org References: <43cf5dc9-521c-dcc4-f025-398173608062@ambient-md.com> <20210202201649.GA31653@belenus.iks-jena.de> <20210202202651.GA31946@belenus.iks-jena.de> <20210206164854.GA1074@belenus.iks-jena.de> From: petru garstea Message-ID: Date: Sat, 6 Feb 2021 12:15:14 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <20210206164854.GA1074@belenus.iks-jena.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 4DXzSP5JjDz4rTc X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ambient-md-com.20150623.gappssmtp.com header.s=20150623 header.b=OtMnP0lB; dmarc=none; spf=none (mx1.freebsd.org: domain of peter.garshtja@ambient-md.com has no SPF policy when checking 2607:f8b0:4864:20::733) smtp.mailfrom=peter.garshtja@ambient-md.com X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[ambient-md-com.20150623.gappssmtp.com:s=20150623]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; DMARC_NA(0.00)[ambient-md.com]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::733:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[ambient-md-com.20150623.gappssmtp.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::733:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::733:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-net] X-Mailman-Approved-At: Sat, 06 Feb 2021 18:09:15 +0000 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2021 17:15:18 -0000 > If you like to understand your network, try: > # ngctl dot [-c] > and paste the output to http://www.webgraphviz.com/ I used it when was building the graph :) On 2/6/21 11:48 AM, Lutz Donnerhacke wrote: > On Sat, Feb 06, 2021 at 11:10:29AM -0500, petru garstea wrote: >> Greetings, >> >> I have come up with a graph with no use of ng_tee, ng_hub or ng_one2many. >> >> Also I validated the flows on a collector >> >> In case anybody has the same use case I am sharing the graph >> >> mkpeer re0: netflow lower iface0 >> name re0:lower netflow >> connect re0: netflow: upper out1 >> mkpeer netflow: bridge out0 link0 >> name netflow:out0 re0bridge >> connect re0bridge: netflow: link1 iface1 >> mkpeer re0bridge: eiface link2 ether >> name re0bridge:link2 ng0 >> mkpeer netflow: ksocket export9 inet/dgram/udp >> msg re0: setpromisc 1 >> msg re0: setautosrc 0 >> msg netflow: setconfig {iface=0 conf=11} >> msg netflow: setconfig {iface=1 conf=11} >> msg netflow:export9 connect inet/${collector_ip}:${port} > > bridge.link0 ----- out0.netflow.iface0 --- lower.re0 > \.link1 --- iface1./ \.out1 ----- upper./ > \.link2 ----------------------------- ether.ng0 > > So you collect the data from the outside world to the re0 interface (IP > stack) twice, but you can catch the data from the ng0 interface to re0 > separate from the data to outside. > > If this is your desired setup, fine. > > If you like to understand your network, try: > # ngctl dot [-c] > and paste the output to http://www.webgraphviz.com/ > > HTH