From nobody Fri Feb 24 22:05:25 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PNkVj2Gnxz3v0VY for ; Fri, 24 Feb 2023 22:06:05 +0000 (UTC) (envelope-from ricera10@gmail.com) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PNkVh2SgLz43gm for ; Fri, 24 Feb 2023 22:06:04 +0000 (UTC) (envelope-from ricera10@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of ricera10@gmail.com designates 209.85.210.171 as permitted sender) smtp.mailfrom=ricera10@gmail.com; dmarc=none Received: by mail-pf1-f171.google.com with SMTP id ce7so308191pfb.9 for ; Fri, 24 Feb 2023 14:06:04 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sUYAKZw3NdpgEz9fTu7S6wwT42DiDcLmRW58iCxlW9Y=; b=TcHCealjFU/7GXUgh+PW48VTEeNOjCyV3K6VJJWevyjThrStxFrnD+WRl8KNrinQCZ agv+DjoXtlzrCSZmhIVc1USCtsSJXWCAtsXGx1bl5F2PK1SWmvhwzPtwVFLBOv1Kl7oC 0+YLT2LZ/kmICqP9geU9KWn88OCN3wsC9mdtmYAy9et+nWileBVSSdiBTmaiI+B8EOr6 IeddzyIklGtERJvCW2bmpWrLFycvE4xwgmLNpLO/00atGM2Hd35CripZ7dx8gu+zy28N +nciuxfC5qhI/l3PT66GwtXG2Se1MZToIfGnQ1aOVC730t4O4D2FZeLRbL0XEDrenSql Fx/g== X-Gm-Message-State: AO0yUKUzPB64zz632lKfjtCKfrZo/WDhVDE9HlkM2dhCwsS0jIK9qyuX SmuVRqEO1vJPXu5/6q7vt8WyNMISU3g= X-Google-Smtp-Source: AK7set+6MdYOul0bZNe5HP0u4E9lBlfVM8aaiIU2jLL3iFdTx3WhDdpk36s9onmxzEuhH8baf+/7vQ== X-Received: by 2002:a62:1545:0:b0:5a9:d676:ae58 with SMTP id 66-20020a621545000000b005a9d676ae58mr15453745pfv.13.1677276362088; Fri, 24 Feb 2023 14:06:02 -0800 (PST) Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com. [209.85.216.43]) by smtp.gmail.com with ESMTPSA id j9-20020aa78dc9000000b005a91adff67asm23717pfr.175.2023.02.24.14.06.01 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 24 Feb 2023 14:06:01 -0800 (PST) Received: by mail-pj1-f43.google.com with SMTP id nw10-20020a17090b254a00b00233d7314c1cso4245509pjb.5 for ; Fri, 24 Feb 2023 14:06:01 -0800 (PST) X-Received: by 2002:a17:90a:db42:b0:22c:89b:5a8d with SMTP id u2-20020a17090adb4200b0022c089b5a8dmr2191300pjx.6.1677276361244; Fri, 24 Feb 2023 14:06:01 -0800 (PST) List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 References: <20230221155404.GA34918@crete.itcons.net.ua> In-Reply-To: <20230221155404.GA34918@crete.itcons.net.ua> From: Eric Joyner Date: Fri, 24 Feb 2023 14:05:25 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Intel E810-C-Q2 adapter with 13.1-RELEASE To: Alexander Shikov Cc: net@freebsd.org Content-Type: multipart/alternative; boundary="000000000000b3c73305f579554a" X-Spamd-Result: default: False [-2.64 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-0.99)[-0.987]; NEURAL_HAM_SHORT(-0.65)[-0.650]; FORGED_SENDER(0.30)[erj@freebsd.org,ricera10@gmail.com]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCVD_IN_DNSWL_NONE(0.00)[209.85.216.43:received,209.85.210.171:from]; MLMMJ_DEST(0.00)[net@freebsd.org]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_DKIM_NA(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.210.171:from]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FREEMAIL_ENVFROM(0.00)[gmail.com]; RCPT_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_NEQ_ENVFROM(0.00)[erj@freebsd.org,ricera10@gmail.com]; FROM_HAS_DN(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[net@freebsd.org]; TO_DN_SOME(0.00)[]; DMARC_NA(0.00)[freebsd.org]; RCVD_TLS_LAST(0.00)[] X-Rspamd-Queue-Id: 4PNkVh2SgLz43gm X-Spamd-Bar: -- X-ThisMailContainsUnwantedMimeParts: N --000000000000b3c73305f579554a Content-Type: text/plain; charset="UTF-8" Hi, I'm not sure how to help here; it looks like there's either an issue with the firmware or a physical issue with the cage. Though, another option you could try would be to download the latest driver from the Intel Download Center and see if that works. If not, then also try the NVMupdate utility from Download Center as well since maybe a firmware update could help fix the issue. Also, that adapter should have two ports and show two devices; is there an ice1 that shows up as well? - Eric On Tue, Feb 21, 2023 at 7:54 AM Alexander Shikov wrote: > Hello! > > I have a box with Intel(R) Ethernet Network Adapter E810-C-Q2 running > 13.1-RELEASE. > As far as I understand it should support this NIC, but it doesn't work: > > ice0: flags=8822 metric 0 mtu 1500 > > options=4e507bb > ether b4:96:91:ad:8d:a0 > ifconfig: ice0: no media types? > nd6 options=29 > > > Lines from dmesg: > ice0: mem > 0x92000000-0x93ffffff,0x96010000-0x9601ffff irq 32 at device 0.0 > numa-domain 0 on pci3 > ice0: Loading the iflib ice driver > ice0: Get PHY capabilities failed status = -100, continuing anyway > ice0: The DDP package module (ice_ddp) failed to load or could not be > found. Entering Safe Mode. > ice0: The DDP package module cannot be automatically loaded while booting. > You may want to specify ice_ddp_load="YES" in your loader.conf > ice0: fw 5.1.5 api 1.7 nvm 2.15 etid 800049c3 netlist > 2.1.2000-3.13.0.550223bf oem 1.2789.0 > ice0: Using 1 Tx and Rx queues > ice0: Using MSI-X interrupts with 2 vectors > ice0: Using 1024 TX descriptors and 1024 RX descriptors > ice0: Ethernet address: b4:96:91:ad:8d:a0 > ice0: PCI Express Bus: Speed 8.0GT/s Width x16 > ice0: ice_init_saved_phy_cfg: ice_aq_get_phy_caps (w/MEDIA) failed; status > ICE_ERR_AQ_ERROR, aq_err AQ_RC_EINVAL > ice0: Firmware LLDP agent disabled > ice0: ice_init_link_configuration: ice_aq_set_link_restart_an: status > ICE_ERR_AQ_ERROR, aq_err AQ_RC_EINVAL > ice0: link state changed to DOWN > ice0: ice_add_media_types: ice_aq_get_phy_caps (ACTIVE) failed; status > ICE_ERR_AQ_ERROR, aq_err AQ_RC_EINVAL > ice0: Error adding device media types: ICE_ERR_AQ_ERROR aq_err AQ_RC_EINVAL > ice0: netmap queues/slots: TX 1/1024, RX 1/1024 > > I have ice_ddp_load="YES" in loader.conf. > > Any help is appreciated! Thank you. > > --000000000000b3c73305f579554a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

I'm not sure how to help here; = it looks like there's either an issue with the firmware or a physical i= ssue with the cage. Though, another option you could try would be to downlo= ad the latest driver from the Intel Download Center and see if that works. = If not, then also try the NVMupdate utility from Download Center as well si= nce maybe a firmware update could help fix the issue.

<= div>Also, that adapter should have two ports and show two devices; is there= an ice1 that shows up as well?

- Eric
=
On Tue= , Feb 21, 2023 at 7:54 AM Alexander Shikov <minotaur@crete.org.ua> wrote:
Hello!

I have a box with Intel(R) Ethernet Network Adapter E810-C-Q2 running 13.1-= RELEASE.
As far as I understand it should support this NIC, but it doesn't work:=

ice0: flags=3D8822<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
=C2=A0 =C2=A0 =C2=A0 =C2=A0 options=3D4e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLA= N_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RX= CSUM_IPV6,TXCSUM_IPV6,NOMAP>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 ether b4:96:91:ad:8d:a0
ifconfig: ice0: no media types?
=C2=A0 =C2=A0 =C2=A0 =C2=A0 nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_= LINKLOCAL>


Lines from dmesg:
ice0: <Intel(R) Ethernet Network Adapter E810-C-Q2 - 1.34.2-k> mem 0x= 92000000-0x93ffffff,0x96010000-0x9601ffff irq 32 at device 0.0 numa-domain = 0 on pci3
ice0: Loading the iflib ice driver
ice0: Get PHY capabilities failed status =3D -100, continuing anyway
ice0: The DDP package module (ice_ddp) failed to load or could not be found= . Entering Safe Mode.
ice0: The DDP package module cannot be automatically loaded while booting. = You may want to specify ice_ddp_load=3D"YES" in your loader.conf<= br> ice0: fw 5.1.5 api 1.7 nvm 2.15 etid 800049c3 netlist 2.1.2000-3.13.0.55022= 3bf oem 1.2789.0
ice0: Using 1 Tx and Rx queues
ice0: Using MSI-X interrupts with 2 vectors
ice0: Using 1024 TX descriptors and 1024 RX descriptors
ice0: Ethernet address: b4:96:91:ad:8d:a0
ice0: PCI Express Bus: Speed 8.0GT/s Width x16
ice0: ice_init_saved_phy_cfg: ice_aq_get_phy_caps (w/MEDIA) failed; status = ICE_ERR_AQ_ERROR, aq_err AQ_RC_EINVAL
ice0: Firmware LLDP agent disabled
ice0: ice_init_link_configuration: ice_aq_set_link_restart_an: status ICE_E= RR_AQ_ERROR, aq_err AQ_RC_EINVAL
ice0: link state changed to DOWN
ice0: ice_add_media_types: ice_aq_get_phy_caps (ACTIVE) failed; status ICE_= ERR_AQ_ERROR, aq_err AQ_RC_EINVAL
ice0: Error adding device media types: ICE_ERR_AQ_ERROR aq_err AQ_RC_EINVAL=
ice0: netmap queues/slots: TX 1/1024, RX 1/1024

I have ice_ddp_load=3D"YES" in loader.conf.

Any help is appreciated! Thank you.

--000000000000b3c73305f579554a-- From nobody Sun Feb 26 12:07:22 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PPj7D0n3Tz3tGWg for ; Sun, 26 Feb 2023 12:07:36 +0000 (UTC) (envelope-from vitspec@gmail.com) Received: from mail-vs1-xe2a.google.com (mail-vs1-xe2a.google.com [IPv6:2607:f8b0:4864:20::e2a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PPj7B5ZJRz3HhB for ; Sun, 26 Feb 2023 12:07:34 +0000 (UTC) (envelope-from vitspec@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=WlzMhcbT; spf=pass (mx1.freebsd.org: domain of vitspec@gmail.com designates 2607:f8b0:4864:20::e2a as permitted sender) smtp.mailfrom=vitspec@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-vs1-xe2a.google.com with SMTP id s1so6752878vsk.5 for ; Sun, 26 Feb 2023 04:07:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=EwPYwewklk8f6wMSh3Uw+E+bsKDQUYlBNuSbjYgOvYQ=; b=WlzMhcbT23KEAD3fGumt45Vgk0C5i5oOZ7Klkxl/C+4zoS2fEmDwPd0MtqMAxl33G+ uDzp+OeK17OULpT7BrHO7dxOyLtjy16PYhb5ZjxWGs3Hu8K/NRTjjDzOfOhOcPZ6qtoj 3IGX/XA7IsYdJy4www+TjttndEDBeOCkNKqs07BQpW2zxnOBa5lUGNZnE+Jxnmr55TqL MAFC2OwvsJWisUiCJbo6qPMyfwUE2X/8iPcDgFnHTj5pL+dH035AekCoexI0UbZ46zDQ +Q95LIGSAIllBVWx1IZ089FRBRGrZcm957re6l2rvdhZFSsfB6hZc+IjZ0yfgxQXaibE cJiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=EwPYwewklk8f6wMSh3Uw+E+bsKDQUYlBNuSbjYgOvYQ=; b=IIm0iJSsK0DHW5kGY9tRJJUQI7dCkl0ElktwaOP4x9xoHXbRePD6pv49kH5loWWW+O E6n0PjInyouQXHjTP7q/os1vSwRmwCKimsAQM6Y+X2yhRiN9kA8UvUGLfyZrkd9b0WIz sBK7Yxh2vyG9duoysEOscX4oGkQ5W7HfwXF3wmxVBSfwYUS2iUnORpTxZD4WX0xSzXzM 2YSahe9Ud6ZZc+NiqxKXcF4Aq96hJ88ZUCzcOvgT3ZYYDjcJb+lJ7rX6TavahzKTCL1+ I0kWsTrRNuW2dSPY/m+JIrgI0of4nWcoVVm2k6rfmjD+sOylORz9NU0VcHscYIJTOiK4 k1Sg== X-Gm-Message-State: AO0yUKUtJQhOPGMPAnROOuUnQsPtZcIyUtD9hleLug1+49nkLwaW+N/w 9tI+H0OfBJFXkEfDv/n2o57G97ckWbPzoElSaVEgFxWTNnc= X-Google-Smtp-Source: AK7set+mpdlT//pCrzSfMFF1QIODvmPs6DjUto2F6pjo1dVQIhPdqpUhXKbt+inMuqdDj2b/Xk943Tup35Zy626bkns= X-Received: by 2002:ab0:53d5:0:b0:68a:5c52:7f2b with SMTP id l21-20020ab053d5000000b0068a5c527f2bmr8291689uaa.1.1677413253386; Sun, 26 Feb 2023 04:07:33 -0800 (PST) List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 From: Victor Gamov Date: Sun, 26 Feb 2023 15:07:22 +0300 Message-ID: Subject: ECMP, DF-bit and ICMP "Fragmentation needed" To: freebsd-net@freebsd.org Content-Type: multipart/alternative; boundary="0000000000001c165f05f5993516" X-Spamd-Result: default: False [-0.45 / 15.00]; HTTP_TO_IP(1.00)[]; URI_COUNT_ODD(1.00)[1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-0.99)[-0.991]; NEURAL_SPAM_SHORT(0.54)[0.536]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::e2a:from]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; FREEMAIL_FROM(0.00)[gmail.com]; ARC_NA(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FREEMAIL_ENVFROM(0.00)[gmail.com]; RCVD_COUNT_TWO(0.00)[2] X-Rspamd-Queue-Id: 4PPj7B5ZJRz3HhB X-Spamd-Bar: / X-ThisMailContainsUnwantedMimeParts: N --0000000000001c165f05f5993516 Content-Type: text/plain; charset="UTF-8" Hi All I have following scheme: - LAN segment 10.5.8.0/24 with router1 (10.5.8.1) and MTU=1500 - two hosts at LAN segment host21 (10.5.8.21) and host22 (10.5.8.22) - host21 and host22 has VIP=172.16.110.30 configured as LAN-interface alias - host21 and host22 ha BGP peering with router1 and announce VIP to router1 - hostX somewhere at intranet - ipsec-tunnel with MTU=1400 ECMP works fine and traffic from other segments to VIP is balanced between host21+host22 by router1. The problem is: when host21 and/or host22 send large packet with DF-bit using VIP as source then ipsec-router sends ICMP "Fragmentation needed" and then this ICMP is _always_ sent to only host22 by router1. I think it may be hard or impossible to find proper VIP-owner to send this ICMP. Is it possible to propagate such ICMP to all VIP-owners in router1 routing-table? Or may some data from ICMP message be used to properly calculate ECMP-hash to find a real VIP-owner which must receive this ICMP? Thanks! -- CU, Victor Gamov --0000000000001c165f05f5993516 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi All

I have following sche= me:
- LAN segment 10.5.8.0/24 with router1 (10.5.8.1) and MTU=3D1500
- tw= o hosts at LAN segment host21 (10.5.8.21) and host22 (10.5.8.22)
= - host21 and host22 has VIP=3D172.16.110.30 configured as LAN-interface ali= as
- host21 and host22 ha BGP peering with router1 and announ= ce VIP to router1
- hostX somewhere at intranet
- i= psec-tunnel with MTU=3D1400

ECMP works fine an= d traffic from other segments to VIP is balanced between host21+host22 by r= outer1.

The problem is:
when host21 and/or host22 send large packet with DF-bit using VIP as source=20 then ipsec-router sends ICMP "Fragmentation needed" and then this= ICMP=20 is _always_ sent to only host22 by router1.

I=20 think it may be hard or impossible to find proper VIP-owner to send this ICMP.=C2=A0 Is it possible to propagate such ICMP to all VIP-owners in=20 router1 routing-table? Or may some data from ICMP message be used to=20 properly calculate ECMP-hash to find a real VIP-owner which must receive this ICMP?


Thanks!


--
CU,
Victor Gamo= v
--0000000000001c165f05f5993516-- From nobody Sun Feb 26 21:00:59 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PPwyg6nn7z3v4Px for ; Sun, 26 Feb 2023 21:00:59 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PPwyg3WJ1z4Pgv for ; Sun, 26 Feb 2023 21:00:59 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677445259; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PqVM1406IPhxuEImfOxzgZXMcf4fOA3MgUKuch7f/D0=; b=EIpveZ9G3YpOuOpybtaV0kTvpq18EUlFDUYsa5WNkCwUu2o2ohU23VPu0vKjJvQW51/2BD eIHRKtpg8SBH48/7sFahmq3yM1YVXuhR53xDlr1UKleBp9kQ6Zhs2tCLrq7+FBur+GBsvC hCZ5YmMzyjamR9+uFh4k+bpXk5aCAppbtz7qnxC+VyyNEVRvruxBwpinBfdV09nUSZcIDF 18ttDs33tEO6qu2Zou84lxQLU8MHI1VRn+DPe8je/FxVe+Q5NTPyX6GSvZAmfTmL0lvihb nuQsPeKEhuI+y1Xcw8COdd7jSu1tM81AkzgkhYEu0aboRgUgZdtJ0VcgPxCM1Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677445259; a=rsa-sha256; cv=none; b=PejsqeOnocdLeSeYmGlW0LxbM5jlFqgwXSsHUx9gBuH4osGLmXaK/xYnQJc+SQzsFK21JE 0AUpPmvMaZFi7qDVLm32/iGom+YRlPg/hhqE5ayXOoI8QLl5EZScTKT+/Qm/GeekdFEbLW HHquKFjFjApqSFhqYALMpiLHBsVudp0dvZ5+TIGxg46gcALOH4roOcRO078aV4KxDkwrei MBLI3drYELpUPQ+oT3u6waS1crGXNpvcXaQ9V0S1bEASwLaMFe5A/ChpN2Fx8CwS1T7y+3 f1lIgyQSZjcnLcQ/KCsocs/Vm0TjTUKdUQciEZUED9aT6S1dQRuoWPeIh5TSSw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PPwyg2bdNz10hD for ; Sun, 26 Feb 2023 21:00:59 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 31QL0xEl097082 for ; Sun, 26 Feb 2023 21:00:59 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 31QL0xE6097081 for net@FreeBSD.org; Sun, 26 Feb 2023 21:00:59 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <202302262100.31QL0xE6097081@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: net@FreeBSD.org Subject: Problem reports for net@FreeBSD.org that need special attention Date: Sun, 26 Feb 2023 21:00:59 +0000 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="16774452592.Dd401F.89831" Content-Transfer-Encoding: 7bit X-ThisMailContainsUnwantedMimeParts: N --16774452592.Dd401F.89831 Date: Sun, 26 Feb 2023 21:00:59 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- In Progress | 221146 | [ixgbe] Problem with second laggport New | 204438 | setsockopt() handling of kern.ipc.maxsockbuf limi New | 213410 | [carp] service netif restart causes hang only whe Open | 7556 | ppp: sl_compress_init() will fail if called anyth Open | 193452 | Dell PowerEdge 210 II -- Kernel panic bce (broadc Open | 202510 | [CARP] advertisements sourced from CARP IP cause Open | 207261 | netmap: Doesn't do TX sync with kqueue Open | 225438 | panic in6_unlink_ifa() due to race Open | 227720 | Kernel panic in ppp server Open | 236888 | ppp daemon: Allow MTU to be overridden for PPPoE Open | 237072 | netgraph(4): performance issue [on HardenedBSD]? Open | 237973 | pf: implement egress keyword to simplify rules ac Open | 238324 | Add XG-C100C/AQtion AQC107 10GbE NIC driver Open | 238707 | Lock order reversal: rtentry vs "nd6 list" Open | 240944 | em(4): Crash with Intel 82571EB NIC with AMD Pile Open | 241106 | tun/ppp: panic: vm_fault: fault on nofault entry Open | 243463 | ix0: Watchdog timeout Open | 247111 | pxeboot very slow with i219LM In Progress | 118111 | rc: network.subr Add MAC address based interface 19 problems total for which you should take action. --16774452592.Dd401F.89831 Date: Sun, 26 Feb 2023 21:00:59 +0000 MIME-Version: 1.0 Content-Type: text/html; charset="UTF-8"
The following is a listing of current problems submitted by FreeBSD users,
which need special attention. These represent problem reports covering
all versions including experimental development code and obsolete releases.

Status      |    Bug Id | Description
------------+-----------+---------------------------------------------------
In Progress |    221146 | [ixgbe] Problem with second laggport
New         |    204438 | setsockopt() handling of kern.ipc.maxsockbuf limi
New         |    213410 | [carp] service netif restart causes hang only whe
Open        |      7556 | ppp: sl_compress_init() will fail if called anyth
Open        |    193452 | Dell PowerEdge 210 II -- Kernel panic bce (broadc
Open        |    202510 | [CARP] advertisements sourced from CARP IP cause 
Open        |    207261 | netmap: Doesn't do TX sync with kqueue
Open        |    225438 | panic in6_unlink_ifa() due to race
Open        |    227720 | Kernel panic in ppp server
Open        |    236888 | ppp daemon: Allow MTU to be overridden for PPPoE 
Open        |    237072 | netgraph(4): performance issue [on HardenedBSD]?
Open        |    237973 | pf: implement egress keyword to simplify rules ac
Open        |    238324 | Add XG-C100C/AQtion AQC107 10GbE NIC driver
Open        |    238707 | Lock order reversal: rtentry vs "nd6 list"
Open        |    240944 | em(4): Crash with Intel 82571EB NIC with AMD Pile
Open        |    241106 | tun/ppp: panic: vm_fault: fault on nofault entry 
Open        |    243463 | ix0: Watchdog timeout
Open        |    247111 | pxeboot very slow with i219LM
In Progress |    118111 | rc: network.subr Add MAC address based interface 

19 problems total for which you should take action.
--16774452592.Dd401F.89831-- From nobody Mon Feb 27 10:56:48 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PQHWK3QRpz3ty7w for ; Mon, 27 Feb 2023 10:57:01 +0000 (UTC) (envelope-from melifaro@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PQHWK2wwZz4Gfb; Mon, 27 Feb 2023 10:57:01 +0000 (UTC) (envelope-from melifaro@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677495421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=pDmKDQzhknSWmG8pm7Z13BWo0P4ItiM8GpUrXN4KFAU=; b=Gf/1/3BzZsO0kqPuOgXCKIwbIXBLUqy/iKKdW4nXxQTU2xoCzN9YoKC8bd4gJna+50PUxY +iozZB/lyFVl/obGSCCNgqDTaN29shduq2u+r8FfvGAVtgl4A70VOh0BvKxgK6u3/hZzWD WR01ajgz1Jftlmi8EwSG+tlOfBgSAxeWtZlYk/obQIHookzgh1ZiZL9K9eti9GXNRyOJQU mhPfeeU2blxd/lEC3tx8mrL+Nl+4jPcd7qLRFYNIz1KjLr3oLBcWRR6SX59bYwddxqeGVn rfoQZd+F8W0ixH7x8C01TTYwqYurKpuzrQwAurEtgtQDibNVuKgHX9L6R9oMOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677495421; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=pDmKDQzhknSWmG8pm7Z13BWo0P4ItiM8GpUrXN4KFAU=; b=e81u4wKx55emBmsYFXY8d9oC3kkTUvfne0VO0g+MEWRYuXyyl9eM5JTfFaLQscOoA0dBru WhDbkN3X8ImzgFCEyzaS3u9cZRcx8z4H8WZEiXe0ecUpltBRDbE5oK480z6eCf758hqowb rTdWmYteLcl/JJdOiAz3kGfhHrvW1PecrsC9Sd3QhJOkOE/0U9xpogCgS1jBzofC8ETJZa N48UdDVHP9sZLcEUpW+mAJvsQZJUjfww3LCQcIy3p4qlL1asFFDAYaC3FbfAskXDHxhpKt yQHSQzlKHQLAE3PrfpdIQbarLB/EeZpx+WbT2VAZrwXyTU5yFeBDVVCJ+whPgg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677495421; a=rsa-sha256; cv=none; b=theskSU1Og4xlmVJWs4gt3C1Ph8vsai5JdGHsAEAF3YsT4VC3h1SmJTmCjrYXid98aUftf giiM0bdtOPYKgUwWfR525oDtnPbFfSlT/BuMjES9GV++invpjEXXIMPoy8HsSKRcA32IR+ xyI3tPRbYiVdUEInQwbGqT6Ur+jSlgfxKe32y6LPKlvZpHk+bT5sIlo8g7dwsPEBz7R52P OdnWPr9MAzvO8s0L2a+IApuoXni8OK4405iRVtJh+tb5uIO7mPHQc2mpiyyuqgjK5/xsD0 98X98x3Y0VuYUqCPW1bCKlJFI1BRwUr/JoIoGJGGMmKdh8ho2vs4pnwF/h61ug== Received: from smtpclient.apple (unknown [IPv6:2a02:8084:d6bb:510:a5e6:da38:4042:8220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: melifaro/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4PQHWJ6n3hz12w5; Mon, 27 Feb 2023 10:57:00 +0000 (UTC) (envelope-from melifaro@freebsd.org) Content-Type: text/plain; charset=utf-8 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\)) Subject: Re: ECMP, DF-bit and ICMP "Fragmentation needed" From: Alexander Chernikov In-Reply-To: Date: Mon, 27 Feb 2023 10:56:48 +0000 Cc: freebsd-net Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Victor Gamov X-Mailer: Apple Mail (2.3731.400.51.1.1) X-ThisMailContainsUnwantedMimeParts: N > On 26 Feb 2023, at 12:07, Victor Gamov wrote: >=20 > Hi All >=20 > I have following scheme: > - LAN segment 10.5.8.0/24 with router1 (10.5.8.1) and MTU=3D1500 > - two hosts at LAN segment host21 (10.5.8.21) and host22 (10.5.8.22) > - host21 and host22 has VIP=3D172.16.110.30 configured as = LAN-interface alias > - host21 and host22 ha BGP peering with router1 and announce VIP to = router1 > - hostX somewhere at intranet > - ipsec-tunnel with MTU=3D1400 >=20 > ECMP works fine and traffic from other segments to VIP is balanced = between host21+host22 by router1. >=20 > The problem is: > when host21 and/or host22 send large packet with DF-bit using VIP as = source then ipsec-router sends ICMP "Fragmentation needed" and then this = ICMP is _always_ sent to only host22 by router1. >=20 > I think it may be hard or impossible to find proper VIP-owner to send = this ICMP. Is it possible to propagate such ICMP to all VIP-owners in = router1 routing-table? Or may some data from ICMP message be used to = properly calculate ECMP-hash to find a real VIP-owner which must receive = this ICMP? Generally it=E2=80=99s pretty hard to do. The path may go through the = multiple routers which has it own hash calculation + seed to avoid the = traffic polarisation. Personally I=E2=80=99d suggest doing some sort of = ICMP replication on either the source node or the hosts. >=20 >=20 > Thanks!th >=20 >=20 > --=20 > CU, > Victor Gamov From nobody Tue Feb 28 19:17:55 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PR6Zr3Vl9z3tqDs for ; Tue, 28 Feb 2023 19:17:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PR6Zr0DL1z3q7L for ; Tue, 28 Feb 2023 19:17:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677611876; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SqxsfSW51H8xJ4QyVWOTcz3AsHnenwdZii26YajQtGs=; b=N+uJBhQIanbssBr1aBsf+XPqh6aImbji3m3Xk4S4AivHBZbSk9Cweavv3k4Bu0+tWH4HWV cQeI30AH5w5wXqFNMsPG+/f0hwAB/Oq+Ii7wW+j7XtD+hd4IGQbgDr1UDHhRTJBAdXB4xY w/IwO44SbR21SZqh5nXtdEG/4e5kpCxSINFzrJ/X8VigBT7inNfy6nBIFmoRHrskE6+89R xUJnXl6xLrySnHZo8lfwk5X/ltL3EL2ocABbES0IbEODrHXtQTYre6hmRzA541UMHyLYHa hFksIW5HlWtZ7+hlKBuEomlJssEQAr3DTmgJHw7/XwUe5TpdvOpQSyJNxGaUlg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677611876; a=rsa-sha256; cv=none; b=AyJaVGbbIiYsPCtu/+UjQN72EbAIN31vx+Na8DLsTuTYMfQnvG0QsikElyQqlSPXVaUW7a xYTL/8cOBEiLHEoIhFzSLBLa3r9pL2nM/l9tTG+ZogsGHMNwv0pZQAKfci0LlI/uYp2bmt 6ARPp22ZLe/nJr/R6Ige+tH3t+ufrrNa0AUne6/hYCrijXjwrUbIUvGwaflbxhzkbr24sy e7bAWtdLSh4MtpoUYW5xglh57RNzd3ojwQrUdFt4EkWGq5Olwuo548RjI6lBW+0PL+Vr7C 3UER+OwgwMFcjHttY7VMbfer+7BYzEu3OjBx6HLJ+trYM80SWSqWVYZJgKxI7g== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PR6Zq625kz1JgP for ; Tue, 28 Feb 2023 19:17:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 31SJHtfH018157 for ; Tue, 28 Feb 2023 19:17:55 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 31SJHtVK018156 for net@FreeBSD.org; Tue, 28 Feb 2023 19:17:55 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 257709] netinet6: Set net.inet6.icmp6.nodeinfo default to 0 Date: Tue, 28 Feb 2023 19:17:55 +0000 X-Bugzilla-Reason: AssignedTo CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: needs-patch, needs-qa, security X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: henrichhartzer@tuta.io X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? mfc-stable13? mfc-stable12? mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D257709 --- Comment #3 from Henrich Hartzer --- I think this would be a great idea to get in for 13.2. --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.= From nobody Wed Mar 1 10:35:17 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRVxW3T0Mz3vhm0 for ; Wed, 1 Mar 2023 10:35:27 +0000 (UTC) (envelope-from yuri@FreeBSD.org) Received: from shell1.rawbw.com (shell1.rawbw.com [198.144.192.42]) by mx1.freebsd.org (Postfix) with ESMTP id 4PRVxV3p7fz4MMq for ; Wed, 1 Mar 2023 10:35:26 +0000 (UTC) (envelope-from yuri@FreeBSD.org) Authentication-Results: mx1.freebsd.org; dkim=none; spf=softfail (mx1.freebsd.org: 198.144.192.42 is neither permitted nor denied by domain of yuri@FreeBSD.org) smtp.mailfrom=yuri@FreeBSD.org; dmarc=none Received: from [192.168.5.3] (c-73-162-96-20.hsd1.ca.comcast.net [73.162.96.20]) (authenticated bits=0) by shell1.rawbw.com (8.15.1/8.15.1) with ESMTPSA id 321AZJCa066718 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Wed, 1 Mar 2023 02:35:19 -0800 (PST) (envelope-from yuri@FreeBSD.org) X-Authentication-Warning: shell1.rawbw.com: Host c-73-162-96-20.hsd1.ca.comcast.net [73.162.96.20] claimed to be [192.168.5.3] Message-ID: Date: Wed, 1 Mar 2023 02:35:17 -0800 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.5.0 Content-Language: en-US To: "freebsd-net@freebsd.org" From: Yuri Subject: sshd doesn't disconnect for 30+ minutes after the TCP connection is closed ungracefully Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spamd-Result: default: False [0.50 / 15.00]; VIOLATED_DIRECT_SPF(3.50)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.996]; RCVD_NO_TLS_LAST(0.10)[]; MIME_GOOD(-0.10)[text/plain]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:7961, ipnet:198.144.192.0/19, country:US]; FROM_EQ_ENVFROM(0.00)[]; TO_DN_EQ_ADDR_ALL(0.00)[]; MIME_TRACE(0.00)[0:+]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FROM_HAS_DN(0.00)[]; FREEFALL_USER(0.00)[yuri]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; R_SPF_SOFTFAIL(0.00)[~all:c]; TO_DOM_EQ_FROM_DOM(0.00)[] X-Rspamd-Queue-Id: 4PRVxV3p7fz4MMq X-Spamd-Bar: / X-ThisMailContainsUnwantedMimeParts: N Windows system connects to FreeBSD through ssh and then this connection dies because of WiFi or VPN issues. FreeBSD still has the sshd process alive for this connection for 30+ minutes. TCP keepalive is enabled on the FreeBSD host: $ sysctl net.inet.tcp.always_keepalive net.inet.tcp.always_keepalive: 1 Shouldn't TCP keepalive kill this sshd process after 3-4 minutes because this connection isn't alive? Yuri From nobody Wed Mar 1 11:36:32 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRXJ470Drz3vllZ for ; Wed, 1 Mar 2023 11:36:36 +0000 (UTC) (envelope-from grembo@freebsd.org) Received: from mail.evolve.de (mail.evolve.de [213.239.217.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA512 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail.evolve.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRXJ43G59z4V3n; Wed, 1 Mar 2023 11:36:36 +0000 (UTC) (envelope-from grembo@freebsd.org) Authentication-Results: mx1.freebsd.org; none Received: by mail.evolve.de (OpenSMTPD) with ESMTP id e109624b; Wed, 1 Mar 2023 11:36:33 +0000 (UTC) Received: by mail.evolve.de (OpenSMTPD) with ESMTPSA id e1a5530c (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Wed, 1 Mar 2023 11:36:33 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (1.0) Subject: Re: sshd doesn't disconnect for 30+ minutes after the TCP connection is closed ungracefully From: Michael Gmelin In-Reply-To: Date: Wed, 1 Mar 2023 12:36:32 +0100 Cc: freebsd-net@freebsd.org Message-Id: <08DDB90C-5D30-40A3-86C0-87021959F04D@freebsd.org> References: To: Yuri X-Mailer: iPhone Mail (20D67) X-Rspamd-Queue-Id: 4PRXJ43G59z4V3n X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:24940, ipnet:213.239.192.0/18, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > On 1. Mar 2023, at 11:35, Yuri wrote: >=20 > =EF=BB=BFWindows system connects to FreeBSD through ssh and then this conn= ection dies because of WiFi or VPN issues. >=20 > FreeBSD still has the sshd process alive for this connection for 30+ minut= es. >=20 > TCP keepalive is enabled on the FreeBSD host: >=20 > $ sysctl net.inet.tcp.always_keepalive > net.inet.tcp.always_keepalive: 1 >=20 > Shouldn't TCP keepalive kill this sshd process after 3-4 minutes because t= his connection isn't alive? >=20 Keepalives start after net.inet.tcp.keepidle milliseconds (2h by default). Cheers From nobody Wed Mar 1 13:03:27 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRZDN2JxJz3tr03 for ; Wed, 1 Mar 2023 13:03:32 +0000 (UTC) (envelope-from mike@karels.net) Received: from mail2.karels.net (mail2.karels.net [3.19.118.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "freebsd", Issuer "freebsd" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRZDN0b6jz4lG9; Wed, 1 Mar 2023 13:03:32 +0000 (UTC) (envelope-from mike@karels.net) Authentication-Results: mx1.freebsd.org; none Received: from mail2.karels.net (localhost [IPv6:0:0:0:0:0:0:0:1]) by mail2.karels.net (8.16.1/8.16.1) with ESMTP id 321D3Ru4088668; Wed, 1 Mar 2023 07:03:28 -0600 (CST) (envelope-from mike@karels.net) Received: from [10.0.2.130] ([73.62.165.147]) by mail2.karels.net with ESMTPSA id +YPSOR9N/2NaWgEAs/W3XQ (envelope-from ); Wed, 01 Mar 2023 07:03:28 -0600 From: Mike Karels To: Michael Gmelin Cc: Yuri , freebsd-net@freebsd.org Subject: Re: sshd doesn't disconnect for 30+ minutes after the TCP connection is closed ungracefully Date: Wed, 01 Mar 2023 07:03:27 -0600 X-Mailer: MailMate (1.14r5937) Message-ID: <49CE5046-7934-414C-9B62-F3712DECBA52@karels.net> In-Reply-To: <08DDB90C-5D30-40A3-86C0-87021959F04D@freebsd.org> References: <08DDB90C-5D30-40A3-86C0-87021959F04D@freebsd.org> List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4PRZDN0b6jz4lG9 X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:16509, ipnet:3.16.0.0/14, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N On 1 Mar 2023, at 5:36, Michael Gmelin wrote: >> On 1. Mar 2023, at 11:35, Yuri wrote: >> >> =EF=BB=BFWindows system connects to FreeBSD through ssh and then this = connection dies because of WiFi or VPN issues. >> >> FreeBSD still has the sshd process alive for this connection for 30+ m= inutes. >> >> TCP keepalive is enabled on the FreeBSD host: >> >> $ sysctl net.inet.tcp.always_keepalive >> net.inet.tcp.always_keepalive: 1 >> >> Shouldn't TCP keepalive kill this sshd process after 3-4 minutes becau= se this connection isn't alive? >> > > Keepalives start after net.inet.tcp.keepidle milliseconds (2h by defaul= t). When this happens to me, I generally log into the server again and use wr= ite(1) to send a message to that tty (a newline will do). That probes the conne= ction and causes a reset, and the session gets cleaned up. I use a longer keep= idle value for other reasons. Mike From nobody Wed Mar 1 20:33:03 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRmC75WbWz3vKRT for ; Wed, 1 Mar 2023 20:33:07 +0000 (UTC) (envelope-from rscheff@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRmC75339z4MZY for ; Wed, 1 Mar 2023 20:33:07 +0000 (UTC) (envelope-from rscheff@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677702787; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type:autocrypt:autocrypt; bh=eu2Fplx59LWpR0Rkr/Br6SP4Fv3NZDXm28+Dj6/Qids=; b=kStaFncoJh/6rZyYlXpczH9Q270Cvpl8VYl/wQdp2ppy8Etdz6iTw3wQd06SX+XMXMN+1v o4MQkB08/FLiwSJWdpWhNKUr9SD9x/YIPfjIvhFrvMv6ovjSZFrMyxzzhsIbA4VS56BwDV 494DL9ub7n4liVPwzDGu1i4hC2nllLYklt3S6xxIpC4+I/tpT7FNw0hY04G8ntiMePGtAy nc4Su2G0kypSEMIG8C5dQi7EZs+IDIch+DOX8zbDQBVSdWs3shRnLEzEeIIc+AgwCXVuQd iG/avq8tnPSKLqhzMjm+k6cnVYez3NSw2xcVTtyCS7rZRz57h/ltCupATVW5VA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677702787; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type:autocrypt:autocrypt; bh=eu2Fplx59LWpR0Rkr/Br6SP4Fv3NZDXm28+Dj6/Qids=; b=iuf0qycIP5gj3wzvhhP7HRWOq7SLfXxJONRkVEG9FU1kQmcWRAGVN3NLnxsfcejWiucUwg 0wX8LjMw0kidUYNooNS5lsnglkAExjzp7lBS+Kq0TnnMzFEyyKcTsM3yiNJa/HS4r5Sum3 xFtOwhAa9J/YKl0EH/6jbC7V3Gtzp95wgWhZ3g0ZtVAqlDXmtwwyEp7zH+qr0TgBbZUbkI TOojDydEUxG/bhGKd/07tOA2d8XuByuP4eEo92UIOwJd+0rynC7K5R/tVmIRGAtBiGgUgy AKH3PIMtn4sH3gunkh7MD+SYU3FHz7WBS1X9tibjFbefjKPD8hUmWz7SQ+UpVQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677702787; a=rsa-sha256; cv=none; b=NSeW+54ct/NJd8aYfeWpfgbgT+bidTdKPS4ajfKuhHk6kCqh8CJEyijbpGYgygkIZ/1aaD UZ8ZfQ+GwJql8SyYVe9rj5APWICZA7BcFBXULGtOQlFkeKX32vpkeoZxBHJH1G8w/x4XxL pYYboizNKXEjRA3MqI8jNjeBpIcENMcaySigq/8QghQM9eVd+XRQhSdG3XtYupJV5JkZ2M pTiCcWNAkH1qVym8T1Aq1bOUcWqmrzfBz/zFO0CKnFUijIQPkVkbQ3NSlkrGeOKjhOFLHq sGFTbmtH+s3PAqr12243sYH6+S52+iplc28ToKdbeQvdo3SiUxv+xi9OWQKBZg== Received: from [172.20.10.13] (213142096149.public.telering.at [213.142.96.149]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: rscheff/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4PRmC71thdz190F for ; Wed, 1 Mar 2023 20:33:07 +0000 (UTC) (envelope-from rscheff@freebsd.org) Message-ID: Date: Wed, 1 Mar 2023 21:33:03 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 To: freebsd-net@freebsd.org From: "Scheffenegger, Richard" Autocrypt: addr=rscheff@freebsd.org; keydata= xjMEY/i74RYJKwYBBAHaRw8BAQdAwtnvjlFVnnzNXO9hjHtB6MPGSY19L/BHh/iziPF0FzrN K1JpY2hhcmQgU2NoZWZmZW5lZ2dlciA8cnNjaGVmZkBmcmVlYnNkLm9yZz7CmgQTFgoAQhYh BDZLt5msg0Ras820cRe+WJngsUObBQJj+LvhAhsDBQkJZgGABQsJCAcCAyICAQYVCgkICwIE FgIDAQIeBwIXgAAKCRAXvliZ4LFDm4ylAQCSw2/nvht8kExJ31M+3qpjOqdVypMp+/Ojvh5Z lsk96QEA5HCBkteJcrohwRA7llZvLH3m25hcJdzmDh39mc0cSgPOOARj+LvhEgorBgEEAZdV AQUBAQdA1Dim8ZWpXRS5i9hb3O4RNHub8XvqTTkYyiZ2lSkXDwYDAQgHwn4EGBYKACYWIQQ2 S7eZrINEWrPNtHEXvliZ4LFDmwUCY/i74QIbDAUJCWYBgAAKCRAXvliZ4LFDm2TGAQDcg+bA EPqOH+JCIND8wZ62MwnjFyXFv73qevXkUHHNSgEApUgpHW9f6UaIAQpc3R185xjz6tk8XXBx eYpxKgIAeQ8= Subject: BPF to filter/mod ARP Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------ifbpc0yS6tASX7AdIJI9W76Z" X-ThisMailContainsUnwantedMimeParts: N This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------ifbpc0yS6tASX7AdIJI9W76Z Content-Type: multipart/mixed; boundary="------------xHv2AtMMxpdUoBBTAlnx03BL"; protected-headers="v1" From: "Scheffenegger, Richard" To: freebsd-net@freebsd.org Message-ID: Subject: BPF to filter/mod ARP --------------xHv2AtMMxpdUoBBTAlnx03BL Content-Type: multipart/mixed; boundary="------------WbOWKkBDT0VRi7TfKNdBiyl4" --------------WbOWKkBDT0VRi7TfKNdBiyl4 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 SGkgZ3JvdXAsDQoNCk1heWJlIHNvbWVvbmUgY2FuIGhlbHAgbWUgd2l0aCB0aGlzIHF1ZXN0 aW9uIC0gYXMgSSBhbSB1c3VhbGx5IG9ubHkgDQpsb29raW5nIGF0IEw0IGFuZCB0aGUgdG9w IHNpZGUgb2YgTDMgOykNCg0KSW4gb3JkZXIgdG8gdmFsaWRhdGUgYSBwZWN1bGlhciBzd2l0 Y2hlcyBiZWhhdmlvciwgSSB3YW50IHRvIGFkanVzdCBzb21lIA0KZmllbGRzIGluIGdyYWNp b3VzIGFycHMgc2VudCBvdXQgYnkgYW4gaW50ZXJmYWNlLCBhZnRlciBhIG5ldyBJUCBpcyAN CmFzc2lnbmVkIG9yIGNoYW5nZWQuDQoNCkkgYmVsaWV2ZSBCUEYgY2FuIGVmZmVjdGl2ZWx5 IGZpbHRlciBvbiBhcmJpdHJhcnkgYml0IHBhdHRlcm5zIGFuZCANCm1vZGlmeSBwYWNrZXRz IG9uIHRoZSBmbHkuDQoNCkhvd2V2ZXIsIGFzIEFSUCBkb2Vzbid0IHNlZW0gdG8gYmUgYWNj ZXNzaWJsZSBpbiB0aGUgaXBmdyANCmluZnJhc3RydWN0dXJlLCBJIHdhcyB3b25kZXJpbmcg aG93IHRvIGdvIGFib3V0IHNldHRpbmcgdXAgYW4gQlBGIHRvIA0KdHdlYWsgKHRlbXBvcmFy aWx5KSBzb21lIG9mIHRoZXNlIEFSUHMgdG8gdmFsaWRhdGUgaG93IHRoZSBzd2l0Y2ggd2ls bCANCmJlaGF2ZS4NCg0KKEkgbmVlZCB0byB2YWxpZGF0ZSwgaWYgdGhlcmUgaXMgc29tZSBk aWZmZXJlbmNlIHdoZW4gdGhlIHRhcmdldCANCmhhcmR3YXJlIGFkZHJlc3MgZG9lc24ndCBj b25mb3JtIHRvIFJGQzUyMjcgLSB3aGljaCBzdGF0ZXMgaXQgU0hPVUxEIGJlIA0KemVybyBh bmQgaXMgaWdub3JlZCBvbiB0aGUgcmVjZWl2aW5nIHNpZGU7IGkgaGF2ZSByZWFzb25zIHRv IGJlbGlldmUgDQp0aGF0IHRoZSBzd2l0Y2ggbmVlZHMgZWl0aGVyIGEgdGFyZ2V0IGhhcmR3 YXJlIGFkZHJlc3Mgb2YgDQpmZjpmZjpmZjpmZjpmZjpmZiBvciB0aGUgbG9jYWwgaW50ZXJm YWNlIE1BQywgdG8gcHJvcGVybHkgdXBkYXRlIGl0J3MgDQplbnRyaWVzLikNCg0KVGhhbmtz IGEgbG90IQ0KDQpSaWNoYXJkDQo= --------------WbOWKkBDT0VRi7TfKNdBiyl4 Content-Type: application/pgp-keys; name="OpenPGP_0x17BE5899E0B1439B.asc" Content-Disposition: attachment; filename="OpenPGP_0x17BE5899E0B1439B.asc" Content-Description: OpenPGP public key Content-Transfer-Encoding: quoted-printable -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEY/i74RYJKwYBBAHaRw8BAQdAwtnvjlFVnnzNXO9hjHtB6MPGSY19L/BHh/iz iPF0FzrNK1JpY2hhcmQgU2NoZWZmZW5lZ2dlciA8cnNjaGVmZkBmcmVlYnNkLm9y Zz7CmgQTFgoAQhYhBDZLt5msg0Ras820cRe+WJngsUObBQJj+LvhAhsDBQkJZgGA BQsJCAcCAyICAQYVCgkICwIEFgIDAQIeBwIXgAAKCRAXvliZ4LFDm4ylAQCSw2/n vht8kExJ31M+3qpjOqdVypMp+/Ojvh5Zlsk96QEA5HCBkteJcrohwRA7llZvLH3m 25hcJdzmDh39mc0cSgPOOARj+LvhEgorBgEEAZdVAQUBAQdA1Dim8ZWpXRS5i9hb 3O4RNHub8XvqTTkYyiZ2lSkXDwYDAQgHwn4EGBYKACYWIQQ2S7eZrINEWrPNtHEX vliZ4LFDmwUCY/i74QIbDAUJCWYBgAAKCRAXvliZ4LFDm2TGAQDcg+bAEPqOH+JC IND8wZ62MwnjFyXFv73qevXkUHHNSgEApUgpHW9f6UaIAQpc3R185xjz6tk8XXBx eYpxKgIAeQ8=3D =3DBwxS -----END PGP PUBLIC KEY BLOCK----- --------------WbOWKkBDT0VRi7TfKNdBiyl4-- --------------xHv2AtMMxpdUoBBTAlnx03BL-- --------------ifbpc0yS6tASX7AdIJI9W76Z Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wnsEABYIACMWIQQ2S7eZrINEWrPNtHEXvliZ4LFDmwUCY/+2fwUDAAAAAAAKCRAXvliZ4LFDm+jG APwPhVstXyJx6HZZUchFmzV8BdGud2IuQ43Hhc8zwtc+hQD8CjCyMOEhdJs/fNwF1yxfKkRHcrr9 kOgQq+/mHVfnJA0= =WqDT -----END PGP SIGNATURE----- --------------ifbpc0yS6tASX7AdIJI9W76Z-- From nobody Wed Mar 1 20:58:32 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRmmg4zzZz3vLWf for ; Wed, 1 Mar 2023 20:58:43 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.franken.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRmmg32s5z3BvR; Wed, 1 Mar 2023 20:58:43 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Authentication-Results: mx1.freebsd.org; none Received: from smtpclient.apple (unknown [IPv6:2a02:8109:1140:c3d:c64:cf31:7eab:fd78]) (Authenticated sender: lurchi) by drew.franken.de (Postfix) with ESMTPSA id 728CF7213B547; Wed, 1 Mar 2023 21:58:33 +0100 (CET) Content-Type: text/plain; charset=us-ascii List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\)) Subject: Re: BPF to filter/mod ARP From: Michael Tuexen In-Reply-To: Date: Wed, 1 Mar 2023 21:58:32 +0100 Cc: freebsd-net@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <02B65D42-5097-421A-B951-C947C5DBA465@lurchi.franken.de> References: To: "Scheffenegger, Richard" X-Mailer: Apple Mail (2.3731.400.51.1.1) X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=disabled version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail-n.franken.de X-Rspamd-Queue-Id: 4PRmmg32s5z3BvR X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:680, ipnet:2001:638::/32, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > On 1. Mar 2023, at 21:33, Scheffenegger, Richard = wrote: >=20 > Hi group, >=20 > Maybe someone can help me with this question - as I am usually only = looking at L4 and the top side of L3 ;) >=20 > In order to validate a peculiar switches behavior, I want to adjust = some fields in gracious arps sent out by an interface, after a new IP is = assigned or changed. Wouldn't scapy allow you to do this kind of testing? Best regards Michael >=20 > I believe BPF can effectively filter on arbitrary bit patterns and = modify packets on the fly. >=20 > However, as ARP doesn't seem to be accessible in the ipfw = infrastructure, I was wondering how to go about setting up an BPF to = tweak (temporarily) some of these ARPs to validate how the switch will = behave. >=20 > (I need to validate, if there is some difference when the target = hardware address doesn't conform to RFC5227 - which states it SHOULD be = zero and is ignored on the receiving side; i have reasons to believe = that the switch needs either a target hardware address of = ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update it's = entries.) >=20 > Thanks a lot! >=20 > Richard > From nobody Wed Mar 1 21:08:01 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRmzS3QCkz3vMQ8 for ; Wed, 1 Mar 2023 21:08:04 +0000 (UTC) (envelope-from rscheff@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRmzS2vrXz3CcV for ; Wed, 1 Mar 2023 21:08:04 +0000 (UTC) (envelope-from rscheff@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677704884; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type:autocrypt:autocrypt; bh=QD+4MQjETg94HQpTXloLKJgcEBHwjbK5CVmdsDp0upc=; b=ezKVBowsebSGqCBBhEeqeT3zS+qtHknbQqVeEGI0M5FMeGKLUEGgM7tx3UkyTn3xTfYSAA tCR45nFiItvgCBMtZ+z8yunzpLC03jdWkSIemIf6wePdxbjVyPdPqzgKcvlU4JGe/z0wwe MGc3cW3+bscZanJn2GqMtHm3MCVD4ck2e7e/CDcqhkK/ZDrM3XE0AiDkTi0Vv7mN3Iodh7 IYXUiXcTMGfR8ABnrWuerNB3bOgStqnf4jxq/QV8K3dy6RptBdIIlE5aC7W2U364Gya6kN rnI6Z4eFXwhRLgWsn3GDleEB1vDs1yrZdtix86XK2F82D0dHtSTBu68CK+gO8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677704884; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type:autocrypt:autocrypt; bh=QD+4MQjETg94HQpTXloLKJgcEBHwjbK5CVmdsDp0upc=; b=W8gbIDPYoI9dV+qWFvt+nHy3DY7ZhPod8L+9bH75H+aDV5QYHGDrAyAYR361L8KKFEyS8Q oIwRiMbAdz6Q5AgqgdlO4MHQloIAes6CILOh9pkCwaNYZtlsMMaLr6KQPpekiMvRSqO8qG 9ldqYGtP2OwqAP1xXoDUugQ3O/SS9Ma6rkf3y1FFjX4HC7ZGZPILkUzI6pf+fcfkHDlqIZ BtfZ985BYGeXHZhi1DF74zUa89nulxSj/LDuJJjnZQY2N6493aVyh1YTdbl1Auq+vizbQP k84BdyhM5j3quQrn1iFYoU8MgCaGGNq6UicQ0MCm41ILlazdnaTZxIsNGdWu9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677704884; a=rsa-sha256; cv=none; b=GiHOWCUy5pt3ewjumd4WqoRlDemZU+mfsgmt7ioKdHMMF3XbSHwmR/Pg6tj5dwqodRDAgG WOn+jrVJY+CJUN2RBNoKxQDwYavdFgfISmc4xmSggNAoqOuZwSgM3fMLbkCV3WZNjlVgBr TGsJ3AzIKXvZDwWXzr+uTZ80JpAgfXd3hUdKoX/ArEOqhz4ZCwr8kEZ786QkmGY9ZcnrWm d0+iIxWoDnTRY//XGFimYJ/Pm4VO0F2glb6ZTs9d2HHa1wfD562E5jW1m5UYFsRAo0eM9P YfKNh+ziTeIuRF+a13O5FHUI4IEq3dUVPsfbpgx1aNPCv8bKvuOb5BJCYMhRoQ== Received: from [10.249.70.101] (unknown [217.70.211.10]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: rscheff/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4PRmzS09Ypz19Sk for ; Wed, 1 Mar 2023 21:08:03 +0000 (UTC) (envelope-from rscheff@freebsd.org) Message-ID: <6618db6d-a12b-f73d-e2fb-d59351e7be30@freebsd.org> Date: Wed, 1 Mar 2023 22:08:01 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 To: freebsd-net@freebsd.org From: "Scheffenegger, Richard" Autocrypt: addr=rscheff@freebsd.org; keydata= xjMEY/i74RYJKwYBBAHaRw8BAQdAwtnvjlFVnnzNXO9hjHtB6MPGSY19L/BHh/iziPF0FzrN K1JpY2hhcmQgU2NoZWZmZW5lZ2dlciA8cnNjaGVmZkBmcmVlYnNkLm9yZz7CmgQTFgoAQhYh BDZLt5msg0Ras820cRe+WJngsUObBQJj+LvhAhsDBQkJZgGABQsJCAcCAyICAQYVCgkICwIE FgIDAQIeBwIXgAAKCRAXvliZ4LFDm4ylAQCSw2/nvht8kExJ31M+3qpjOqdVypMp+/Ojvh5Z lsk96QEA5HCBkteJcrohwRA7llZvLH3m25hcJdzmDh39mc0cSgPOOARj+LvhEgorBgEEAZdV AQUBAQdA1Dim8ZWpXRS5i9hb3O4RNHub8XvqTTkYyiZ2lSkXDwYDAQgHwn4EGBYKACYWIQQ2 S7eZrINEWrPNtHEXvliZ4LFDmwUCY/i74QIbDAUJCWYBgAAKCRAXvliZ4LFDm2TGAQDcg+bA EPqOH+JCIND8wZ62MwnjFyXFv73qevXkUHHNSgEApUgpHW9f6UaIAQpc3R185xjz6tk8XXBx eYpxKgIAeQ8= Subject: mlx5en & tcpdump -Q Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------cj1OGPis45kJ8hTR4jz23QLJ" X-ThisMailContainsUnwantedMimeParts: N This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------cj1OGPis45kJ8hTR4jz23QLJ Content-Type: multipart/mixed; boundary="------------ezgK319GhRBt4CIGaM0YWnfp"; protected-headers="v1" From: "Scheffenegger, Richard" To: freebsd-net@freebsd.org Message-ID: <6618db6d-a12b-f73d-e2fb-d59351e7be30@freebsd.org> Subject: mlx5en & tcpdump -Q --------------ezgK319GhRBt4CIGaM0YWnfp Content-Type: multipart/mixed; boundary="------------j2P0HJp6aVUX9y5gQ9UpxjWL" --------------j2P0HJp6aVUX9y5gQ9UpxjWL Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 UmVsYXRlZCB0byB0aGUgb3RoZXIgaXNzdWUganVzdCBtZW50aW9uZWQsIEkgZm91bmQgdGhh dCB3aGVuIHRyeWluZyB0byANCnBlcmZvcm0gdW5pZGlyZWN0aW9uYWwgcGFja2V0IGNhcHR1 cmVzIHVzaW5nIHRoZSB0Y3BkdW1wIC1RIG9wdGlvbiwgd2hlbiANCnRyeWluZyB0aGlzIGFn YWluc3QgYSBDWDUgTklDLCBpIGdldCB0aGlzIGVycm9yIG1lc3NhZ2U6DQoNCnRjcGR1bXA6 IGU0YTogcGNhcF9zZXRkaXJlY3Rpb24oKSBmYWlsZWQ6IFNldHRpbmcgZGlyZWN0aW9uIGlz IG5vdCANCmltcGxlbWVudGVkIG9uIHRoaXMgcGxhdGZvcm0NCg0KKHRoaXMgaXMgYSAxMy4w IGtlcm5lbCwgY2FuIG5vdCByZWFsbHkgY2hlY2sgbWFpbikuDQoNCkRvZXMgYW55b25lIGtu b3cgaWYgdGhpcyBmdW5jdGlvbmFsaXR5IGlzIGF2YWlsYWJsZSBhbHJlYWR5LCBvciBhbnkg DQpwbGFucyB0byBpbXBsZW1lbnQgdGhpcyBmb3IgbWx4NWVuID8NCg0KVGhhbmtzLA0KICAg UmljaGFyZA0KDQoNCg0K --------------j2P0HJp6aVUX9y5gQ9UpxjWL Content-Type: application/pgp-keys; name="OpenPGP_0x17BE5899E0B1439B.asc" Content-Disposition: attachment; filename="OpenPGP_0x17BE5899E0B1439B.asc" Content-Description: OpenPGP public key Content-Transfer-Encoding: quoted-printable -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEY/i74RYJKwYBBAHaRw8BAQdAwtnvjlFVnnzNXO9hjHtB6MPGSY19L/BHh/iz iPF0FzrNK1JpY2hhcmQgU2NoZWZmZW5lZ2dlciA8cnNjaGVmZkBmcmVlYnNkLm9y Zz7CmgQTFgoAQhYhBDZLt5msg0Ras820cRe+WJngsUObBQJj+LvhAhsDBQkJZgGA BQsJCAcCAyICAQYVCgkICwIEFgIDAQIeBwIXgAAKCRAXvliZ4LFDm4ylAQCSw2/n vht8kExJ31M+3qpjOqdVypMp+/Ojvh5Zlsk96QEA5HCBkteJcrohwRA7llZvLH3m 25hcJdzmDh39mc0cSgPOOARj+LvhEgorBgEEAZdVAQUBAQdA1Dim8ZWpXRS5i9hb 3O4RNHub8XvqTTkYyiZ2lSkXDwYDAQgHwn4EGBYKACYWIQQ2S7eZrINEWrPNtHEX vliZ4LFDmwUCY/i74QIbDAUJCWYBgAAKCRAXvliZ4LFDm2TGAQDcg+bAEPqOH+JC IND8wZ62MwnjFyXFv73qevXkUHHNSgEApUgpHW9f6UaIAQpc3R185xjz6tk8XXBx eYpxKgIAeQ8=3D =3DBwxS -----END PGP PUBLIC KEY BLOCK----- --------------j2P0HJp6aVUX9y5gQ9UpxjWL-- --------------ezgK319GhRBt4CIGaM0YWnfp-- --------------cj1OGPis45kJ8hTR4jz23QLJ Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wnsEABYIACMWIQQ2S7eZrINEWrPNtHEXvliZ4LFDmwUCY/++sQUDAAAAAAAKCRAXvliZ4LFDmzjl AP9Lc+487WvF6KxyZNhVW4Vl0C6srBbekglu0Gx2vexYRgEApstEZ1nMhTlB2nNWv8dCI0+M26d0 2EpmTMfr8/pqgQQ= =akdO -----END PGP SIGNATURE----- --------------cj1OGPis45kJ8hTR4jz23QLJ-- From nobody Wed Mar 1 21:10:19 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRn282XRHz3vMT7 for ; Wed, 1 Mar 2023 21:10:24 +0000 (UTC) (envelope-from Richard.Scheffenegger@netapp.com) Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2060c.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8d::60c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "DigiCert Cloud Services CA-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRn275Hgvz3Db0; Wed, 1 Mar 2023 21:10:23 +0000 (UTC) (envelope-from Richard.Scheffenegger@netapp.com) Authentication-Results: mx1.freebsd.org; none ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XDsSHSCUGyGd463xEMglt/62dqV00Lo45T3ezb/u6h+cDhYfIfFHUqoI3tzwZVpMW3hMvw5IAbQ+wa+NkC/Sc3ZHNviRDqwVPlNnMHAU2bzoya5pA9HBGMCBxnidNEvP1ta8SijYLWsCzC3NXH0xjNVyn8pVqqe8iWx1b2JtdMfAwPcol2XGHVSCw3apFFCtiBYErvve+F7LCgHkEJ07ETdhBYuxK89ml6TLD8lCAfYpRnpTOq75K/qi3kr2LpwXEUJb8Ifexk4E16piGcWMRCctpvKgp09mMAIqPH6IzqCgetvXieAAsiP9rUx/IXtFazVW+VnNXgcBNATikR+YrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zMW8TgFfEQudqRanygfJg3BjrR0BOXTyX7eX4Ls29/U=; b=KT546GxrQJEzdgHh5i1afsmg0RBxsiPZ2NRk2CpOUyYSx6cH77v3fpHP/0ptZgJukLXLUpCV0u5+Zt03946fs0xbozR0+jmexpaqUWnYuWuO6piqkBPMpoRIruzSiaWXy6sOIi42Tx+gyy2vABkDvnwxS7tn7O4pPi5I8GPeFXWKrMwltJ2ndh2XaG61MmLjaaO2cFjvpPtcjab1crf5ViLiqkZ1SbdK23iOKJ3HGPXY+zd0lxRHMdIXQq12Efq1HSv1MJh0NvFrIJwNmjFW6PUOQzvGESD4DfEMWFOGztwZE5ztu93h0A4pu8ygwTfDdA9O95uGS+OCpGBaXoD/tw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=netapp.com; dmarc=pass action=none header.from=netapp.com; dkim=pass header.d=netapp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netapp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zMW8TgFfEQudqRanygfJg3BjrR0BOXTyX7eX4Ls29/U=; b=nvD/aFwjyNRlLB/KCyZimoZKUS3QLi/mUxbQPAnsyTFlFChhLnB+smcG9e2oyMJ0keo02uF1WtxAmwMJxZaAd07A0pXgbGv84oBYEPY10uRmYAqHedzkspuivWg7sFnuPd4o/rFN1WTCaUR36zeXLVTFFfiLyxMctIscieNa5bYDz8U4cFQs5Ftb2+1WCojJyJJfjVN6eBAqTpiABb7xv1drUab27huTckY5syTA3Ho7CDTSv9iJSsYvjguYCL7Il/pvAFYc8a3O1/7+w1jPCXWPORwRrsLSL/bj1ZoMMPHgykWOR3P2guPKaT4GBFIOjVvDq3H6cJmeq4p/VFKluA== Received: from PH0PR06MB7639.namprd06.prod.outlook.com (2603:10b6:510:4e::18) by SN4PR0601MB8567.namprd06.prod.outlook.com (2603:10b6:806:212::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Wed, 1 Mar 2023 21:10:20 +0000 Received: from PH0PR06MB7639.namprd06.prod.outlook.com ([fe80::dbe5:f174:9a6d:5cf7]) by PH0PR06MB7639.namprd06.prod.outlook.com ([fe80::dbe5:f174:9a6d:5cf7%9]) with mapi id 15.20.6156.018; Wed, 1 Mar 2023 21:10:20 +0000 From: "Scheffenegger, Richard" To: Michael Tuexen , "Scheffenegger, Richard" CC: "freebsd-net@freebsd.org" Subject: RE: BPF to filter/mod ARP Thread-Topic: BPF to filter/mod ARP Thread-Index: AQHZTH0O0g90hdOQsUeGJnIIBE3saa7maC8AgAAC0CA= Date: Wed, 1 Mar 2023 21:10:19 +0000 Message-ID: References: <02B65D42-5097-421A-B951-C947C5DBA465@lurchi.franken.de> In-Reply-To: <02B65D42-5097-421A-B951-C947C5DBA465@lurchi.franken.de> Accept-Language: de-AT, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.6.701.4 dlp-reaction: no-action x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH0PR06MB7639:EE_|SN4PR0601MB8567:EE_ x-ms-office365-filtering-correlation-id: 79582958-cca8-4986-2ee4-08db1a995d49 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: Lsn/25bxIURsC54c3HqP/vuNL4QmL0vPMs3byDNPGEg8uCXUM7eDoL8210n/zNZ0EguEC4sDSfubvB5+qPpGDXAyjXdEMDPmBVZHbEjAqoj5a82p+miu0NEWWfVnqC44ybo1lsdq0cu5F48C8JbsHjPRDsMuVe1HRUlmkNuD3nfrVNUEbED+JeVR4BupeHhTW2KgpKZ4MZXgrZoZ+qpfIkFxDrKOWsugixZsDegcttNxjeKVNSPRtHlTktLB0i6zMd/I3zwqPZPrxB6CCeyq400vBiMsXwV82/JV17kOljlU1x5CaEGYod4gyxzVVeQSQOfUTdGzsswOvOK+KQL5kbSoFgHX6CfVwswU2v3WBywPiMGjumBCJE9Lk5kbhntxSzR+3MwP9cmZkdGe4hKUWu9jqeWqiayUXqHZmdc0HHo91spoukZPPjv9BFcq8Fip6At+G+Qb8q3NbrnKKFxPl9WgyHLI9MwMgUIASDdk7Nkxaxq3GFa84JfE54YwSUABYCjQnHBtLiBKtFrcQV6SFq9UY6a5QT/8cntvyJtBcBtt/SRgyPqkCwLtVWK/2V4Q4QvgQa+AqQgUah41I4sgKA9vVStX8UlHYhIWoNKdi9fX6Gm2XhVessWUr49xFvYg/W+P+zBUhm9wwHTo4tfSy6klmJG9qxdUTcXpENTgl/tVWUs5Hi5FhfhSGd8qbgVv1Q7UeamByXaVcbWmxVKmGA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR06MB7639.namprd06.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(396003)(346002)(366004)(136003)(39860400002)(376002)(451199018)(8936002)(52536014)(478600001)(6506007)(5660300002)(8676002)(55016003)(86362001)(33656002)(66946007)(66476007)(71200400001)(122000001)(83380400001)(66556008)(4326008)(76116006)(110136005)(66446008)(64756008)(7696005)(3480700007)(26005)(316002)(9686003)(186003)(38100700002)(41300700001)(2906002)(38070700005)(4744005);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?a1dHU1RQWXNFNVI1U01oSU5IcE15dmVXQWlxNEVGT0xSNFA0YzBtQ3lvbktU?= =?utf-8?B?c3Q5aExKcHdQY1lmdGQvTzRWcXgyS0RrMmVRdGplVVBkR29zaEZxMlRzR3FX?= =?utf-8?B?TGwwbmI1d0hYUGUvZDhtV3JvNVYzRFdRNEhlbVFINHNYd2x0aVRPVHA1N1U4?= =?utf-8?B?OFBDdE9DUmM1Sm5VT0JqY2ZubU9Yc3BDcmhXYTZqUzV0TGZyckJkWmx3M1Er?= =?utf-8?B?cTQyZEdYenp0TWdzOHpFWThUSmZQeDViVlhTYU9YZjV4ZmgzWVVrbGFkaGRG?= =?utf-8?B?NCsxeTU2L0x4bVFLMDlybVFJb0NQWXFSMzZlMDhBYmtpTjcxUUNMZEFLM1Vy?= =?utf-8?B?eStlTUlZSWNRb0cxbVNyZ3NWTWhWZHowTlR1azJHOVBWNUEwR3dFTGk3VDA2?= =?utf-8?B?eGxYbW5jUFpaSThsTEZaRmhIY2Fkd1ZQaUxiMk9sS2RnY3RNbi8xQXhSUDVM?= =?utf-8?B?c0s3ZUNYcExDUnk3dlU1cFFwVXRVT3lEdXcyeTgvcjhuOTBIOTNUWm5keU9D?= =?utf-8?B?UU14QmlIVDdrc1RtQmx2TFRYbm5tbFVhMUU1VExPWVdKVVZkTFFwREx4V0hG?= =?utf-8?B?UXhRN2ZqalEvTllUQzB1V3RCdXJZZHNtNm5RbVAxQzZCRUplODNucWZwNFIr?= =?utf-8?B?K0xxcWZaaEdNYlpETW03TEVZNEV6NkkxKzZLV21VSUtNNVN3VlFLZFJZNlpD?= =?utf-8?B?c2VvWG1lbkJGb1k3UTgxNmVkK0ZkRGgvTmdYTGVac3ZnamN0Mkxwc0Z2cTd5?= =?utf-8?B?TFlUYnRNMDhLNnhVL2k4Y2wvRExSRDRWa1NqaHdFTTB1UmVqcmNIOXA0ZGZ6?= =?utf-8?B?K044T3FGbEFQVEh2RkpTcGx1MWNPRDFTeklGZGxxRjZvOWtRais0OExqUC8w?= =?utf-8?B?MFlwN2VsaDNtaUdBUWdkSFhaV2dIZHpISUpNOEp6ekI5QnViZDdVRkNqK3Jk?= =?utf-8?B?K1ovUFhTOWdnYVMrNmUrZVVDS3FFVzdBMENiWjN4aU94TEk1S3U0RlVaTVA2?= =?utf-8?B?TDV4K2hLNGo5Yk5yVEFSVnY3MXpyOTdNc1RPWTF5K0FJNVBwTzUyQjNNNTMr?= =?utf-8?B?SWdSdEMvUFpiZUEyQ3R0MHV6bmVjK1JQOVhQUkZ3bHFKV0draU1NRWZ0TlZV?= =?utf-8?B?WFNSbnd1WFZRcFdseXhReGdxS3YzZDhmWVluNEtZSnBZak45LzB2R0hXakp5?= =?utf-8?B?bjZBUGFBeXYzY1NiMDFzZ2pnTDFqQ2d2Sno4cXhJR1BMckhndWlnTVVBeGFw?= =?utf-8?B?NWZjc2lCdjk2YUZLVlNRcGp0Kzk5Z2V1L1pCU3VOQW9obmp2WEdYQWRPNFd6?= =?utf-8?B?SlN0a1NWUWw2bVA3RGJiYzhCdTR4cGQwdnJHMGw1eDJ5TzBBRVE5aWFrc2x4?= =?utf-8?B?WXNnbUlFeU5uU0Ztem5oZHdqZmhEVDAra202R1YrSk5RejlVK2t0aDlaRXQv?= =?utf-8?B?YVBRZW5PbHZzU2xsaUhGbHREanVLUG92aWtWT2crSUlsalJkWjdrcGNtallT?= =?utf-8?B?dTlhVk9ua0QyWXd2VHc4TkhuVW5SV2tRa25wUXdMM3A2RmRUK3d0Q1VZZWZJ?= =?utf-8?B?b1BHamtyNDlCSnp6SUZ5WTlCSnIvdG1hMkV5ZWFlSDZFd2YvOTdWYXJzTTh6?= =?utf-8?B?ejJsTWtlUW92c1grQUo2ZFQ5Q1RZUTllcDI0blh6Y2g5dEI3K0NuM3RtbG9s?= =?utf-8?B?T0diNTQ1U1F0TjIyUXlLR1BBd2ZjNXlyd2JsSlM5SHZlaXFmSkJBb2g0NVNl?= =?utf-8?B?OUsrK1Jha1JnUG1WaUJ6eUszRHZKOGwvVXN4aEY0d0thYVErLzZiMFIwYXdS?= =?utf-8?B?WDduQWNtOEYzTGVGZHhibTl6ZXF4Yms1VTZEanhyUmJxbmRFaERucU91T1RI?= =?utf-8?B?cjRQNk0xcC9NT2Z1M3g5bGptdjNZNXc5RkxqVEYwTkgwUmZBUFg2OSt1dDZq?= =?utf-8?B?QjRrRVQzanBlWVhTNU1odTRIL1lGeExzRElkU1N2Tng2aDVhL2wrelB0c29H?= =?utf-8?B?Wmt0a1ViOGd2Ym1xc2VwZ0VzUVVIdmY4akRscERzejVxeGRwQitVTUpSNTM5?= =?utf-8?B?VHJmSnNFeXVabUZBaCsxUzEwak5DZThORkJidnQ2QXdqNVdMYmhhNGM0WHJy?= =?utf-8?Q?n/fnaqL3tBr1O8zS66HPW/Omd?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-OriginatorOrg: netapp.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR06MB7639.namprd06.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 79582958-cca8-4986-2ee4-08db1a995d49 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Mar 2023 21:10:20.0140 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 4b0911a0-929b-4715-944b-c03745165b3a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 0peJcsRT7gdq6/rwuNRVKoZQS4lO2wdArFixt4d0qQmjzIiIyDlsRhP5xQITN2ysPAuLicARqxDi8mzy1e1eew== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN4PR0601MB8567 X-Rspamd-Queue-Id: 4PRn275Hgvz3Db0 X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:8075, ipnet:2a01:111:f000::/36, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N Pj4gT24gMS4gTWFyIDIwMjMsIGF0IDIxOjMzLCBTY2hlZmZlbmVnZ2VyLCBSaWNoYXJkIDxyc2No ZWZmQGZyZWVic2Qub3JnPiB3cm90ZToNCj4+DQo+PiBIaSBncm91cCwNCj4+DQo+PiBNYXliZSBz b21lb25lIGNhbiBoZWxwIG1lIHdpdGggdGhpcyBxdWVzdGlvbiAtIGFzIEkgYW0gdXN1YWxseSBv bmx5IGxvb2tpbmcgYXQgTDQgYW5kIHRoZSB0b3Agc2lkZSBvZiBMMyA7KQ0KPg0KPj4gSW4gb3Jk ZXIgdG8gdmFsaWRhdGUgYSBwZWN1bGlhciBzd2l0Y2hlcyBiZWhhdmlvciwgSSB3YW50IHRvIGFk anVzdCBzb21lIGZpZWxkcyBpbiBncmFjaW91cyBhcnBzIHNlbnQgb3V0IGJ5IGFuIGludGVyZmFj ZSwgYWZ0ZXIgYSBuZXcgSVAgaXMgYXNzaWduZWQgb3IgY2hhbmdlZC4NCg0KPiBXb3VsZG4ndCBz Y2FweSBhbGxvdyB5b3UgdG8gZG8gdGhpcyBraW5kIG9mIHRlc3Rpbmc/DQoNClVuZm9ydHVuYXRl bHkgbm90IC0gSSBkb24ndCB3YW50IHRvIGZvcmdlIGFub3RoZXIgcGFja2V0LCBJIHdhbnQgdG8g bWFrZSBzdXJlIG9ubHkgdGhlIHNwZWNpZmljIG9uZSBpcyBiZWluZyBzZW50LCB3aXRoIHRoZSBz dGFuZGFyZCBHQVJQIHJldHJhbnNtaXNzaW9ucyBhbmQgc28gb24uDQoNClJpY2hhcmQNCg0K From nobody Wed Mar 1 21:32:10 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRnWP2XqJz3vNNG for ; Wed, 1 Mar 2023 21:32:17 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Received: from drew.franken.de (mail-n.franken.de [193.175.24.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.franken.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRnWN72L1z3GTT; Wed, 1 Mar 2023 21:32:16 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Authentication-Results: mx1.freebsd.org; none Received: from smtpclient.apple (unknown [IPv6:2a02:8109:1140:c3d:c64:cf31:7eab:fd78]) (Authenticated sender: lurchi) by drew.franken.de (Postfix) with ESMTPSA id AE4FF7213B547; Wed, 1 Mar 2023 22:32:11 +0100 (CET) Content-Type: text/plain; charset=us-ascii List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\)) Subject: Re: BPF to filter/mod ARP From: Michael Tuexen In-Reply-To: Date: Wed, 1 Mar 2023 22:32:10 +0100 Cc: "Scheffenegger, Richard" , "freebsd-net@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: <02B65D42-5097-421A-B951-C947C5DBA465@lurchi.franken.de> To: "Scheffenegger, Richard" X-Mailer: Apple Mail (2.3731.400.51.1.1) X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=disabled version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail-n.franken.de X-Rspamd-Queue-Id: 4PRnWN72L1z3GTT X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:680, ipnet:193.174.0.0/15, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > On 1. Mar 2023, at 22:10, Scheffenegger, Richard = wrote: >=20 >>> On 1. Mar 2023, at 21:33, Scheffenegger, Richard = wrote: >>>=20 >>> Hi group, >>>=20 >>> Maybe someone can help me with this question - as I am usually only = looking at L4 and the top side of L3 ;) >>=20 >>> In order to validate a peculiar switches behavior, I want to adjust = some fields in gracious arps sent out by an interface, after a new IP is = assigned or changed. >=20 >> Wouldn't scapy allow you to do this kind of testing? >=20 > Unfortunately not - I don't want to forge another packet, I want to = make sure only the specific one is being sent, with the standard GARP = retransmissions and so on. Can't you test what you want to test by generating all the required = packets from scapy? ARP is a pretty simple protocol... Best regards Michael >=20 > Richard >=20 From nobody Thu Mar 2 01:24:13 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PRtg70H5Jz3vdB7 for ; Thu, 2 Mar 2023 01:24:19 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4PRtg61ys6z3sXw; Thu, 2 Mar 2023 01:24:18 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Authentication-Results: mx1.freebsd.org; none Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 3221ODF3060001; Wed, 1 Mar 2023 17:24:13 -0800 (PST) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 3221ODrn060000; Wed, 1 Mar 2023 17:24:13 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202303020124.3221ODrn060000@gndrsh.dnsmgr.net> Subject: Re: BPF to filter/mod ARP In-Reply-To: To: "Scheffenegger, Richard" Date: Wed, 1 Mar 2023 17:24:13 -0800 (PST) CC: freebsd-net@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4PRtg61ys6z3sXw X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > Hi group, > > Maybe someone can help me with this question - as I am usually only > looking at L4 and the top side of L3 ;) > > In order to validate a peculiar switches behavior, I want to adjust some > fields in gracious arps sent out by an interface, after a new IP is > assigned or changed. Gracious or Gratuitous? > > I believe BPF can effectively filter on arbitrary bit patterns and > modify packets on the fly. It can. > > However, as ARP doesn't seem to be accessible in the ipfw > infrastructure, I was wondering how to go about setting up an BPF to > tweak (temporarily) some of these ARPs to validate how the switch will > behave. ipfw is IP firewall, a layer 3 function. Arp is a layer 2 protocol, so very hard to do much with it in ipfw, but perhaps the layer2 keyword, and some use of mac-type can get it to match an arp packet. Arp is ethernet type 0x806. ipfw add 111 count log all from any to any layer2 mac-type arp That does seem to work ipfw -a list 111 00111 4 0 count log ip from any to any layer2 mac-type 0x0806 Also normally ipfw does NOT pick packets up early enough to see them, to get the layer2 option to work you need: sysctl net.link.ether.ipfw=1 so that the filters at ether_demux get turned on. So perhaps use a divert rule and send them to a socket where a program can mangle them, and then return them to ipfw and hopefully the kernel does what you want after that... > (I need to validate, if there is some difference when the target > hardware address doesn't conform to RFC5227 - which states it SHOULD be > zero and is ignored on the receiving side; i have reasons to believe > that the switch needs either a target hardware address of > ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update it's > entries.) > > Thanks a lot! > > Richard > -- Rod Grimes rgrimes@freebsd.org From nobody Thu Mar 2 09:35:24 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PS5Yp17Wzz3vbgD for ; Thu, 2 Mar 2023 09:35:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PS5Yp07rzz3r0p for ; Thu, 2 Mar 2023 09:35:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677749726; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=R1Bammobt9il41imIEOTPZmEislGmKW6mLgWs2pyAJA=; b=MpAXuqX2Hd6+Y9HS6hkr5oVmuLWpuQPqPJ5ZSaD+1o6meITmtwPvcAJIRGkcg96qVMTzKP Usn6REJr+J1LrlAVA5LcUebQhAjiBViGK6F93n2+vRGE1ABM85NvdlijKQZFoitbOyqPiH 2J4XKea2OKo1FvrTGmI0Ih5ROpDjEkCG1XO0neR2Nd8PMKnzoCmzXKVwDpRKYyPtE6JYss IkS3I22+CskoaN3/f39dTwDd4pF6JDcvuMQlHAXPN1FWX15Y5GGablBFa8jSVEDMumdsnY uyME8YT8oDJYKmkKEZT7SFYf+Qu2jMNyPf3H9WgVWzOdMsB+2t2SPT/ryq4orQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677749726; a=rsa-sha256; cv=none; b=FRmuWrfvnvZoXp8ihkkX+aZEm/U0FP5i7hOtL/BeLoEtio6JG8jTSspWoK7+ejIpDiPR5H Krajgu4Qi3E+2iqvYLvrRMbLyeYA3HcRN5eTBKbRgdOT/NHtprz6CEo2IYLCbuO7eajLpN w44FYGKOpDv51DRHeFtcnnV4x4XzAXKAFmZS3YVnEdQNESa5OKQdznWtEA/LtEcl8s3sVu UQby5HE5x9q3oaXcDDPojqHYWbT4sxtjjYVuT0g6JJNR8FVYnCyOWdMqPTrzN+txnoxy1e IPM9UWgCNjwgJosjaZNWW1R4CAkYgz9Viy5B6NHQEW8n/s7aTAnFeMMd9frw6w== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PS5Yn6Kn6z1B8h for ; Thu, 2 Mar 2023 09:35:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3229ZPwj021750 for ; Thu, 2 Mar 2023 09:35:25 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3229ZPvG021748 for net@FreeBSD.org; Thu, 2 Mar 2023 09:35:25 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 257709] netinet6: Set net.inet6.icmp6.nodeinfo default to 0 Date: Thu, 02 Mar 2023 09:35:24 +0000 X-Bugzilla-Reason: CC AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: needs-patch, needs-qa, security X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: zlei@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? mfc-stable13? mfc-stable12? mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D257709 --- Comment #4 from Zhenlei Huang --- RFC 4620 is still experimental then I thinks it is safe to set `net.inet6.icmp6.nodeinfo` default to 0 . --=20 You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.= From nobody Thu Mar 2 10:06:53 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PS6GF5txXz3vd7Y for ; Thu, 2 Mar 2023 10:07:01 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.franken.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PS6GF27Xpz3v7w; Thu, 2 Mar 2023 10:07:01 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Authentication-Results: mx1.freebsd.org; none Received: from smtpclient.apple (unknown [IPv6:2a02:8109:1140:c3d:c64:cf31:7eab:fd78]) (Authenticated sender: lurchi) by drew.franken.de (Postfix) with ESMTPSA id F3B1E7213B547; Thu, 2 Mar 2023 11:06:53 +0100 (CET) Content-Type: text/plain; charset=us-ascii List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\)) Subject: Re: BPF to filter/mod ARP From: Michael Tuexen In-Reply-To: <202303020124.3221ODrn060000@gndrsh.dnsmgr.net> Date: Thu, 2 Mar 2023 11:06:53 +0100 Cc: "Scheffenegger, Richard" , "freebsd-net@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: <202303020124.3221ODrn060000@gndrsh.dnsmgr.net> To: "Rodney W. Grimes" X-Mailer: Apple Mail (2.3731.400.51.1.1) X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=disabled version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail-n.franken.de X-Rspamd-Queue-Id: 4PS6GF27Xpz3v7w X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:680, ipnet:2001:638::/32, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > On 2. Mar 2023, at 02:24, Rodney W. Grimes = wrote: >=20 >> Hi group, >>=20 >> Maybe someone can help me with this question - as I am usually only=20= >> looking at L4 and the top side of L3 ;) >>=20 >> In order to validate a peculiar switches behavior, I want to adjust = some=20 >> fields in gracious arps sent out by an interface, after a new IP is=20= >> assigned or changed. >=20 > Gracious or Gratuitous? >=20 >>=20 >> I believe BPF can effectively filter on arbitrary bit patterns and=20 >> modify packets on the fly. >=20 > It can. >=20 >>=20 >> However, as ARP doesn't seem to be accessible in the ipfw=20 >> infrastructure, I was wondering how to go about setting up an BPF to=20= >> tweak (temporarily) some of these ARPs to validate how the switch = will=20 >> behave. >=20 > ipfw is IP firewall, a layer 3 function. Arp is a layer 2 protocol, > so very hard to do much with it in ipfw, but perhaps the layer2 > keyword, and some use of mac-type can get it to match an arp > packet. Arp is ethernet type 0x806. >=20 > ipfw add 111 count log all from any to any layer2 mac-type arp > That does seem to work > ipfw -a list 111 > 00111 4 0 count log ip from any to any layer2 mac-type 0x0806 >=20 > Also normally ipfw does NOT pick packets up early enough to see > them, to get the layer2 option to work you need: > sysctl net.link.ether.ipfw=3D1 so that the filters at ether_demux > get turned on. >=20 > So perhaps use a divert rule and send them to a socket where > a program can mangle them, and then return them to ipfw > and hopefully the kernel does what you want after that... I thought that you receive/send an IP packet on a divert socket, not an ethernet frame. Am I wrong? Best regards Michael >=20 >> (I need to validate, if there is some difference when the target=20 >> hardware address doesn't conform to RFC5227 - which states it SHOULD = be=20 >> zero and is ignored on the receiving side; i have reasons to believe=20= >> that the switch needs either a target hardware address of=20 >> ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update it's=20= >> entries.) >>=20 >> Thanks a lot! >>=20 >> Richard >>=20 >=20 > --=20 > Rod Grimes = rgrimes@freebsd.org >=20 From nobody Thu Mar 2 10:07:04 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PS6GK5VTBz3vdMh for ; Thu, 2 Mar 2023 10:07:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PS6GK2lZjz3vZG for ; Thu, 2 Mar 2023 10:07:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677751625; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=C85ZInBkLdtM3QiRFO0LJCmkk1een9b45d4Ez2UWnXs=; b=x3aM3Ztlc/upXQ3IymPcqKkoamjX+SadXl2n9xqCFG2ohu0rRvxRxZsDXY4F41etBLswY+ euDE31vyEB1XMOHeQ+aapj72qMxal3ZHMN0G9XUn5LWY2n/nO+Im8aR2UwX5Gc3Dz3l4e8 Es2NoFI7p1rv/BU2mTuMQA7iJzbHC4u5OxP2aZyPJtavLI7Vvsdau1Cxb8GIQHmRPJob26 fz8Epad1MIYZFSBJEI6aicRfT9VjN/7EXqvCyJfFf+N2Iqm2bJrv2g7FrsCYuAJ2eB8meo 7SFIHnZ/PPMQqeJ3xgZ4ezMJ9IKu6rHHFEYbMe6D/6GKq5Rcg+XL2b2UByjAvQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677751625; a=rsa-sha256; cv=none; b=nvHjhdamQrZ8MwpexpXCrAy0PBZrlxw+r9wfZJvULqpawkCQDWbfR+MV14N9YXIZ8gR0zx EuEOlggkd3auCyX9+ftFtHojUjKUokeFBGoMydp7o5W/L0VwqXJ1n1RRAQPErL2M4XW5q0 Dh793WaW4mXgyTbbGlq+YPUrooE8Tm0X5SbEf7/mso/IAMol1mqLwVCrcMLhB0n5Hjwooa CJi+5cobVQAZ9JbArqORBuR2o+O3YhbWBDtEAloFmlSN66vRift/vVrC0bUPN9stuz8EjK lvtc/kBQhE7j30nkYlR8ro+oOOFUYeSiIW2b2PA/Ws4tFNWd+A7iFEdQbl1yYA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PS6GK1LVyz1BMk for ; Thu, 2 Mar 2023 10:07:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 322A75V4065039 for ; Thu, 2 Mar 2023 10:07:05 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 322A75cG065038 for net@FreeBSD.org; Thu, 2 Mar 2023 10:07:05 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 257709] netinet6: Set net.inet6.icmp6.nodeinfo default to 0 Date: Thu, 02 Mar 2023 10:07:04 +0000 X-Bugzilla-Reason: AssignedTo CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: needs-patch, needs-qa, security X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: kaktus@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? mfc-stable13? mfc-stable12? mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D257709 --- Comment #5 from Pawel Biernacki --- Making it into 13.2-R is out of question because it: 1) changes default in minor release 2) it's too late as the RC1 is behind the corner 14.0 is a good target release for this change. It'd require RELNOTES entry though. --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.= From nobody Thu Mar 2 16:26:33 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSGhC5qCGz3w0cd for ; Thu, 2 Mar 2023 16:26:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSGhC4mVVz4WjS for ; Thu, 2 Mar 2023 16:26:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677774395; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+nT6gw5bDrb3vli0HxuAbECWocNJCeXu8qwlp0TmXBQ=; b=oIZh77SA1bpcarg2JWtSbAZg1gV6uGwkPIdn2Og967/prkGr9MZzwISexzfzKzwqom96N+ 0V1+qlAk+sPlyZ8818g7HKT0ql7FRvWOqpSiPh3PYVv2LzrDZB2t4R8fSiN86KXpztxu3V C3dYEZDLwoIIVuiLHaGjAS7qMCE8J95Zb3PZOywf1skHdJJySnQwwavx1ERf7ErKgNVDE+ 4/tMgVIlOu72A+t8HRajegOZzhmLxGIc6/vyoiKgs1aNgjm+LWRNS6ppqMOk89yRjBEy9q BEQvyIbPrrX2QvkWz75Vh8q8FE+RdgdE5zJC6vB9dsBq8vgKZpWxlNZ8sNFtGQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677774395; a=rsa-sha256; cv=none; b=VKAN5+opYm8liluC2MAIsOgkET/2u7i+wYFkkQlx4EQnQv/J1Bu4mXur+LeQpTNr5QD070 bnRnJlyyV7bEUoRYB06FVeDoPM4ft2pGqaWiNGFdmWw0C/2aadgmr9lmyJTFpwOUQJy/uk 5XReftFME7zB7akZKDzz7kKIfe8/dhm7UUFLK/t3/hHCZrwrPzFLDUTYiziY17jXQtvUAu uZaMud2BzlttSYfqCKoNiNfAfuiv6nd+VCAUEmlxyCgHPsnlJinSH288Yx/cRrbtINZe7v UoYQ0y6SS7H0/RNexbOJgBDrxrcWwmQ5oUw9y2GLeh5JArOEfqcvsvSexTD2VQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSGhC3rHWzMtP for ; Thu, 2 Mar 2023 16:26:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 322GQZTH016417 for ; Thu, 2 Mar 2023 16:26:35 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 322GQZkL016416 for net@FreeBSD.org; Thu, 2 Mar 2023 16:26:35 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 268246] crash and panic using pfsync on 13.1-RELEASE Date: Thu, 02 Mar 2023 16:26:33 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D268246 --- Comment #90 from commit-hook@FreeBSD.org --- A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3Ddacffdd4dc511ae73e8fd3eb19f9efe4e= cb26ba1 commit dacffdd4dc511ae73e8fd3eb19f9efe4ecb26ba1 Author: Kristof Provost AuthorDate: 2023-02-14 06:11:38 +0000 Commit: Kristof Provost CommitDate: 2023-03-02 11:15:28 +0000 pfsync: support deferring IPv6 packets When we send out a deferred packet we must make sure to call ip6_output() for IPv6 packets. If not we might end up attempting to ip_fragment() an IPv6 packet, which could lead to us reading outside of the mbuf. PR: 268246 Reviewed by: melifaro, zlei MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D38586 (cherry picked from commit 9a1cab6d79b7286e5f650f57ed95625e6ddb8e4b) sys/netpfil/pf/if_pfsync.c | 71 ++++++++++++++++++++++++++++++++++++------= ---- 1 file changed, 56 insertions(+), 15 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Mar 2 16:26:36 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSGhF0XY7z3w0Mw for ; Thu, 2 Mar 2023 16:26:37 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSGhD6J0Dz4WlJ for ; Thu, 2 Mar 2023 16:26:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677774396; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Tgn/f5rzhmve8gXTMC8ZXv0NW/uavZe5e03T3nypZQw=; b=lWyPV3FCq24EEXTQfSZPutskw2z/BAcH8IpmLsCDSkrWorDQ6WZ90Fscssr52pg/lrBKx7 AXbw/sDVVRRXs2YP/kHd/YfZJdoFT5Zsj5h5yVXHf1oHy8K7apNAW2gX40aP9/LN4+dMNZ q4ln3zsY86Gd9G5gVNH7mxaEuOe3lKm0UZz2eg/+xyX5IFlb4sHHNOidjroNNgdVfN5Dds oh0U1aVY3xwZdk238LP2e/OABiB7GXveDv57NVc6QJjJ/TKqor0eT1ze0ezQ8OX2bIL+Ho WZDkkIsZR29HOu0+eOu+iOBW1dQgBxvAJHnWdUH9gs0tEFK2FLlceDOsOaoYFg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677774396; a=rsa-sha256; cv=none; b=fnYtDqxo3fCLW5AT/R4Zs9AWHe+Ts4a66j6N9IPgaqZbFEuwrISXqqPh/eTzUTLEus6b5J r88kfLeX0tSYyvdJk26ECI9FHDQGcQRROhSIGGZoLQBKL9bVssdIAF3xH+BNQxPtepSfP1 0vvvSyLgdOgU2O742tXYrWBBEUm4GeUo0E2m5Hc58A0+eOJLbP+4lXMpfZQbuoIcDweZWT b3Khg7HkKPcDo2K26eZyLq+UD+37/hvlLcR4dJXeT0CYrLpPpVQ0Oks5qf9VouBT8Alktw 1pq2hLs6r8Fle8BRxxJ/5eGdS2ilV6y6hhY/TqfmZPMZIHoCoqds001TkZT+6Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSGhD5NNhzNVZ for ; Thu, 2 Mar 2023 16:26:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 322GQaox016444 for ; Thu, 2 Mar 2023 16:26:36 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 322GQaWJ016443 for net@FreeBSD.org; Thu, 2 Mar 2023 16:26:36 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 268246] crash and panic using pfsync on 13.1-RELEASE Date: Thu, 02 Mar 2023 16:26:36 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D268246 --- Comment #91 from commit-hook@FreeBSD.org --- A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D3dec62eded04eaf431bf0948f4e6412de= ede87d5 commit 3dec62eded04eaf431bf0948f4e6412deede87d5 Author: Kristof Provost AuthorDate: 2023-02-14 06:11:38 +0000 Commit: Kristof Provost CommitDate: 2023-03-02 16:21:59 +0000 pfsync: support deferring IPv6 packets When we send out a deferred packet we must make sure to call ip6_output() for IPv6 packets. If not we might end up attempting to ip_fragment() an IPv6 packet, which could lead to us reading outside of the mbuf. PR: 268246 Reviewed by: melifaro, zlei MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D38586 (cherry picked from commit 9a1cab6d79b7286e5f650f57ed95625e6ddb8e4b) sys/netpfil/pf/if_pfsync.c | 71 ++++++++++++++++++++++++++++++++++++------= ---- 1 file changed, 56 insertions(+), 15 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Mar 2 16:28:15 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSGk82ddlz3w0Hp for ; Thu, 2 Mar 2023 16:28:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSGk81YKCz4Xsf for ; Thu, 2 Mar 2023 16:28:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677774496; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zYCrvxMBC75qk3knbDGaJAyLc2bC/X5hbq5sMBbdecI=; b=K8kwhMIlIsGJeXCDTtSZbYIYTXS780u1rZp6EnqbLzVkaKHuO+IrfX0LBBaS8q0H/r8jzt kGOBLSuSsM7wCx/I0Uj6rjHOk36h4fO5mxMPkoGzSadNFc/pSa34+RMTvMksy03yIqVYjV LOQsJwDTWOCO6VtynJJJz65x7d+o2sW0JTz5QR7CKIbsGX9TOX+uLaLtQCgRiYr79KTf5U plKlpoeFBR5+8AurUclrWCynlD1VeRxLgQTe/hiEXUBtqy16KZzOGBAHLNH1arGZ00UbFz uz8qVZMK2sMzslTwT57w7bS5T4RO61f1+0ET5xRj+t6HUgkVdWNf/KahT2a30w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677774496; a=rsa-sha256; cv=none; b=Rwc58Kig+OHRISKQmnHw4vW+hwVq+moxzshhqdyDBDDDu4RNv38q6oIJQsi1tHIoJHZg6u 9CzPlFbq3UE/Ere2Uo7d7XC6QGDmOiD7ndTKOptdOTgCI+bm9GnUDr0jDN0fFXWPiTFG3+ TRYIxMiRckQBgvdqTn4WwpCW80FkJFqMGd1iVPWqqZc6JwviIC7OwuD56VpTmKyp8xiRnz l3UBlr28e1vIT3EMGD5XvQWahxizyT1MW3KIFkRF3j1GImSnl62hXtKgBb7GJf4wVVB+gN 7QwTtYDu5HXXSAFfUw3cwZxo2EIaBL2gjAYQAtvWbVZBzpmKdkMPvDHc0LnfuQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSGk80cvfzMtS for ; Thu, 2 Mar 2023 16:28:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 322GSGFE017139 for ; Thu, 2 Mar 2023 16:28:16 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 322GSGPK017138 for net@FreeBSD.org; Thu, 2 Mar 2023 16:28:16 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 268246] crash and panic using pfsync on 13.1-RELEASE Date: Thu, 02 Mar 2023 16:28:15 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status resolution Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D268246 Kristof Provost changed: What |Removed |Added ---------------------------------------------------------------------------- Status|In Progress |Closed Resolution|--- |FIXED --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Mar 2 16:56:10 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSHLb5vmWz3w1mC for ; Thu, 2 Mar 2023 16:56:23 +0000 (UTC) (envelope-from raul@b2n.org) Received: from mail3.custos.es (mail3.custos.es [5.2.90.130]) by mx1.freebsd.org (Postfix) with ESMTP id 4PSHLZ5zqXz4cKr for ; Thu, 2 Mar 2023 16:56:22 +0000 (UTC) (envelope-from raul@b2n.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=b2n.org header.s=dkim header.b=j+Jjx4FO; spf=pass (mx1.freebsd.org: domain of raul@b2n.org designates 5.2.90.130 as permitted sender) smtp.mailfrom=raul@b2n.org; dmarc=pass (policy=none) header.from=b2n.org Received: from plank.b2n.org (plank.b2n.org [185.150.100.31]) by mail3.custos.es (Postfix) with ESMTP id E4A11125EA9 for ; Thu, 2 Mar 2023 17:56:16 +0100 (CET) Received: from turing.b2n.org (turing [10.64.3.2]) by plank.b2n.org (Postfix) with ESMTP id B50252FEB2 for ; Thu, 2 Mar 2023 17:56:11 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=b2n.org; s=dkim; t=1677776169; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HNucxnkJFjyPOi8ACcnTXxydutt1n9/fGTopa2j3Kqw=; b=j+Jjx4FOX0gkbqo1XHHfsf8uhIdIp26v2xBot8ClYIXzSrtwR20rJTv8azh7+uZhw0WAZj i2Az4dKgkhq7uyaGRfivZZpf2/xldXI36AeHRIC/HJ1Yaoi+Q0zbxnUJCKI6TfBcirH8TF KGecEBlqlwwxEt6G64TG51wjHjnslucXLvYIhffJhA+KcAqxs8aae1UaLQ5DLhG96p7wVJ P35kvl2EAW/GHg8w4Xk1oklPnFP0nEnDyAp6/kn8izSRN0Za93jRdDkduTk072AxZDfy3C QCap1azqub1m8UaUAe4o2Qx49/z2QJQXkd5AkTKCIkqg10hP/8ZA2OFyHwd/oQ== Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by turing.b2n.org (Postfix) with ESMTPSA id 5CEF01E716 for ; Thu, 2 Mar 2023 17:56:10 +0100 (CET) Message-ID: Date: Thu, 2 Mar 2023 17:56:10 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Subject: Re: mlx5en & tcpdump -Q Content-Language: es-ES To: freebsd-net@freebsd.org References: <6618db6d-a12b-f73d-e2fb-d59351e7be30@freebsd.org> From: =?UTF-8?B?UmHDumw=?= In-Reply-To: <6618db6d-a12b-f73d-e2fb-d59351e7be30@freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spamd-Result: default: False [-2.90 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_MIXED_CHARSET(1.00)[subject]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.996]; DMARC_POLICY_ALLOW(-0.50)[b2n.org,none]; R_SPF_ALLOW(-0.20)[+a:mail3.custos.es]; R_DKIM_ALLOW(-0.20)[b2n.org:s=dkim]; RCVD_NO_TLS_LAST(0.10)[]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[b2n.org:+]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:198432, ipnet:5.2.90.0/24, country:ES]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_ALL(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MID_RHS_MATCH_FROM(0.00)[] X-Rspamd-Queue-Id: 4PSHLZ5zqXz4cKr X-Spamd-Bar: -- X-ThisMailContainsUnwantedMimeParts: N El 1/3/23 a las 22:08, Scheffenegger, Richard escribió: > Does anyone know if this functionality is available already, or any > plans to implement this for mlx5en ? It works here, tried -Q in, out and inout, on '13.2-BETA3 releng/13.2-d0e8ce556' [....] $ dmesg | grep Mell mlx5: Mellanox Core driver 3.7.1 (November 2021) $ pciconf -l | grep core0 mlx5_core0@pci0:9:0:0: class=0x020000 rev=0x00 hdr=0x00 vendor=0x15b3 device=0x1017 subvendor=0x15b3 subdevice=0x0020 [....] Regards, Raúl From nobody Thu Mar 2 17:20:00 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSHsx2qnDz3w3dx for ; Thu, 2 Mar 2023 17:20:05 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSHsw4TxVz3CwZ; Thu, 2 Mar 2023 17:20:04 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Authentication-Results: mx1.freebsd.org; none Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 322HK0Y1062746; Thu, 2 Mar 2023 09:20:00 -0800 (PST) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 322HK0FY062742; Thu, 2 Mar 2023 09:20:00 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202303021720.322HK0FY062742@gndrsh.dnsmgr.net> Subject: Re: BPF to filter/mod ARP In-Reply-To: To: Michael Tuexen Date: Thu, 2 Mar 2023 09:20:00 -0800 (PST) CC: "Rodney W. Grimes" , "Scheffenegger, Richard" , "freebsd-net@freebsd.org" X-Mailer: ELM [version 2.4ME+ PL121h (25)] List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4PSHsw4TxVz3CwZ X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > > On 2. Mar 2023, at 02:24, Rodney W. Grimes wrote: > > > >> Hi group, > >> > >> Maybe someone can help me with this question - as I am usually only > >> looking at L4 and the top side of L3 ;) > >> > >> In order to validate a peculiar switches behavior, I want to adjust some > >> fields in gracious arps sent out by an interface, after a new IP is > >> assigned or changed. > > > > Gracious or Gratuitous? > > > >> > >> I believe BPF can effectively filter on arbitrary bit patterns and > >> modify packets on the fly. > > > > It can. > > > >> > >> However, as ARP doesn't seem to be accessible in the ipfw > >> infrastructure, I was wondering how to go about setting up an BPF to > >> tweak (temporarily) some of these ARPs to validate how the switch will > >> behave. > > > > ipfw is IP firewall, a layer 3 function. Arp is a layer 2 protocol, > > so very hard to do much with it in ipfw, but perhaps the layer2 > > keyword, and some use of mac-type can get it to match an arp > > packet. Arp is ethernet type 0x806. > > > > ipfw add 111 count log all from any to any layer2 mac-type arp > > That does seem to work > > ipfw -a list 111 > > 00111 4 0 count log ip from any to any layer2 mac-type 0x0806 > > > > Also normally ipfw does NOT pick packets up early enough to see > > them, to get the layer2 option to work you need: > > sysctl net.link.ether.ipfw=1 so that the filters at ether_demux > > get turned on. > > > > So perhaps use a divert rule and send them to a socket where > > a program can mangle them, and then return them to ipfw > > and hopefully the kernel does what you want after that... > I thought that you receive/send an IP packet on a divert socket, not > an ethernet frame. Am I wrong? That is unclear to me, technically it should just be a binary blob and the kernel and userland just have to agree as to what it is. Understand that ipfw originally only had IP layer functionality. The ability to muck with layer2 was added later, so I suspect the documentation about what is sent over the divert socket may be out of date. Simple enough to test though, just setup as I show above only change to: ipfw add 111 divert 4444 all from any to any layer2 mac-type arp and write a program to dump what you get on the divert socket. I suspect you get an ethernet frame. And finally divert(4) says: NAME: divert kernel packet diversion mechanism That says packet, so again, IMHO, it should be arbitrary to what layer. It also later says "Divert sockets are similar to raw IP sockets", I think similar is the key aspect here, they are not identical. > > Best regards > Michael > > > >> (I need to validate, if there is some difference when the target > >> hardware address doesn't conform to RFC5227 - which states it SHOULD be > >> zero and is ignored on the receiving side; i have reasons to believe > >> that the switch needs either a target hardware address of > >> ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update it's > >> entries.) > >> > >> Thanks a lot! > >> > >> Richard > >> > > > > -- > > Rod Grimes rgrimes@freebsd.org > > > > > -- Rod Grimes rgrimes@freebsd.org From nobody Thu Mar 2 17:45:35 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSJRd4j0Vz3w4Z1 for ; Thu, 2 Mar 2023 17:45:49 +0000 (UTC) (envelope-from vitspec@gmail.com) Received: from mail-vs1-xe2f.google.com (mail-vs1-xe2f.google.com [IPv6:2607:f8b0:4864:20::e2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSJRb6nBHz3HDn; Thu, 2 Mar 2023 17:45:47 +0000 (UTC) (envelope-from vitspec@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=gyL6KR0j; spf=pass (mx1.freebsd.org: domain of vitspec@gmail.com designates 2607:f8b0:4864:20::e2f as permitted sender) smtp.mailfrom=vitspec@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-vs1-xe2f.google.com with SMTP id v27so41555vsa.7; Thu, 02 Mar 2023 09:45:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=PNWdF3bCnl37BD3/ulXtPhdDNvs/J5StS70nizxrfBY=; b=gyL6KR0jA6i74uryTb1vbBALODsy8T4rq0lSEXLuqEnf/OSr9i5+M/uqp7qJBqi3E/ lDEZPjrGhxG0qRdPBdHGyvfJ3D6vOFcEhBIVdF5uhOHATBjvI9MJ6JrU+Fmcyaw1m0rQ MVaajWJ4F7hBHQNYuBF9W30aJt3W7d7MCxgwewGELdNEtgscSt2ASBN3+9a+KvUmBIWd JHIZt4IswByJGNvpQgbr3iXgqMpJsS9vPbcanYgTa1h08qRLJs6xDHATrYFFQtTQJU3l U6HkOaK3UKzRU4qLIhwdVdy62zjlcGMmR06CIjhdobPxlGK9XNA2TnzziL1aN6HEQo8v w6Fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=PNWdF3bCnl37BD3/ulXtPhdDNvs/J5StS70nizxrfBY=; b=cgHBMOj8a8dGYF9aBLx93iXukCmMQi2ClPTUeZ+NJYZ3/PmX8J2JMi6TD1xbmfvImr pjaSwACNzE+4TQOK54XQHpzTIuz6XpJ2JasfdYqshCBqI0m34RRbXvDT7ub+yAFXq4Jz YB5W/34DULFEifdAuLlrHOy25PqvXOhZEy6T9xlVv6w25PhYtH2hnj7TlCbNErQ90sxd kIC1M+rBcSWCV1FO7d13NvByBbU+hjUM8qkTCjxfbLXWoLzhBC7NznQ7LMG0UQAHwQG0 GwAIavqa/UR9Gu98SVwFP8SUaRPLPnceBM8/Z1/zi9VnVbDT6796A6o6P/ppBy5yO5Ar iDVw== X-Gm-Message-State: AO0yUKU30Clc+zPuZoGDhyhuG8LXwrzJSFytGfkdpwA9AmqV1Ruf9xeu pG5XB2heVUrFc6NpJrv6+VN9Dc4AA6rfQWfkRfv9livp X-Google-Smtp-Source: AK7set99jCK6KxnWXj4ofjm+UBXEifdMStlSYAhMIvEItaVRS8v1aR19XqABMg0C4xExS6wZgh6ufN2Xk3wxSrypd/4= X-Received: by 2002:a05:6102:2148:b0:402:9b84:1be4 with SMTP id h8-20020a056102214800b004029b841be4mr7091477vsg.6.1677779146533; Thu, 02 Mar 2023 09:45:46 -0800 (PST) List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Victor Gamov Date: Thu, 2 Mar 2023 20:45:35 +0300 Message-ID: Subject: Re: ECMP, DF-bit and ICMP "Fragmentation needed" To: Alexander Chernikov Cc: freebsd-net Content-Type: multipart/alternative; boundary="0000000000000a701d05f5ee6621" X-Spamd-Result: default: False [-1.90 / 15.00]; URI_COUNT_ODD(1.00)[1]; HTTP_TO_IP(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.90)[-0.904]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::e2f:from]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; DKIM_TRACE(0.00)[gmail.com:+]; TO_DN_ALL(0.00)[]; MID_RHS_MATCH_FROMTLD(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCPT_COUNT_TWO(0.00)[2]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_COUNT_TWO(0.00)[2] X-Rspamd-Queue-Id: 4PSJRb6nBHz3HDn X-Spamd-Bar: - X-ThisMailContainsUnwantedMimeParts: N --0000000000000a701d05f5ee6621 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, 27 Feb 2023 at 13:57, Alexander Chernikov wrote: > > > > On 26 Feb 2023, at 12:07, Victor Gamov wrote: > > > > Hi All > > > > I have following scheme: > > - LAN segment 10.5.8.0/24 with router1 (10.5.8.1) and MTU=3D1500 > > - two hosts at LAN segment host21 (10.5.8.21) and host22 (10.5.8.22) > > - host21 and host22 has VIP=3D172.16.110.30 configured as LAN-interface > alias > > - host21 and host22 ha BGP peering with router1 and announce VIP to > router1 > > - hostX somewhere at intranet > > - ipsec-tunnel with MTU=3D1400 > > > > ECMP works fine and traffic from other segments to VIP is balanced > between host21+host22 by router1. > > > > The problem is: > > when host21 and/or host22 send large packet with DF-bit using VIP as > source then ipsec-router sends ICMP "Fragmentation needed" and then this > ICMP is _always_ sent to only host22 by router1. > > > > I think it may be hard or impossible to find proper VIP-owner to send > this ICMP. Is it possible to propagate such ICMP to all VIP-owners in > router1 routing-table? Or may some data from ICMP message be used to > properly calculate ECMP-hash to find a real VIP-owner which must receive > this ICMP? > Generally it=E2=80=99s pretty hard to do. The path may go through the mul= tiple > routers which has it own hash calculation + seed to avoid the traffic > polarisation. Personally I=E2=80=99d suggest doing some sort of ICMP repl= ication on > either the source node or the hosts. > Hi Alexander! Thanks for your reply. In my scheme router1 can replicate such ICMP to all VIP-owners. And only router1 knows about both host21+host22 peers -- for all other network devices this VIP is behind router1. --=20 CU, Victor Gamov --0000000000000a701d05f5ee6621 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Mon, 27 Feb 2023 at 13:57, Alexand= er Chernikov <= melifaro@freebsd.org> wrote:


> On 26 Feb 2023, at 12:07, Victor Gamov <vitspec@gmail.com> wrote:
>
> Hi All
>
> I have following scheme:
> - LAN segment 10.5.8.0/24 with router1 (10.5.8.1) and MTU=3D1500
> - two hosts at LAN segment host21 (10.5.8.21) and host22 (10.5.8.22) > - host21 and host22 has VIP=3D172.16.110.30 configured as LAN-interfac= e alias
> - host21 and host22 ha BGP peering with router1 and announce VIP to ro= uter1
> - hostX somewhere at intranet
> - ipsec-tunnel with MTU=3D1400
>
> ECMP works fine and traffic from other segments to VIP is balanced bet= ween host21+host22 by router1.
>
> The problem is:
> when host21 and/or host22 send large packet with DF-bit using VIP as s= ource then ipsec-router sends ICMP "Fragmentation needed" and the= n this ICMP is _always_ sent to only host22 by router1.
>
> I think it may be hard or impossible to find proper VIP-owner to send = this ICMP.=C2=A0 Is it possible to propagate such ICMP to all VIP-owners in= router1 routing-table? Or may some data from ICMP message be used to prope= rly calculate ECMP-hash to find a real VIP-owner which must receive this IC= MP?
Generally it=E2=80=99s pretty hard to do. The path may go through the multi= ple routers which has it own hash calculation + seed to avoid the traffic p= olarisation. Personally I=E2=80=99d suggest doing some sort of ICMP replica= tion on either the source node or the hosts.
=

Hi Alexander!

Thanks for your = reply.

In my scheme router1 can replicate suc= h ICMP to all VIP-owners.=C2=A0 And only router1 knows about both host21+ho= st22 peers -- for all other network devices this VIP is behind router1.

--
CU,
Victor Gamov
--0000000000000a701d05f5ee6621-- From nobody Thu Mar 2 18:48:44 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSKrF3yZfz3w82d for ; Thu, 2 Mar 2023 18:48:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSKrF2vqWz3hy1 for ; Thu, 2 Mar 2023 18:48:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677782925; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jcFpKbfLrZxlJU6wrw7wSAGDeiq0Cm+zY0a2pTuT9GU=; b=hNROskNjcOTDZYrNGs5/CWocFvC3fKWwCTJToJ+uxzvfLf8ODuEVlkqRbJY1OsONp3qV5C SygUk/5y5p2WKtz8V8BbC3L7bccb+bocofF07BQfd6qKYF9jOjsYE08390QDklaSugX+Yp qsMcP8LsNss6l8kyRDfWV8XVnfegMTYYCFbfMnLHy3tS38rzmUV/GjXN1m53Vc5paANj4j H7yEwTLvSPbEwcFFNsaex1Snck7nNw2P6wle3sg4r7MnW1B3NhjeucQVd6PvE/4+dZXWJN 54z/J0meSmOOU1BXC0sLzqi4+oQEbmYbDPHc6zXoM5h7KUb1uNo5LhGxjJySaA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677782925; a=rsa-sha256; cv=none; b=xeoyI8GHPy5YaNMSsXxJre3RFphRtZbJwtzMjdK2aLzOKTZQRa3lXYwA8rKK0RQFrOjR6t rkx7Csw9b7WhRn3vryv1Ma2yB4s7oTFOJyp2d+wuBAXMRgWjr1lGe1tOnE6pf36dmhZ2m1 CgPKb9imCK4okodJxX389rRXha+hSMZM267r/Im+uVfyXa9rX+aQ0De0/6aoWrWYG6tzMZ I/ljTZzIYnXIwxgH+r9EBuGwudij/iUk9XN85EmtBhu4Neo3ObhLw2XaaQZ8J3oUlvNcRs WHjNJrKRDDCuHC2yLVvQ8LMB5DGLE/VMbZVODTYxO09r+ugtIBkmR9HMCBCbaw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSKrF20ytzS8N for ; Thu, 2 Mar 2023 18:48:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 322Imjjd022027 for ; Thu, 2 Mar 2023 18:48:45 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 322ImjFi022026 for net@FreeBSD.org; Thu, 2 Mar 2023 18:48:45 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 237477] kernel option PF_DEFAULT_TO_DROP breaks rdr rules with pass keyword. Date: Thu, 02 Mar 2023 18:48:44 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: p5B2EA84B3@t-online.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D237477 --- Comment #2 from p5B2EA84B3@t-online.de --- Almost four (4) years later: When will this be fixed? --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Mar 2 19:23:17 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSLc520wRz3w9X0 for ; Thu, 2 Mar 2023 19:23:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSLc474lCz3nk5 for ; Thu, 2 Mar 2023 19:23:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677784997; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DTRwDk6jfPwRPRgOiwLXYBe0w9zSj6utWrIcEU1egOE=; b=Sy1xWwhO4/Pv+68sZdhfiQTJ37QAgsGcZeebBN94XzW0yTh7taW/zYUWrPlnww7qP3XKYp 2xTnD/SZ/+w235B+6zEBAB7/BUD9z40M8HSEBx7rmaqtmtaZ7fvXN4eZDYIVAYSi/5Xjn8 viBBFWOffPayY1ZSjx3Orup/4rPOA5LMgTK62wCepc+u4UqtvBzVSSIBJBFEXqiot7J1ka D3vz9w5J+TW4DcDm84f02ifrkhOtvQVckf2ZcLk4EWxPjwB0j4RdqhbdPxJXAWXh9IrBmc Ixb6L5Ywodgsl5z2oZioZD5bSv2pRQfltCTT2pq66kgDkVwrJhNcJCJYqnp5pg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677784997; a=rsa-sha256; cv=none; b=tNKnUnPMYZJeHe5Pt8tj1dZYc80PIEoykPoz5NU06g9nX8fqrKn4YPp+tiZ8HGEtRIE9vn 9KFD3wl+E00AyKijGGc/2oYvNo5falmryECW4ScbLOrAk/d001HcH/sTUKpBk1zRWsUOSc wrBOldNmiCDYraHBbt8S6drM7MDB8RvWVYXHlPDl9T9sDqPfEglWy2EqQoCW0a1I/q9JuH T8ilig1R2dV3WeOc4+/ldPtcTd6LYeBWsfzhE8SO0y3wfkMFS4lLYa8IJl4pKAg7lxAzKP 2UxUS0FLQZXKiyS+mheNZfFlVzIkTJH/DJsW5+FWbWx8QySdqQCAMRi+Wo3Fkw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSLc465YgzSx0 for ; Thu, 2 Mar 2023 19:23:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 322JNGi3078705 for ; Thu, 2 Mar 2023 19:23:16 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 322JNGaW078703 for net@FreeBSD.org; Thu, 2 Mar 2023 19:23:16 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 237477] kernel option PF_DEFAULT_TO_DROP breaks rdr rules with pass keyword. Date: Thu, 02 Mar 2023 19:23:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D237477 --- Comment #3 from Kristof Provost --- (In reply to p5B2EA84B3 from comment #2) When someone cares enough to fix it. My todo list is endless, and I don't consider this to be a priority. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Mar 2 23:12:39 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSRj22Tgvz3wMkx for ; Thu, 2 Mar 2023 23:12:54 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.franken.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSRj15Phgz4B7t; Thu, 2 Mar 2023 23:12:53 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Authentication-Results: mx1.freebsd.org; none Received: from smtpclient.apple (unknown [IPv6:2a02:8109:1140:c3d:c64:cf31:7eab:fd78]) (Authenticated sender: lurchi) by drew.franken.de (Postfix) with ESMTPSA id B3CC972275C4C; Fri, 3 Mar 2023 00:12:40 +0100 (CET) Content-Type: text/plain; charset=us-ascii List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\)) Subject: Re: BPF to filter/mod ARP From: Michael Tuexen In-Reply-To: <202303021720.322HK0FY062742@gndrsh.dnsmgr.net> Date: Fri, 3 Mar 2023 00:12:39 +0100 Cc: "Scheffenegger, Richard" , "freebsd-net@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <93749673-2939-4A38-BA37-2AEBEF5764D0@lurchi.franken.de> References: <202303021720.322HK0FY062742@gndrsh.dnsmgr.net> To: "Rodney W. Grimes" X-Mailer: Apple Mail (2.3731.400.51.1.1) X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=disabled version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail-n.franken.de X-Rspamd-Queue-Id: 4PSRj15Phgz4B7t X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:680, ipnet:2001:638::/32, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > On 2. Mar 2023, at 18:20, Rodney W. Grimes = wrote: >=20 >>> On 2. Mar 2023, at 02:24, Rodney W. Grimes = wrote: >>>=20 >>>> Hi group, >>>>=20 >>>> Maybe someone can help me with this question - as I am usually only=20= >>>> looking at L4 and the top side of L3 ;) >>>>=20 >>>> In order to validate a peculiar switches behavior, I want to adjust = some=20 >>>> fields in gracious arps sent out by an interface, after a new IP is=20= >>>> assigned or changed. >>>=20 >>> Gracious or Gratuitous? >>>=20 >>>>=20 >>>> I believe BPF can effectively filter on arbitrary bit patterns and=20= >>>> modify packets on the fly. >>>=20 >>> It can. >>>=20 >>>>=20 >>>> However, as ARP doesn't seem to be accessible in the ipfw=20 >>>> infrastructure, I was wondering how to go about setting up an BPF = to=20 >>>> tweak (temporarily) some of these ARPs to validate how the switch = will=20 >>>> behave. >>>=20 >>> ipfw is IP firewall, a layer 3 function. Arp is a layer 2 protocol, >>> so very hard to do much with it in ipfw, but perhaps the layer2 >>> keyword, and some use of mac-type can get it to match an arp >>> packet. Arp is ethernet type 0x806. >>>=20 >>> ipfw add 111 count log all from any to any layer2 mac-type arp >>> That does seem to work >>> ipfw -a list 111 >>> 00111 4 0 count log ip from any to any layer2 mac-type = 0x0806 >>>=20 >>> Also normally ipfw does NOT pick packets up early enough to see >>> them, to get the layer2 option to work you need: >>> sysctl net.link.ether.ipfw=3D1 so that the filters at ether_demux >>> get turned on. >>>=20 >>> So perhaps use a divert rule and send them to a socket where >>> a program can mangle them, and then return them to ipfw >>> and hopefully the kernel does what you want after that... >> I thought that you receive/send an IP packet on a divert socket, not >> an ethernet frame. Am I wrong? >=20 > That is unclear to me, technically it should just be a binary > blob and the kernel and userland just have to agree as to > what it is. Understand that ipfw originally only had IP layer > functionality. The ability to muck with layer2 was added > later, so I suspect the documentation about what is sent > over the divert socket may be out of date. Simple enough > to test though, just setup as I show above only change > to: > ipfw add 111 divert 4444 all from any to any layer2 mac-type arp > and write a program to dump what you get on the divert socket. > I suspect you get an ethernet frame. >=20 > And finally divert(4) says: NAME: divert kernel packet diversion = mechanism > That says packet, so again, IMHO, it should be arbitrary to what = layer. > It also later says "Divert sockets are similar to raw IP sockets", > I think similar is the key aspect here, they are not identical. I can confirm that using sudo sysctl net.link.ether.ipfw=3D1 sudo ipfw add 111 count log all from any to any layer2 mac-type arp ... wait some time and observe ARP traffic via tcpdump sudo ipfw show 00111 22 0 count log logamount 5 ip from any to any layer2 = mac-type 0x0806 65535 7892 849004 allow ip from any to any So the rule is hit. However, now doing sudo ipfw delete 111 sudo ipfw add 111 divert 1234 all from any to any layer2 mac-type arp ... wait some time and observe ARP traffic via tcpdump tuexen@head:~ % sudo ipfw show 00111 0 0 divert 1234 ip from any to any layer2 mac-type = 0x0806 65535 10048 1000948 allow ip from any to any So this time, rule 111 is not hit. I also ran #include #include #include #include #include #include #define BUFFER_SIZE (1<<16) #define PORT 1234 int main(void) { char buffer[BUFFER_SIZE]; struct sockaddr_in addr; ssize_t n; int fd; if ((fd =3D socket(PF_DIVERT, SOCK_RAW, 0)) < 0) { perror("socket()"); } bzero(&addr, sizeof(addr)); addr.sin_family =3D AF_INET; addr.sin_len =3D sizeof(struct sockaddr_in); addr.sin_addr.s_addr =3D INADDR_ANY; addr.sin_port =3D htons(PORT); if (bind(fd, (struct sockaddr *)&addr, (socklen_t)sizeof(struct = sockaddr_in)) < 0) { perror("bind()"); } for (;;) { n =3D recv(fd, buffer, sizeof(buffer), 0); printf("Received %zd bytes.\n", n); } if (close(fd) < 0) { perror("close()"); } return (0); } but nothing was printed... Best regards Michael >=20 >>=20 >> Best regards >> Michael >>>=20 >>>> (I need to validate, if there is some difference when the target=20 >>>> hardware address doesn't conform to RFC5227 - which states it = SHOULD be=20 >>>> zero and is ignored on the receiving side; i have reasons to = believe=20 >>>> that the switch needs either a target hardware address of=20 >>>> ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update = it's=20 >>>> entries.) >>>>=20 >>>> Thanks a lot! >>>>=20 >>>> Richard >>>>=20 >>>=20 >>> --=20 >>> Rod Grimes = rgrimes@freebsd.org >>>=20 >>=20 >>=20 >>=20 >=20 > --=20 > Rod Grimes = rgrimes@freebsd.org From nobody Thu Mar 2 23:16:57 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSRnk4VVnz3wMmY for ; Thu, 2 Mar 2023 23:16:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSRnk3Mk9z4D5R for ; Thu, 2 Mar 2023 23:16:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677799018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Aj2dmK3soYKT4ljiOeGC8DTpMz5SHCHLl/3ugXRy7zw=; b=rwcJSLAvX2M6M8frOafFLQxd7BMuC2Sdh9BQLfils0nzJAv2FuhILUO9nBlff9s1zCedP2 KVw8PMtPu9S764c7GHUJW6l2v3bvttlXGCoxxlwuRODFFTmJiTe14YM7ftJjxwpHJwGQD4 cQuaQleO+kOeNaQLD1LofBnER5GGkuxvgmN13IvfVOdPGNrsbRPexadE2nkZffh6sTvFUu /hrmaq7xrzCInH6Fch7Gh7yCPG6GkFmHexKjvrOLKAVNoz7EOYpa6gWljY4o4QYrgAPRu0 MhwHBUc4wKaAGrgVlNuVBFY/2MZiwwEr8c5hvxqI6KdiZjU1/7Ianv4ALHQicg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677799018; a=rsa-sha256; cv=none; b=VPpgeSz5aZE6utegfhYLEPDornFsPJRUlujqD1u+d4mA/upRzhFNjzpWUu4EWNhKxpUvct HshMf6XJjTxi9MKb+2CQs97StiaQCeN0hLrIKHpGbm5hAn9n8JclBcR0vaL1lsklgYQoB/ Gss/C4WKejBcAqRwcVQVPb8K3Nd5GCIbLdQpaPdFxnmL69YfW9Ls3MG9Ufuv5ssUEcjpSC KgCMztD+PMgtz0npQxwSwM7J+h6UFQgxcA+FEGku820z5WFsYuoH7BDedvI6mSUEtapx8P 8TIOQZxiGz9mpqkui3ZPLuz5454oUhdE2qerojcjXdlC3AzdvsPBweTvTA4Lkw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSRnk1y5JzZRH for ; Thu, 2 Mar 2023 23:16:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 322NGwQ1026411 for ; Thu, 2 Mar 2023 23:16:58 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 322NGwBo026410 for net@FreeBSD.org; Thu, 2 Mar 2023 23:16:58 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 269908] CARP feature breaks the network Date: Thu, 02 Mar 2023 23:16:57 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269908 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |net@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Mar 2 23:33:46 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSS9752wnz3wP0d for ; Thu, 2 Mar 2023 23:33:47 +0000 (UTC) (envelope-from brooks@spindle.one-eyed-alien.net) Received: from spindle.one-eyed-alien.net (spindle.one-eyed-alien.net [199.48.129.229]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSS966rdsz4HGG for ; Thu, 2 Mar 2023 23:33:46 +0000 (UTC) (envelope-from brooks@spindle.one-eyed-alien.net) Authentication-Results: mx1.freebsd.org; dkim=none; spf=none (mx1.freebsd.org: domain of brooks@spindle.one-eyed-alien.net has no SPF policy when checking 199.48.129.229) smtp.mailfrom=brooks@spindle.one-eyed-alien.net; dmarc=none Received: by spindle.one-eyed-alien.net (Postfix, from userid 3001) id 8D13C3C0199; Thu, 2 Mar 2023 23:33:46 +0000 (UTC) Date: Thu, 2 Mar 2023 23:33:46 +0000 From: Brooks Davis To: net@freebsd.org Subject: Completing removal of ATM support Message-ID: List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spamd-Result: default: False [-0.60 / 15.00]; AUTH_NA(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; FORGED_SENDER(0.30)[brooks@freebsd.org,brooks@spindle.one-eyed-alien.net]; NEURAL_SPAM_SHORT(0.20)[0.201]; MIME_GOOD(-0.10)[text/plain]; MLMMJ_DEST(0.00)[net@freebsd.org]; R_DKIM_NA(0.00)[]; R_SPF_NA(0.00)[no SPF record]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:36236, ipnet:199.48.128.0/22, country:US]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[freebsd.org]; RCVD_COUNT_TWO(0.00)[2]; ARC_NA(0.00)[]; FROM_NEQ_ENVFROM(0.00)[brooks@freebsd.org,brooks@spindle.one-eyed-alien.net]; FREEFALL_USER(0.00)[brooks]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_NONE(0.00)[]; TO_DOM_EQ_FROM_DOM(0.00)[] X-Rspamd-Queue-Id: 4PSS966rdsz4HGG X-Spamd-Bar: / X-ThisMailContainsUnwantedMimeParts: N Prior to FreeBSD 12, I removed most ATM support, but left NgATM and ng_atmllc. The time is to remove them is almost certainly past. I aim to commit deprecation notices shortly and follow up with removal after a week or so. If you find they are useful (in production) on systems without support for ATM NICs, please speak up so we can discuss a different timeline. The proposed big removal commit for NgATM is: https://reviews.freebsd.org/D38879 ng_atmllc is removed in https://reviews.freebsd.org/D38880 Deprecations and a few cleanups are linked in the stack of commits. Thanks, Brooks From nobody Fri Mar 3 04:12:31 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSZLl0zZ0z3wdD3 for ; Fri, 3 Mar 2023 04:12:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSZLk6mWJz3PCk for ; Fri, 3 Mar 2023 04:12:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677816750; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/E9mWqxQRM5vr5P3mu2TbN2B6w3dp7yQJ3ir/T61syM=; b=SDnU0u6mSl+seu+DtELsmcvK0hY27Hy7owXfGtNNOwNzbAbkqoZXpjzLJsIY84kgmT+0tH JsJ9WZlKe4TSFjU4p1spquQ+8oKMiJ/DkwO6scs87t4qQ0I0dFIB70YboIwPk/uHU8lAYW dXnYAeiOU+Kjb4SHBwa3hsqQ0OoGK6Fqu2yHBr5rBPkJ9NBkOxXWnBkKTKeSY0qZaL/uXT T9MnbMOZbOuDFri3qDoNyiuMzPgjOLee6GDb+tRYelvh7YrN27uCwsskLgkeS5qxEvX9cO cNP6da9o1InNv8HdAPJAQ5fh6/SAD9KQjvd1ok5pG3AWKJG9ItZhxh8jF4chnw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677816750; a=rsa-sha256; cv=none; b=F5hb36M7/311ds31yAH7QJkbCQtc7RINMhtHCceQKtF+Sd1XsOCRI2CKCsoeyl3l9UX/xA 1LuE5uKoW63wBo2f4/5WCT6mhpnAjlYl9xFyIpIqqe19ihHc63UQ0qB3sI1I9Bn0nTBIV+ 96kTos/A5AKDsfAoq1UjQYTGOEDaodS3Z4/IxrVDtBeOqx6wDVsejXpKj20Nq/SEJED4QX ChlC1Eu3Fl/Q/tpAb5u8b53+JkIx/Fl70OBhjQ0cik0Zc877HOFO71eQ66PlzBLy4/nUhf KyntyWvWzMHznrlyUxf7ZnxCCqgM8ui8YF9wya6WY146XhDn2xHkjFCAogX3Fg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSZLk5r42zk7m for ; Fri, 3 Mar 2023 04:12:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3234CUvf065177 for ; Fri, 3 Mar 2023 04:12:30 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3234CU5x065176 for net@FreeBSD.org; Fri, 3 Mar 2023 04:12:30 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 269908] CARP feature breaks the network Date: Fri, 03 Mar 2023 04:12:31 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: franklin.suvi@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269908 --- Comment #3 from franklin.suvi@gmail.com --- Details: Machine 1:=20 Physical MAC: 00:50:56:a7:0f:7f IP Address: 10.10.4.17 Machine 2:=20 Physical MAC: 00:50:56:a7:e3:41 IP Address: 10.10.4.18 CARP:=20 Virtual MAC: 00:00:5e:00:01:01 Virtual IP: 10.10.4.19 Steps followed: 1. Configure CARP on Machine 1.=20 ifconfig nic0 vhid 1 pass testing alias 10.10.4.19/28 advskew 10 This box becomes the MASTER 2. Configure CARP on Machine 2.=20 ifconfig nic0 vhid 1 pass testing alias 10.10.4.19/28 advskew 20 This box becomes the BACKUP 3. Re-configure CARP on Machine 1, to trigger a failover. ifconfig nic0 vhid 1 pass testing alias 10.10.4.19/28 advskew 30 Since now the advskew value of Machine 1 is higher than the Machine 2's value, Machine 1 will become the BACKUP and Machine 2 will become the MAS= TER.=20 Observation / Failure.=20 At step 3, the moment Machine 2 becomes the MASTER, it makes the ARP announcement. To this announcement when the Machine 1, who is in BACKUP state, which is supposed to be quiet, responds with "Duplicate use of detected" GARP message. Interestingly at this point, the Source MAC address is the physical MAC address and the Source IP address is the Virtual IP address. Please find the attached tcpdump files captured from both the machines.=20 Due to this error, the CISCO ACI endpoint table messed up and is routing traffic to the wrong device. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Mar 3 04:13:42 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSZN66fyLz3wdVr for ; Fri, 3 Mar 2023 04:13:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSZN65Lvfz3Q05 for ; Fri, 3 Mar 2023 04:13:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677816822; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EgxFW6f3phzZENDlR+6pht5TKjEA5VkiCgFz+u+/0nM=; b=mTl1Q+JF9mIxi9f/LNstzP+6gbkBOXKT5sz86vKW/j+ZECP7DAuJKK1mpIcSprCYr3cmVk rUbsHa/dKYdexB9HFK12mg04l6FSwMhf+iOslKGpFVhgyta9cZzwrsvJKsjE6p1C7BL9yp hnpKIO7YArJuEgWMopT1yU11/FhJatcVpdtSeC/3AxLVzAxdLk5XtE82yJeWgSWnZr9M3G 1wkuwxrf+h6dFVCubfbO44X8YF1htUw3u+5EGRjKskxbblQV/b35Th3OfJ7DLzTc1QqYwp WiV3ADrEeCavFt4N5f4XNdN9gPT2/fFPY/25fuJJuURca3DTOQrCPUBEclsDMg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677816822; a=rsa-sha256; cv=none; b=wa9fDuhBZeEo9usgOKso+vphLGpS6i0gXmJgB4863wLs0Af2pyUrOxluCQGeF/6b/pEr2O B5oolZLtbNRQbF0c+3syQKXBfUKQKPt4R+QHgCdKQ8ccAN6YPJ4euH9xaVlgV38U6CPZHW yuUn8jCGE5A7WXmRSzIkzhhhFGFCtt+AStcXxz2Sawbu8yhD0fIRl1e32YKDsXDnndxqni 24iiQi37Jg9wpw1wUnHdXjDWjrm3ukWdIdzI+mUTOyrQk8dXagtGnSXWNJRW0SjzgcHaC9 2PgCs9ZojisE7/CzUybOAji6xI36lYEQ/sxlCKbmhcRkO7HLUUHRomj6OfXH1w== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSZN64Q7xzkHm for ; Fri, 3 Mar 2023 04:13:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3234DgES065611 for ; Fri, 3 Mar 2023 04:13:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3234DgTa065610 for net@FreeBSD.org; Fri, 3 Mar 2023 04:13:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 269908] CARP feature breaks the network Date: Fri, 03 Mar 2023 04:13:42 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: franklin.suvi@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269908 --- Comment #4 from franklin.suvi@gmail.com --- Created attachment 240549 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D240549&action= =3Dedit tcpdump files from Machine1 --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Mar 3 04:14:41 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSZPF2vJvz3wdxK for ; Fri, 3 Mar 2023 04:14:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSZPF1R9hz3QG8 for ; Fri, 3 Mar 2023 04:14:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677816881; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GT5jvRJ6Hm5510d8J4hVjaBv11ilsGmd3DbYpPb9oJs=; b=tPqeHQI9bCw94yzh4sNUCSDeXoP96ww+jnJyylTHbv2Ws7zLyOKKiC+YACd4ObNMDxRZwR xESKlBaSSc3IOoGTH92e7QfO+lvHq5k3uCpenYmdZUYlXU1pRjXWohT6sX9sFB1Lf863AQ Gi5UkP1hqi5rDSAjXm1D9G2+wT1isLMLnJPmR+zlRp4jgDM6WKwEkK/qnBoxu/xYuZdFqC 6pQAzDMgNROIKs9pvGo+a981Tkl0BYbqr18QRK/jXdWnqAOOYQUKywM+FFjorRrgL4bWEc 3QHKy/319DUpS2kpLxAsGIH1PEFPiTQuUMBirUhB5FWP56AGHFgm7M/PpMixVg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677816881; a=rsa-sha256; cv=none; b=IZSScqY0h0JXswohJxXDZXqKVafcOT96uSJDDArZYrInzv0OYC07BYZTgpZ9VwTkYAPGeX RCoWdXON9SG2/cksBIQy56cgTOPZKvfm9F/4vBEnXTDDM13gjvh8FmF+VCrTJahA0omn3C SvzmvIq3Wr7Tul6V7KiTAmSP1Qem2kS+MRJ7xt1FPRiSKrmR5ScVV1bAbAt/5Gom+vFE2T vJhdBdpVSe+ARuKVS+2xRezX6rXbD0rlm/bXhRXdzY1xO1JgqJmh1POiToikhuMtc6zlWJ 5btXqo4I3nXuZWD80BTjwitrPm32MaKz3wofAMhP0fUWVSbMEh7+vj3ymSM47Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSZPF0Slyzk7n for ; Fri, 3 Mar 2023 04:14:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3234EfHX065983 for ; Fri, 3 Mar 2023 04:14:41 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3234EfR8065982 for net@FreeBSD.org; Fri, 3 Mar 2023 04:14:41 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 269908] CARP feature breaks the network Date: Fri, 03 Mar 2023 04:14:41 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: franklin.suvi@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269908 --- Comment #5 from franklin.suvi@gmail.com --- Created attachment 240550 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D240550&action= =3Dedit tcpdump files from Machine2 --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Mar 3 04:26:38 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSZg32qJ9z3wfQD for ; Fri, 3 Mar 2023 04:26:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSZg31pRsz3h6C for ; Fri, 3 Mar 2023 04:26:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677817599; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rZBSs4eYeq05bWet4Hru3ea6Xy8TZMZtNIhXcwRYwkY=; b=HvmyYzdmc7m040C0biqS4gDc9x8RpR/ZnFN8AWp6PxqhDmJDs++CSH1YcWV7v+/Hw+S1Q1 2aUZKvxq8ScKNPtnclOTKKeG/x9mKb9Ft5HYG/tSdcSzWmm3y7dHlgfERQbXMHO4BO4bRM nihL6IyZCTcIcqEQznmkcZyBnzrBNG2owcj2mdueIxdLCd+Db2BkAWUSlAfGeJjpOMK31U RZzMvsU0Yxt+NVXTH6SAKIA9kIkgYgahP9fPL7PIlLyyJp9roPOF6TT4UtZaSbcVwsvW3a qOzbaqRpx04TW2raDPSpFHf7X2mWywDF1OBvICbXtb9uTXVqlgXdwlsdzE3u7A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677817599; a=rsa-sha256; cv=none; b=MEd7fjxVFyQACn+LkoOsmflkiWYtFjm8LO69P16FPMEgcjrctIeYiKV8iNmxRihmdfi2oR dlTFLxZw1SdVLrCQxdfeTEI99ZDO4ePjEDHefF28zDLuz8nLlW4uy7aP+xj3I6BchXm3FO QyJaCiqqJkV8+QKJsC6EUgSuMC8RgbjUZh+sLyT+qcag2QpAbaGKSiURlG63F2w5P4OtZy KrIqjUwlOEo9XvPlwmZVDeRHQ0d4HoHTqI3bCeV34oP+L+D2niUxCUV7YIWo5g3rjpeMfF +UUnvK7D5EzDRijyjfLzKMrCoS7WdZOe3rtZp10U8ZB37dUx3WP4mOffQgfp1Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PSZg30nK3zkJY for ; Fri, 3 Mar 2023 04:26:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3234QdjT079254 for ; Fri, 3 Mar 2023 04:26:39 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3234Qdki079253 for net@FreeBSD.org; Fri, 3 Mar 2023 04:26:39 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 269908] CARP feature breaks the network Date: Fri, 03 Mar 2023 04:26:38 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: franklin.suvi@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269908 --- Comment #6 from franklin.suvi@gmail.com --- There appears to be another race condition and could be similar to one of t= he earlier issues fixed.=20 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D191832 --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Mar 3 13:52:25 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSqD43Kw2z3vxGq for ; Fri, 3 Mar 2023 13:52:36 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSqD35ptPz4P9G; Fri, 3 Mar 2023 13:52:35 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Authentication-Results: mx1.freebsd.org; none Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 323DqQwF066349; Fri, 3 Mar 2023 05:52:26 -0800 (PST) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 323DqPjh066348; Fri, 3 Mar 2023 05:52:25 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202303031352.323DqPjh066348@gndrsh.dnsmgr.net> Subject: Re: BPF to filter/mod ARP In-Reply-To: <93749673-2939-4A38-BA37-2AEBEF5764D0@lurchi.franken.de> To: Michael Tuexen Date: Fri, 3 Mar 2023 05:52:25 -0800 (PST) CC: "Rodney W. Grimes" , "Scheffenegger, Richard" , "freebsd-net@freebsd.org" X-Mailer: ELM [version 2.4ME+ PL121h (25)] List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4PSqD35ptPz4P9G X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > > On 2. Mar 2023, at 18:20, Rodney W. Grimes wrote: > > > >>> On 2. Mar 2023, at 02:24, Rodney W. Grimes wrote: > >>> > >>>> Hi group, > >>>> > >>>> Maybe someone can help me with this question - as I am usually only > >>>> looking at L4 and the top side of L3 ;) > >>>> > >>>> In order to validate a peculiar switches behavior, I want to adjust some > >>>> fields in gracious arps sent out by an interface, after a new IP is > >>>> assigned or changed. > >>> > >>> Gracious or Gratuitous? > >>> > >>>> > >>>> I believe BPF can effectively filter on arbitrary bit patterns and > >>>> modify packets on the fly. > >>> > >>> It can. > >>> > >>>> > >>>> However, as ARP doesn't seem to be accessible in the ipfw > >>>> infrastructure, I was wondering how to go about setting up an BPF to > >>>> tweak (temporarily) some of these ARPs to validate how the switch will > >>>> behave. > >>> > >>> ipfw is IP firewall, a layer 3 function. Arp is a layer 2 protocol, > >>> so very hard to do much with it in ipfw, but perhaps the layer2 > >>> keyword, and some use of mac-type can get it to match an arp > >>> packet. Arp is ethernet type 0x806. > >>> > >>> ipfw add 111 count log all from any to any layer2 mac-type arp > >>> That does seem to work > >>> ipfw -a list 111 > >>> 00111 4 0 count log ip from any to any layer2 mac-type 0x0806 > >>> > >>> Also normally ipfw does NOT pick packets up early enough to see > >>> them, to get the layer2 option to work you need: > >>> sysctl net.link.ether.ipfw=1 so that the filters at ether_demux > >>> get turned on. > >>> > >>> So perhaps use a divert rule and send them to a socket where > >>> a program can mangle them, and then return them to ipfw > >>> and hopefully the kernel does what you want after that... > >> I thought that you receive/send an IP packet on a divert socket, not > >> an ethernet frame. Am I wrong? > > > > That is unclear to me, technically it should just be a binary > > blob and the kernel and userland just have to agree as to > > what it is. Understand that ipfw originally only had IP layer > > functionality. The ability to muck with layer2 was added > > later, so I suspect the documentation about what is sent > > over the divert socket may be out of date. Simple enough > > to test though, just setup as I show above only change > > to: > > ipfw add 111 divert 4444 all from any to any layer2 mac-type arp > > and write a program to dump what you get on the divert socket. > > I suspect you get an ethernet frame. > > > > And finally divert(4) says: NAME: divert kernel packet diversion mechanism > > That says packet, so again, IMHO, it should be arbitrary to what layer. > > It also later says "Divert sockets are similar to raw IP sockets", > > I think similar is the key aspect here, they are not identical. > I can confirm that using > sudo sysctl net.link.ether.ipfw=1 > sudo ipfw add 111 count log all from any to any layer2 mac-type arp > ... wait some time and observe ARP traffic via tcpdump > sudo ipfw show > 00111 22 0 count log logamount 5 ip from any to any layer2 mac-type 0x0806 > 65535 7892 849004 allow ip from any to any > So the rule is hit. > > However, now doing > sudo ipfw delete 111 > sudo ipfw add 111 divert 1234 all from any to any layer2 mac-type arp > ... wait some time and observe ARP traffic via tcpdump > tuexen@head:~ % sudo ipfw show > 00111 0 0 divert 1234 ip from any to any layer2 mac-type 0x0806 > 65535 10048 1000948 allow ip from any to any > So this time, rule 111 is not hit. I also ran Nice work, to me I would classify this behavior as some form of bug, the action verb of a rule in ipfw should in no way change what is matched by the rule filter. I am assuming you either had IPDIVERT compiled into your kernel, or you you had loaded the module, as you dont clearly state this. I am also uncertain on what the results are if you use the divert keyword without ipdivert.ko loaded, is it an error when the rule gets created, or is it silently ignored? > > #include > #include > #include > #include > #include > #include > > #define BUFFER_SIZE (1<<16) > #define PORT 1234 > > int > main(void) > { > char buffer[BUFFER_SIZE]; > struct sockaddr_in addr; > ssize_t n; > int fd; > > if ((fd = socket(PF_DIVERT, SOCK_RAW, 0)) < 0) { > perror("socket()"); > } > bzero(&addr, sizeof(addr)); > addr.sin_family = AF_INET; > addr.sin_len = sizeof(struct sockaddr_in); > addr.sin_addr.s_addr = INADDR_ANY; > addr.sin_port = htons(PORT); > > if (bind(fd, (struct sockaddr *)&addr, (socklen_t)sizeof(struct sockaddr_in)) < 0) { > perror("bind()"); > } > for (;;) { > n = recv(fd, buffer, sizeof(buffer), 0); > printf("Received %zd bytes.\n", n); > } > if (close(fd) < 0) { > perror("close()"); > } > return (0); > } > > but nothing was printed... > > Best regards > Michael > > > >> > >> Best regards > >> Michael > >>> > >>>> (I need to validate, if there is some difference when the target > >>>> hardware address doesn't conform to RFC5227 - which states it SHOULD be > >>>> zero and is ignored on the receiving side; i have reasons to believe > >>>> that the switch needs either a target hardware address of > >>>> ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update it's > >>>> entries.) > >>>> > >>>> Thanks a lot! > >>>> > >>>> Richard > >>>> > >>> > >>> -- > >>> Rod Grimes rgrimes@freebsd.org > >>> > >> > >> > >> > > > > -- > > Rod Grimes rgrimes@freebsd.org > > > > -- Rod Grimes rgrimes@freebsd.org From nobody Fri Mar 3 16:40:34 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PSty10BBKz3w60b for ; Fri, 3 Mar 2023 16:40:41 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Received: from drew.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.franken.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PSty02wqXz3kNM; Fri, 3 Mar 2023 16:40:40 +0000 (UTC) (envelope-from michael.tuexen@lurchi.franken.de) Authentication-Results: mx1.freebsd.org; none Received: from smtpclient.apple (unknown [IPv6:2a02:8109:1140:c3d:85a1:15d6:65f2:ac2b]) (Authenticated sender: lurchi) by drew.franken.de (Postfix) with ESMTPSA id 274937184BEC2; Fri, 3 Mar 2023 17:40:35 +0100 (CET) Content-Type: text/plain; charset=us-ascii List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\)) Subject: Re: BPF to filter/mod ARP From: Michael Tuexen In-Reply-To: <202303031352.323DqPjh066348@gndrsh.dnsmgr.net> Date: Fri, 3 Mar 2023 17:40:34 +0100 Cc: "Scheffenegger, Richard" , "freebsd-net@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <2A57C212-8FF0-406F-9AE5-58DCA856D716@lurchi.franken.de> References: <202303031352.323DqPjh066348@gndrsh.dnsmgr.net> To: "Rodney W. Grimes" X-Mailer: Apple Mail (2.3731.400.51.1.1) X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=disabled version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail-n.franken.de X-Rspamd-Queue-Id: 4PSty02wqXz3kNM X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:680, ipnet:2001:638::/32, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > On 3. Mar 2023, at 14:52, Rodney W. Grimes = wrote: >=20 >>> On 2. Mar 2023, at 18:20, Rodney W. Grimes = wrote: >>>=20 >>>>> On 2. Mar 2023, at 02:24, Rodney W. Grimes = wrote: >>>>>=20 >>>>>> Hi group, >>>>>>=20 >>>>>> Maybe someone can help me with this question - as I am usually = only=20 >>>>>> looking at L4 and the top side of L3 ;) >>>>>>=20 >>>>>> In order to validate a peculiar switches behavior, I want to = adjust some=20 >>>>>> fields in gracious arps sent out by an interface, after a new IP = is=20 >>>>>> assigned or changed. >>>>>=20 >>>>> Gracious or Gratuitous? >>>>>=20 >>>>>>=20 >>>>>> I believe BPF can effectively filter on arbitrary bit patterns = and=20 >>>>>> modify packets on the fly. >>>>>=20 >>>>> It can. >>>>>=20 >>>>>>=20 >>>>>> However, as ARP doesn't seem to be accessible in the ipfw=20 >>>>>> infrastructure, I was wondering how to go about setting up an BPF = to=20 >>>>>> tweak (temporarily) some of these ARPs to validate how the switch = will=20 >>>>>> behave. >>>>>=20 >>>>> ipfw is IP firewall, a layer 3 function. Arp is a layer 2 = protocol, >>>>> so very hard to do much with it in ipfw, but perhaps the layer2 >>>>> keyword, and some use of mac-type can get it to match an arp >>>>> packet. Arp is ethernet type 0x806. >>>>>=20 >>>>> ipfw add 111 count log all from any to any layer2 mac-type arp >>>>> That does seem to work >>>>> ipfw -a list 111 >>>>> 00111 4 0 count log ip from any to any layer2 mac-type = 0x0806 >>>>>=20 >>>>> Also normally ipfw does NOT pick packets up early enough to see >>>>> them, to get the layer2 option to work you need: >>>>> sysctl net.link.ether.ipfw=3D1 so that the filters at ether_demux >>>>> get turned on. >>>>>=20 >>>>> So perhaps use a divert rule and send them to a socket where >>>>> a program can mangle them, and then return them to ipfw >>>>> and hopefully the kernel does what you want after that... >>>> I thought that you receive/send an IP packet on a divert socket, = not >>>> an ethernet frame. Am I wrong? >>>=20 >>> That is unclear to me, technically it should just be a binary >>> blob and the kernel and userland just have to agree as to >>> what it is. Understand that ipfw originally only had IP layer >>> functionality. The ability to muck with layer2 was added >>> later, so I suspect the documentation about what is sent >>> over the divert socket may be out of date. Simple enough >>> to test though, just setup as I show above only change >>> to: >>> ipfw add 111 divert 4444 all from any to any layer2 mac-type arp >>> and write a program to dump what you get on the divert socket. >>> I suspect you get an ethernet frame. >>>=20 >>> And finally divert(4) says: NAME: divert kernel packet diversion = mechanism >>> That says packet, so again, IMHO, it should be arbitrary to what = layer. >>> It also later says "Divert sockets are similar to raw IP sockets", >>> I think similar is the key aspect here, they are not identical. >> I can confirm that using >> sudo sysctl net.link.ether.ipfw=3D1 >> sudo ipfw add 111 count log all from any to any layer2 mac-type arp >> ... wait some time and observe ARP traffic via tcpdump >> sudo ipfw show >> 00111 22 0 count log logamount 5 ip from any to any layer2 = mac-type 0x0806 >> 65535 7892 849004 allow ip from any to any >> So the rule is hit. >>=20 >> However, now doing >> sudo ipfw delete 111 >> sudo ipfw add 111 divert 1234 all from any to any layer2 mac-type arp >> ... wait some time and observe ARP traffic via tcpdump >> tuexen@head:~ % sudo ipfw show >> 00111 0 0 divert 1234 ip from any to any layer2 mac-type = 0x0806 >> 65535 10048 1000948 allow ip from any to any >> So this time, rule 111 is not hit. I also ran >=20 > Nice work, to me I would classify this behavior as some form of bug, > the action verb of a rule in ipfw should in no way change what is = matched > by the rule filter. >=20 > I am assuming you either had IPDIVERT compiled into your kernel, or = you > you had loaded the module, as you dont clearly state this. I am also > uncertain on what the results are if you use the divert keyword = without > ipdivert.ko loaded, is it an error when the rule gets created, or is = it > silently ignored? Before compiling IPDIVERT into the kernel, I got an error message. So I used the following kernel config for the testing: tuexen@head:~ % cat freebsd-src/sys/arm64/conf/TCP include GENERIC ident TCP makeoptions WITH_EXTRA_TCP_STACKS=3D1 options TCPHPTS options VIMAGE options TCP_BLACKBOX options TCPPCAP options SCTP_DEBUG options RATELIMIT options DEBUG_REDZONE options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=3D5 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT Best regards Michael >=20 >>=20 >> #include >> #include >> #include >> #include >> #include >> #include >>=20 >> #define BUFFER_SIZE (1<<16) >> #define PORT 1234 >>=20 >> int >> main(void) >> { >> char buffer[BUFFER_SIZE]; >> struct sockaddr_in addr; >> ssize_t n; >> int fd; >>=20 >> if ((fd =3D socket(PF_DIVERT, SOCK_RAW, 0)) < 0) { >> perror("socket()"); >> } >> bzero(&addr, sizeof(addr)); >> addr.sin_family =3D AF_INET; >> addr.sin_len =3D sizeof(struct sockaddr_in); >> addr.sin_addr.s_addr =3D INADDR_ANY; >> addr.sin_port =3D htons(PORT); >>=20 >> if (bind(fd, (struct sockaddr *)&addr, (socklen_t)sizeof(struct = sockaddr_in)) < 0) { >> perror("bind()"); >> } >> for (;;) { >> n =3D recv(fd, buffer, sizeof(buffer), 0); >> printf("Received %zd bytes.\n", n); >> } >> if (close(fd) < 0) { >> perror("close()"); >> } >> return (0); >> } >>=20 >> but nothing was printed... >>=20 >> Best regards >> Michael >>>=20 >>>>=20 >>>> Best regards >>>> Michael >>>>>=20 >>>>>> (I need to validate, if there is some difference when the target=20= >>>>>> hardware address doesn't conform to RFC5227 - which states it = SHOULD be=20 >>>>>> zero and is ignored on the receiving side; i have reasons to = believe=20 >>>>>> that the switch needs either a target hardware address of=20 >>>>>> ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update = it's=20 >>>>>> entries.) >>>>>>=20 >>>>>> Thanks a lot! >>>>>>=20 >>>>>> Richard >>>>>>=20 >>>>>=20 >>>>> --=20 >>>>> Rod Grimes = rgrimes@freebsd.org >>>>>=20 >>>>=20 >>>>=20 >>>>=20 >>>=20 >>> --=20 >>> Rod Grimes = rgrimes@freebsd.org >>=20 >>=20 >>=20 >>=20 >=20 > --=20 > Rod Grimes = rgrimes@freebsd.org From nobody Fri Mar 3 21:12:41 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PT0zy3D9Vz3wLg1 for ; Fri, 3 Mar 2023 21:12:46 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4PT0zx4P73z49NP; Fri, 3 Mar 2023 21:12:45 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Authentication-Results: mx1.freebsd.org; none Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 323LCfBl067696; Fri, 3 Mar 2023 13:12:41 -0800 (PST) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 323LCfn8067695; Fri, 3 Mar 2023 13:12:41 -0800 (PST) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202303032112.323LCfn8067695@gndrsh.dnsmgr.net> Subject: Re: BPF to filter/mod ARP In-Reply-To: <2A57C212-8FF0-406F-9AE5-58DCA856D716@lurchi.franken.de> To: Michael Tuexen Date: Fri, 3 Mar 2023 13:12:41 -0800 (PST) CC: "Rodney W. Grimes" , "Scheffenegger, Richard" , "freebsd-net@freebsd.org" X-Mailer: ELM [version 2.4ME+ PL121h (25)] List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4PT0zx4P73z49NP X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N > > On 3. Mar 2023, at 14:52, Rodney W. Grimes wrote: > > > >>> On 2. Mar 2023, at 18:20, Rodney W. Grimes wrote: > >>> > >>>>> On 2. Mar 2023, at 02:24, Rodney W. Grimes wrote: > >>>>> > >>>>>> Hi group, > >>>>>> > >>>>>> Maybe someone can help me with this question - as I am usually only > >>>>>> looking at L4 and the top side of L3 ;) > >>>>>> > >>>>>> In order to validate a peculiar switches behavior, I want to adjust some > >>>>>> fields in gracious arps sent out by an interface, after a new IP is > >>>>>> assigned or changed. > >>>>> > >>>>> Gracious or Gratuitous? > >>>>> > >>>>>> > >>>>>> I believe BPF can effectively filter on arbitrary bit patterns and > >>>>>> modify packets on the fly. > >>>>> > >>>>> It can. > >>>>> > >>>>>> > >>>>>> However, as ARP doesn't seem to be accessible in the ipfw > >>>>>> infrastructure, I was wondering how to go about setting up an BPF to > >>>>>> tweak (temporarily) some of these ARPs to validate how the switch will > >>>>>> behave. > >>>>> > >>>>> ipfw is IP firewall, a layer 3 function. Arp is a layer 2 protocol, > >>>>> so very hard to do much with it in ipfw, but perhaps the layer2 > >>>>> keyword, and some use of mac-type can get it to match an arp > >>>>> packet. Arp is ethernet type 0x806. > >>>>> > >>>>> ipfw add 111 count log all from any to any layer2 mac-type arp > >>>>> That does seem to work > >>>>> ipfw -a list 111 > >>>>> 00111 4 0 count log ip from any to any layer2 mac-type 0x0806 > >>>>> > >>>>> Also normally ipfw does NOT pick packets up early enough to see > >>>>> them, to get the layer2 option to work you need: > >>>>> sysctl net.link.ether.ipfw=1 so that the filters at ether_demux > >>>>> get turned on. > >>>>> > >>>>> So perhaps use a divert rule and send them to a socket where > >>>>> a program can mangle them, and then return them to ipfw > >>>>> and hopefully the kernel does what you want after that... > >>>> I thought that you receive/send an IP packet on a divert socket, not > >>>> an ethernet frame. Am I wrong? > >>> > >>> That is unclear to me, technically it should just be a binary > >>> blob and the kernel and userland just have to agree as to > >>> what it is. Understand that ipfw originally only had IP layer > >>> functionality. The ability to muck with layer2 was added > >>> later, so I suspect the documentation about what is sent > >>> over the divert socket may be out of date. Simple enough > >>> to test though, just setup as I show above only change > >>> to: > >>> ipfw add 111 divert 4444 all from any to any layer2 mac-type arp > >>> and write a program to dump what you get on the divert socket. > >>> I suspect you get an ethernet frame. > >>> > >>> And finally divert(4) says: NAME: divert kernel packet diversion mechanism > >>> That says packet, so again, IMHO, it should be arbitrary to what layer. > >>> It also later says "Divert sockets are similar to raw IP sockets", > >>> I think similar is the key aspect here, they are not identical. > >> I can confirm that using > >> sudo sysctl net.link.ether.ipfw=1 > >> sudo ipfw add 111 count log all from any to any layer2 mac-type arp > >> ... wait some time and observe ARP traffic via tcpdump > >> sudo ipfw show > >> 00111 22 0 count log logamount 5 ip from any to any layer2 mac-type 0x0806 > >> 65535 7892 849004 allow ip from any to any > >> So the rule is hit. > >> > >> However, now doing > >> sudo ipfw delete 111 > >> sudo ipfw add 111 divert 1234 all from any to any layer2 mac-type arp > >> ... wait some time and observe ARP traffic via tcpdump > >> tuexen@head:~ % sudo ipfw show > >> 00111 0 0 divert 1234 ip from any to any layer2 mac-type 0x0806 > >> 65535 10048 1000948 allow ip from any to any > >> So this time, rule 111 is not hit. I also ran > > > > Nice work, to me I would classify this behavior as some form of bug, > > the action verb of a rule in ipfw should in no way change what is matched > > by the rule filter. > > > > I am assuming you either had IPDIVERT compiled into your kernel, or you > > you had loaded the module, as you dont clearly state this. I am also > > uncertain on what the results are if you use the divert keyword without > > ipdivert.ko loaded, is it an error when the rule gets created, or is it > > silently ignored? > Before compiling IPDIVERT into the kernel, I got an error message. So I > used the following kernel config for the testing: > > tuexen@head:~ % cat freebsd-src/sys/arm64/conf/TCP > include GENERIC > ident TCP > > makeoptions WITH_EXTRA_TCP_STACKS=1 > options TCPHPTS > options VIMAGE > options TCP_BLACKBOX > options TCPPCAP > options SCTP_DEBUG > options RATELIMIT > options DEBUG_REDZONE > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=5 > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPDIVERT And I did some further testing, if you try to add a "divert" rule without IPDIVERT either compiled into the kernel or loaded as a module you infact due get an error that the rule could not be added. I then went digging in the ether_demux code trying to find where ipfw (pfil in the kernel) gets ahold of the packet, did not find it in ether_demux, and the packet has been handled off to to the netisr code, and that is where I stopped in trying to find the path. I still find it very strange that a count rule shows packets, but no bytes, and a divert rule shows nothing. I suspect the divert rule is not getting a proper call to the pfil code to hook up the intercept. And a count rule probably only knows how to count IP payloads bytes. > > Best regards > Michael > > > >> > >> #include > >> #include > >> #include > >> #include > >> #include > >> #include > >> > >> #define BUFFER_SIZE (1<<16) > >> #define PORT 1234 > >> > >> int > >> main(void) > >> { > >> char buffer[BUFFER_SIZE]; > >> struct sockaddr_in addr; > >> ssize_t n; > >> int fd; > >> > >> if ((fd = socket(PF_DIVERT, SOCK_RAW, 0)) < 0) { > >> perror("socket()"); > >> } > >> bzero(&addr, sizeof(addr)); > >> addr.sin_family = AF_INET; > >> addr.sin_len = sizeof(struct sockaddr_in); > >> addr.sin_addr.s_addr = INADDR_ANY; > >> addr.sin_port = htons(PORT); > >> > >> if (bind(fd, (struct sockaddr *)&addr, (socklen_t)sizeof(struct sockaddr_in)) < 0) { > >> perror("bind()"); > >> } > >> for (;;) { > >> n = recv(fd, buffer, sizeof(buffer), 0); > >> printf("Received %zd bytes.\n", n); > >> } > >> if (close(fd) < 0) { > >> perror("close()"); > >> } > >> return (0); > >> } > >> > >> but nothing was printed... > >> > >> Best regards > >> Michael > >>> > >>>> > >>>> Best regards > >>>> Michael > >>>>> > >>>>>> (I need to validate, if there is some difference when the target > >>>>>> hardware address doesn't conform to RFC5227 - which states it SHOULD be > >>>>>> zero and is ignored on the receiving side; i have reasons to believe > >>>>>> that the switch needs either a target hardware address of > >>>>>> ff:ff:ff:ff:ff:ff or the local interface MAC, to properly update it's > >>>>>> entries.) > >>>>>> > >>>>>> Thanks a lot! > >>>>>> > >>>>>> Richard > >>>>>> > >>>>> > >>>>> -- > >>>>> Rod Grimes rgrimes@freebsd.org > >>>>> > >>>> > >>>> > >>>> > >>> > >>> -- > >>> Rod Grimes rgrimes@freebsd.org > >> > >> > >> > >> > > > > -- > > Rod Grimes rgrimes@freebsd.org > > > -- Rod Grimes rgrimes@freebsd.org From nobody Sat Mar 4 07:31:11 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PTGjY6Ymxz3vgxp for ; Sat, 4 Mar 2023 07:31:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PTGjY5PHRz3pNX for ; Sat, 4 Mar 2023 07:31:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677915073; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=hAuQqiLxHyQC5ro5LdOQm8gOK1W2gIe4OAlNyH4YUao=; b=g8Mxz7PiHpg37ycls+HmE1HnWk0wa1UQSGLVGUPCeBeeou7m+H3qtuq/9tprdtL68Rll8/ U1pP5tQfPibNuUO6pvredn4tuJy2/7zp0gM4di94lmmbGaaXSvLGQ6IH7xYFoD7M0cEvOj GqeZTAz1GGRAzC40rOmNfaDI/tHL8UECIjyhjAuGuOHFCqV94WWC8zVScGfogdnif+xLrC yCWjL+RYkF9woafsfH0Y4h3n0KTMsX631lYMe/1/9/gn9syUgsUkVsgVT0q1AZ4mZW+UgM 434jnqJKqb+qMLm1pT+6ykNRU0hkPCys04v5CtJ6URoy9EVyUzbdeHPzPQQkEA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677915073; a=rsa-sha256; cv=none; b=mxv5UoJpnaEp+hvSVdSV82mayuSDX/weX6C++CPTMpRsEZpTOZueEd0r1YSxjaoOehH4ox XHK/NwwFKuEyzSY32JqyyHcu4OuwJZc5UMMMhOYuilDPavy2GTit7vOge6PgSj0CLt/SA+ 0p/MYMMwoMR7luYUI9WqTRmB83e2mhuZzuOphZ27YuVtaG1j+46UsYx0DSjXMkn+IJL3DD WL7TkMOZGBAt9+2c3Y+RBIxVmvYIrNpyUfZK9ZfbnDPyQYHoSjx03T/f6YqFBVClurYuTb XfCy7rOIIqGCmoyJL/mC1mhMpiWxiPYD0795CaQVHQR8/bkbio08TrCps50wLA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PTGjY4TpdzWwc for ; Sat, 4 Mar 2023 07:31:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3247VDvl026656 for ; Sat, 4 Mar 2023 07:31:13 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3247VD6A026655 for net@FreeBSD.org; Sat, 4 Mar 2023 07:31:13 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 264179] em(4): 13.1-RELEASE hangs on boot at 82574L (em0, 0x10d3) with I219-V (em1, 0x1a1d ) enabled (Intel Alderlake GbE NIC) Date: Sat, 04 Mar 2023 07:31:11 +0000 X-Bugzilla-Reason: AssignedTo CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.1-RELEASE X-Bugzilla-Keywords: IntelNetworking, needs-qa, regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: yasu@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? maintainer-feedback? X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264179 --- Comment #12 from Yasuhiro Kimura --- Created attachment 240579 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D240579&action= =3Dedit Output of dmesg(8) command with installer of 13.2-RC1 I tried boot with installer of 13.2-RC1 and get same error. Just FYI. --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.= From nobody Sat Mar 4 21:40:53 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PTdZ92mBcz3wVPT for ; Sat, 4 Mar 2023 21:41:05 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "plan-b.pwste.edu.pl", Issuer "GEANT OV RSA CA 4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PTdZ74gqRz47lr for ; Sat, 4 Mar 2023 21:41:03 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=plan-b.pwste.edu.pl header.s=plan-b-mailer header.b="07/3dRbI"; spf=none (mx1.freebsd.org: domain of zarychtam@plan-b.pwste.edu.pl has no SPF policy when checking 2001:678:618::40) smtp.mailfrom=zarychtam@plan-b.pwste.edu.pl; dmarc=pass (policy=none) header.from=plan-b.pwste.edu.pl Received: from [IPV6:2a02:22e0:cf00:1ff:59c0:d4ce:6b52:5795] (mzar@[IPv6:2a02:22e0:cf00:1ff:59c0:d4ce:6b52:5795]) (authenticated bits=0) by plan-b.pwste.edu.pl (8.17.1/8.17.1) with ESMTPSA id 324Leuji064825 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Sat, 4 Mar 2023 22:40:57 +0100 (CET) (envelope-from zarychtam@plan-b.pwste.edu.pl) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl; s=plan-b-mailer; t=1677966057; bh=wgqYkLN0tgHSAXovYUbeXwUgPpBIlZNk9YW4Y/CmQi0=; h=Date:To:From:Subject; b=07/3dRbIbY3YgogqT77JaG9Bxq36IMzwt2QWY1xHVQR3LmRi+o8/VTciqesS7ql55 fLBhAyo+0kjd/Inm9nOIHoK5qNz3zFnpiUKfbFmYbKd4A8R5jU+bkuG1X44Yvg6CQy X+Fgf+wBBq8hjm8uZGTDkTRbJeXjkY1cTeGW41euFOgaA5WlMLj/pi1k8UUgMGvcG6 NNN1/pflIsuHp64H0TZ21gUAT8YOnkupLo8+a6q/9U+4oo3J6YMfqYBHv9oGX6ligF w01MFcNDC22YA140hmhuEgo2SkEpQ8s7rqCL519fYJmsr0pdmp3070pqR3FpCq2V9l EI0zYU8Ag5+1g== Message-ID: <8d85bf51-866d-c800-3ffb-dc294ed86c13@plan-b.pwste.edu.pl> Date: Sat, 4 Mar 2023 22:40:53 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Content-Language: pl, en-US To: "freebsd-net@freebsd.org" From: Marek Zarychta Subject: A question about RSS bytes and Toeplitz hash Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------gwqC2ALbaLJlAD9BEnDs1xWD" X-Spamd-Result: default: False [-5.80 / 15.00]; SIGNED_PGP(-2.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.996]; DMARC_POLICY_ALLOW(-0.50)[plan-b.pwste.edu.pl,none]; R_DKIM_ALLOW(-0.20)[plan-b.pwste.edu.pl:s=plan-b-mailer]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; MIME_BASE64_TEXT(0.10)[]; TO_DN_EQ_ADDR_ALL(0.00)[]; ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~]; FROM_EQ_ENVFROM(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; DKIM_TRACE(0.00)[plan-b.pwste.edu.pl:+]; R_SPF_NA(0.00)[no SPF record]; HAS_ATTACHMENT(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCVD_TLS_ALL(0.00)[] X-Rspamd-Queue-Id: 4PTdZ74gqRz47lr X-Spamd-Bar: ----- X-ThisMailContainsUnwantedMimeParts: N This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------gwqC2ALbaLJlAD9BEnDs1xWD Content-Type: multipart/mixed; boundary="------------myo5gdjlumJxb0AEITXz0MXc"; protected-headers="v1" From: Marek Zarychta To: "freebsd-net@freebsd.org" Message-ID: <8d85bf51-866d-c800-3ffb-dc294ed86c13@plan-b.pwste.edu.pl> Subject: A question about RSS bytes and Toeplitz hash --------------myo5gdjlumJxb0AEITXz0MXc Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64 RGVhciBzdWJzY3JpYmVycywNCg0KSSBoYXZlIHJlY2VudGx5IGVuYWJsZWQgYW5kIHR1cm5l ZCBvbiBSZWNlaXZlIFNpZGUgU2NhbGluZy9TdGVlcmluZy4gVGhlIA0KbWFpbiByZWFzb24g d2FzIHRvIHVzZSBkaWZmZXJlbnQgaGFzaGluZyBmb3IgdGhlIGRpc3RyaWJ1dGlvbiBvZiBV RFAgDQpkYXRhZ3JhbXMgb3ZlciBtdWx0aXBsZSBwYXRocy4gUlNTIHVzZXMgMi10dXBsZSBo YXNoaW5nIGZvciBVRFAsIHRodXMgDQpVRFAgdHJhbnNtaXNzaW9uIGZyb20gb25lIGhvc3Qg dG8gYW5vdGhlciB0YWtlcyBhbHdheXMgdGhlIHNhbWUgcGF0aC4gDQpXaXRob3V0IFJTUyBi aXRzIGVuYWJsZWQgaGFzaGVzIGNvbXB1dGVkIGZvciBjaG9vc2luZyB0aGUgcGF0aCBpbiAN Ck1VTFRJUEFUSCBhcmUgZG9uZSBmb3IgYm90aCBVRFAgYW5kIFRDUCBvbiB0aGUgc2FtZSBi YXNpcyBvZiBzcmNpcDpwb3J0IA0KZHN0aXA6cG9ydC4NCkF0IGEgZ2xhbmNlICJvcHRpb25z IFJTUyIgc2VlbXMgdG8gYmUgYSBoaWRkZW4gZmVhdHVyZS4gVGhlcmUgaXMgbm8gDQpSU1Mo OSksIHRob3VnaCBQQ0JHUk9VUCg5KSByZWZlcnMgdG8gdGhhdCBwYWdlLCBuZWl0aGVyIFJT UyBpcyBwcmVzZW50IA0KaW4gTElOVC7CoCBBbnl3YXksIGl0IGNhbiBiZSBhZGRlZCB0byB0 aGUgY3VzdG9tIGtlcm5lbCBhbmQgdHVybmVkIG9uLg0KIEZyb20gdGltZSB0byB0aW1lIEkg YW0gcHJvZmlsaW5nIHRoZSBzeXN0ZW0gd2l0aCBwbWNzdGF0KDgpLiBJdCBzZWVtcyANCnRo YXQgd2hlbiBJUHY2IHRyYWZmaWMgaXMgcHJvY2Vzc2VkLCB0aGUgY29tcHV0YXRpb25zIG9m IHRoZSBUb2VwbGl0eiANCmhhc2hlcyAod2l0aCBSU1MgZW5hYmxlZCkgdGFrZSBhIGhpZ2hl ciBzaGFyZSBvZiBDUFUgY3ljbGVzLCB3aGljaCBpcyANCmV4cGVjdGVkLCBidXQgdGhlIG92 ZXJhbGwgc2hhcmUgb2YgQ1BVIGN5Y2xlcyBzcGVudCBvbiB0aGUgY29tcHV0YXRpb25zIA0K b2YgdGhlc2UgaGFzaGVzIGlzIHVuZXhwZWN0ZWRseSBoaWdoICh3aGVuIGNvbXBhcmVkIGZv ciBleGFtcGxlIHdpdGggDQpjb21wdXRhdGlvbiBvZiBkaWZmZXJlbnQgaGFzaGVzLCBmaWIg bG9va3VwcyBldGMuKSBhbmQgc2VlbXMgdG8gYmUgdGhlIA0KY29zdCAoZHJhd2JhY2sgPykg b2YgZW5hYmxpbmcgUlNTIGJ5dGVzLiBJIGNhbiBzaGFyZSB0aGUgc2FtcGxlcyBhbmQgDQpm bGFtZSBncmFwaHMuIElmIGFueW9uZSBpcyBjb25jZXJuZWQsIHBsZWFzZSBQTSBtZS4NCkRp Z2dpbmcgYSBiaXQgaW50byB0aGUgY29kZSBJIGZvdW5kIG91dCB0aGF0IG91ciBpbXBsZW1l bnRhdGlvbiBpcyANCnJlbGF0aXZlbHkgc2ltcGxlWzFdIHdoZW4gY29tcGFyZWQgd2l0aCBm b3IgZXhhbXBsZSBhcHByb2FjaCB0YWtlbiBieSANCkRyYWdvbkZseUJTRFsyXS7CoCBPbiB0 aGUgb3RoZXIgaGFuZCwgdGhlcmUgaXMgYSBub3Rpb24gb2YgdGhlIGltcG9ydGFuY2UgDQpv ZiBjYWNoaW5nIGluIG91ciBjb2RlWzNdLiBJIGFtIG5vdCB0aGUgcHJvZ3JhbW1lciwgcGVy aGFwcyByZWZhY3RvcmluZyANCndvbid0IGhlbHAgbXVjaCBpbiB0aGlzIGNhc2UuDQpDb25j bHVkaW5nLCByZWNlbnRseSB0aGVyZSBpcyBtb3JlIGNsZWFudXAgb2YgUlNTIGNvZGUgaW4g dGhlIHNvdXJjZSANCnJlcG9zaXRvcnkgdGhhbiBhbnkgcHJvZ3Jlc3Mgb3IgcmVmYWN0b3Jp bmcuIFBsZWFzZSBsZXQgbWUgYXNrIHRoZW4gaWYgDQp0aGVzZSBSU1MgYnl0ZXMgYXJlIHN0 aWxsIHJlbGV2YW50IGFuZCB3b3J0aCBlbmFibGluZyBvciBzaG91bGQgYmUgDQpjb25zaWRl cmVkIGFiYW5kb25lZCBhbmQgZ29pbmcgdG8gYmUgcHVyZ2VkIHdpdGggdGltZS4NCg0KWzFd IGh0dHBzOi8vY2dpdC5mcmVlYnNkLm9yZy9zcmMvdHJlZS9zeXMvbmV0L3RvZXBsaXR6LmMN ClsyXSANCmh0dHBzOi8vZ2l0aHViLmNvbS9EcmFnb25GbHlCU0QvRHJhZ29uRmx5QlNEL2Js b2IvbWFzdGVyL3N5cy9uZXQvdG9lcGxpdHouYw0KWzNdIGh0dHBzOi8vY2dpdC5mcmVlYnNk Lm9yZy9zcmMvdHJlZS9zeXMvbmV0L3RvZXBsaXR6LmgNCg0KWW91cnMgc2luY2VyZWx5DQoN Ci0tIA0KTWFyZWsgWmFyeWNodGENCg0K --------------myo5gdjlumJxb0AEITXz0MXc-- --------------gwqC2ALbaLJlAD9BEnDs1xWD Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEnjwyTmqn2oNX6C8qHZW8vIFppoIFAmQDuuUFAwAAAAAACgkQHZW8vIFppoLU oAf+JrFQ33maCBl7eTz7RumDB8lCukl7VNnU9JO7HS6uhf1c/MVMFz8RlPYG43j8fFMaQNBQo1nd T4uBJc8EHSJFZvArv/egW+tJXyR7eNWnjRM69tcFhm0WgVcrQUThE583ZdvH8HfAT1D7mBepdGDH dzi4e/9ArUE4sDU+kcHxjSnAS9IwGVPYtlb6J3VmLnfMhWLUtY8NOOW1baIOiPaxP18+GAbdx72I r1wRrKkez/PjYdeTfjQU5ug6r1pJvo0w7sGFxUH7ws+R3Yu3ZMogxUHHV/E/6+3nsf0mOdWXDZ3Q mWWZghdxKAbrdQuCsEWNCPhkUpo6BBiMKtIYt6/IaA== =agtJ -----END PGP SIGNATURE----- --------------gwqC2ALbaLJlAD9BEnDs1xWD--