From nobody Mon Jan 22 14:28:48 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TJXdr6PX5z581P9 for ; Mon, 22 Jan 2024 14:28:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TJXdr3tbRz49Dr for ; Mon, 22 Jan 2024 14:28:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705933728; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=81mCfFA62FVlj9gjUbAp3WieJ0bfabF7JGtPj9u885k=; b=QZwhMnxWxfp1O8hptORu5IGbO1Y+Ed5mVTQKjzV+03s+xoSV9q4GExxsqGp/fOjqpEJXNB 9iivFdbqH+p4CnvFtgFD4j9UQEx5tbEesbcBLPNPs0NeiOi6vdXiwdenGKG4is7ODnV9hb hvkaxopYrht0L5XPedLznk/5bUp3UIsZ6ew851JxtGKYs7vpkz3OBLGs60m1m6IfWkA08T GXnhFreKmcXa5/+pQQqFSF+mXtP9Q8gNq0CfdIZqGEwb+M12OnhEjxPurOFfLQoU1bULmZ hOcyxvHNBdb9T+rgEyEkvaqd/4wEVW6QwKCW/2KkuVKOj2Qx8yKtjvukAxff8w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705933728; a=rsa-sha256; cv=none; b=Fe5Png2GELCBrAOVPEFcSySY/8F0h5ZQH1pmpw+crcS8tgYx7fVI6yLP2tPyaK6ufSDU1v 3dw7lcI/h7ghb9zNEGCCTHfiqK1VQzUOaEEBUdCU0VkBzPwG1prNZdQHZBEWTsG/c02HKs AqeF8rt6zRby9v9uH2F5R+e8r4gHyvoUwhwuPm5pgJblabZzPigJgvQwBne4wA3e46jRtV g0+gx28FqbzfqPBNUbsCqzXV5iPqT5EPylsP7Lz4OWAqbHl8QdkkvYcWYtue9ewG1wREHA WoSQeWxVMbwgO6QY54N/tDLK3XjNbnQ9BnM2UmAVqhH+OOSgAvJJpzhlE/8wOA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TJXdr2wvfz14xM for ; Mon, 22 Jan 2024 14:28:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40MESmTc090987 for ; Mon, 22 Jan 2024 14:28:48 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40MESmwM090986 for net@FreeBSD.org; Mon, 22 Jan 2024 14:28:48 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276526] if_wg: Add missing bpfdetach() in wg_clone_destroy() Date: Mon, 22 Jan 2024 14:28:48 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: aly@aaronly.me X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276526 Aaron LI changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |net@FreeBSD.org --=20 You are receiving this mail because: You are on the CC list for the bug.= From nobody Mon Jan 22 14:29:49 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TJXg21c4Lz581DH for ; Mon, 22 Jan 2024 14:29:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TJXg16MxXz4BYx for ; Mon, 22 Jan 2024 14:29:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705933789; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kkjYGPzKTjJuC34pSEH5IKLS5edJO7YHBdwQn5nDRWM=; b=g57yXSGNRFc93dKBQzNO8mbV7i+rfen869z78x/r2gTsTVd3c5Q9P/PJxOakDN4xPHp26i 9Y21FE2m6oRHquUctE2NCzCbiwzDRjJpxHFTKMNdKuB87i4Qw+5yCuqpYsO6KxrOhuja7N 3s7moa0VnGrMJ3B3R6z5qXF7iemaQy43N8X8v1Uz4rle1h8Gt+plCCCYNGhloWiNRLOijg lKgFePt0J55Zkz69R63PyhADlp5UyTIJnDjtbd8GZZ2T1f4kZE9aghME94jXYjJuDvAO84 AM5dwBtbQIxfXZSAwyayEgfJWcxQKqmuAsbwpP4x/z3Ju7EbkyPAnptrxGtRQQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705933789; a=rsa-sha256; cv=none; b=oM0x1AHhuIXz4PjSJs/PRiVD3j5zptEFOuk+fkNNgdkwxIGzyP4HVzWByTJ10k5/OqN3Yu ZUeqOMZkJ+vvib7zeLtE5l5gzbaN66btq4b4gkRRP1IY7S9DaiIGX1s6wCAuBH4Hbd6JDu 1QAlpgLPT5XXbRWxZr+B/ygChr2uNiN3k2JCyHoHF+Dauo3WLbyXtTc0FJ2W5w7VSwCBrW 00sV0GfFI2frKm4UGNs72uoLqIm8lP6u0kIeA/VsGFDCtMn4xz0LQdm/LS0s9qOBy1wWap HWkK7srGOh0Ve+z79QUX2rit4W9wHtFTJTT/RxoY4AmyCwS6GxvMoAHlY/eLxA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TJXg15TcRz14k1 for ; Mon, 22 Jan 2024 14:29:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40METnEd094331 for ; Mon, 22 Jan 2024 14:29:49 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40METndY094329 for net@FreeBSD.org; Mon, 22 Jan 2024 14:29:49 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276526] if_wg: Add missing bpfdetach() in wg_clone_destroy() Date: Mon, 22 Jan 2024 14:29:49 +0000 X-Bugzilla-Reason: CC AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: freebsd@igalic.co X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276526 Mina Gali=C4=87 changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |net@FreeBSD.org --=20 You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.= From nobody Mon Jan 22 16:17:56 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TJb3p06TQz57jQB for ; Mon, 22 Jan 2024 16:17:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TJb3n63VKz4Sc3 for ; Mon, 22 Jan 2024 16:17:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705940277; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jXWL858wYbmo8v4UfdfFxFB/bdY+PDjHlYXQqe6G0ic=; b=AodKXS1KGH4bOxPGmdey1iCweAAnFrrAFSaGi6UqhS7YLhS6PI7RIWgjJQpAYptawve7dP RHsLFFVzDlIASfWin+6Rst8Q9SVXSfloGRqZYIuP/OFaXR8tuHrcvvlKXBLbM3z4iXSWki YHrNvDXuU5GgdaQBZFimZqlEPkO+S8qgRmzV4ypR+Xbuz2/z1XKryN58b79z13nqLBPjyQ hAuLjRB3p89+qTnqvyEa27AESOslTltysZzxq27907a9Yf9jYqomvvgYJY4+oSW9jP74Ra v9MrZHOioC8zcZWUQEGBoMDdC32vfQrbty9uj6rme8Cit0SccDLB/8hYpIuL0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705940277; a=rsa-sha256; cv=none; b=A/akpa3t0aeXsnbQByEwMVk5CvWy5ajXqQ4DWcwOBgr3YPrSfOYw9XHCZroE1Fmi4PUOiu 0hBc6kWh0NnuOYbW1EYY/raeI2LA1hCVKqMSmJTJzVI0i6A3MxAcPirNj/NAe7d/juFsmo MdXpXlzIKIsGU3Pspv9+Iy6JZaeEa+f9PKnqPoujah5ncunh/0MLb9gQ4xYXu4JgEf11AZ U8QF5sM7HJlItB7KKcC3sVpUs/J2o9bhq8O3Yih2PmdCKGxIQoxB84SQW9RX8TC05GusvE JgQk1qOaffOrDrr4JrcR/9kWE+ccXgoAzLUDEjRQiDSBY1hzHOMwWclImEXgaw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TJb3n56Tkz17rn for ; Mon, 22 Jan 2024 16:17:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40MGHvxn050051 for ; Mon, 22 Jan 2024 16:17:57 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40MGHv0i050049 for net@FreeBSD.org; Mon, 22 Jan 2024 16:17:57 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276526] if_wg: Add missing bpfdetach() in wg_clone_destroy() Date: Mon, 22 Jan 2024 16:17:56 +0000 X-Bugzilla-Reason: CC AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: kevans@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kevans@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc bug_status assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276526 Kyle Evans changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kevans@freebsd.org Status|New |In Progress Assignee|net@FreeBSD.org |kevans@freebsd.org --- Comment #1 from Kyle Evans --- Excellent catch --=20 You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.= From nobody Mon Jan 22 16:23:29 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TJbB94VMDz57jvn for ; Mon, 22 Jan 2024 16:23:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TJbB91cgSz4V5r for ; Mon, 22 Jan 2024 16:23:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705940609; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MsnLSepYXMYk2ABkAqWmXtMrdhWtmlucpsooON/zV8Q=; b=muiK9wCXaRJTo2GPJdrPHeeSJXO122qCAw8mHLlnFxroSdoOA6ebPY6J4cUCmSgkIjH3KU Qsil/y0cPgK8PP5STP0NxzDYbBQAWHI3tYlmX7A4NJOomikXu8ha2LKCFU4nIX7wnFQkyf lkEJTkhvv2FQbyRoT1Pk4TZMNl17j/owJW6L5rsEXbiNyO3gYxR+P6gUa2yq06saSzxwOf bLvZfQcT4hPwJaVg9+rE82xGeOewxmyc04NgstxRz5ReYKqWisg/iPGBHuMWot4GRyllhk nWjoJieq64+NbdxiQ+uBLvOarSK5SzPVkw/WJRySKW0H7Eb0WY79rQmSANZ/RQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705940609; a=rsa-sha256; cv=none; b=Inqlbxv12VmxbMdwCHatFERpDnaEL709rPQwVwDq8MwwOMReyOhr9W0ciW+j9YqtNsgEAX 7hFIWYvgKjN7wgAC3LUwC1+IAmaQrreC+LbJ6vK7U18xsvHwYDXh9EZ0+wfKY3WIg71FU8 MSj67EYbnHyoLndu64xc3h8sRvjJBKmC1NF2oyxx6Yd45gA+FAeFLrTcDig0T1hkHEKLzi J2HVzTYCHROsyET2ibqXQMbxu/681TE7QdtIZpPu/hg/BxZoQ3sa3qn1WdkqgOxxGreFvB 3bVDStEc6oqB+sHJXGtRe8wu5FcJ2GbNqxUqyQVv4QApYl82ExqAjgT0tvRXww== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TJbB90gmsz17gT for ; Mon, 22 Jan 2024 16:23:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40MGNTNa087025 for ; Mon, 22 Jan 2024 16:23:29 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40MGNTLf087024 for net@FreeBSD.org; Mon, 22 Jan 2024 16:23:29 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276526] if_wg: Add missing bpfdetach() in wg_clone_destroy() Date: Mon, 22 Jan 2024 16:23:29 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kevans@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276526 --- Comment #2 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D43be2d7aaf25b719aec8f49aab110c006= 1f1edec commit 43be2d7aaf25b719aec8f49aab110c0061f1edec Author: Aaron LI AuthorDate: 2024-01-22 16:18:56 +0000 Commit: Kyle Evans CommitDate: 2024-01-22 16:22:44 +0000 wg: detach bpf upon destroy as well bpfattach() is called in wg_clone_create(), but the bpfdetach() is missing from wg_close_destroy(). Add the missing bpfdetach() to avoid leaking both the associated bpf bits as well as the ifnet that bpf will hold a reference to. PR: 276526 MFC after: 3 days sys/dev/wg/if_wg.c | 1 + 1 file changed, 1 insertion(+) --=20 You are receiving this mail because: You are on the CC list for the bug.= From nobody Mon Jan 22 16:53:08 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TJbrN5SrZz57mVP for ; Mon, 22 Jan 2024 16:53:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TJbrN2srFz4Z7W for ; Mon, 22 Jan 2024 16:53:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705942388; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yPSeY1JoLHXH92IZ6223g8gi9y7b48htqpXRgb7UqdY=; b=ABxtYWua2cjMwoIpbdxY40oDAygKROg6+09/VByuHE3uQcWvCr7h68rCpWQDwnEGkRGJIj 6B6ie2PqyhyJOxx/md8jq4PmZZmnUKkF/xGiLasqte496cjYUYNjKM9z7cajRVt+XRrrQQ vsqMk6A6sbC1eS7oJ75dAu+NCzM8xiBaXGqDqCOuBVnT9zH3daGCYIhHp9wDo7UFWdxrcG qtzyilBrN+tvqomB7nMVlSRv6tWlMBmuist7mUaY0AcOjsMJiCcESLz0RYl5sVe0oWOwNH qn30vgt8p1uV7jqAK8EqkFFBX+cnmmOq/uQBsxorP6ZoqwCzf3P8eOU13iE/Fg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705942388; a=rsa-sha256; cv=none; b=l/b+rNIWB4EuDTwnjTMz4kzUCQT80vNGBOI0hPVI4ddzN3YsQQ2BZ02jY/XFMcQf554a/u 2G8nB2rbeEP5kDiSWIftkrbLMb9OLKPyNLapvs3gUVKP4DgEiG3ZccRLlQ59DGn1bhFDoi /Bmrcn1DCk1jAf8Bwa3irvm7OurCqTt0RjceoIKr6c8d96zcTiBEmM+umU15qdqva1yvrj QH1AphCE0D6dnuj5fXZQ22Tqc9T523fcPHH6GeT9m95ViSoJb7FBxTR9rnEHNY5dfwsptO vL14Tl3j9PW1b6B39g8gQl6GbuzA1kqMb71CCH8XMJlf/NKXHcR8bV3zZGMeHg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TJbrN1ycmz18nK for ; Mon, 22 Jan 2024 16:53:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40MGr8Pb037578 for ; Mon, 22 Jan 2024 16:53:08 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40MGr8rT037573 for net@FreeBSD.org; Mon, 22 Jan 2024 16:53:08 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276526] if_wg: Add missing bpfdetach() in wg_clone_destroy() Date: Mon, 22 Jan 2024 16:53:08 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: kevans@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kevans@freebsd.org X-Bugzilla-Flags: mfc-stable14? mfc-stable13? X-Bugzilla-Changed-Fields: flagtypes.name Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276526 Kyle Evans changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |mfc-stable14?, | |mfc-stable13? --=20 You are receiving this mail because: You are on the CC list for the bug.= From nobody Tue Jan 23 01:35:56 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TJqRc54kJz58crH for ; Tue, 23 Jan 2024 01:35:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TJqRc1T2Dz41Hq for ; Tue, 23 Jan 2024 01:35:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705973756; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=x8FMD6efcQRF8DHHqxblfHrx/R6lLK80yKIvbushJCo=; b=vcrDOJsy5Men2/g5f2CzZ2qlMYW+5BGCcrN5IzACajtCf1OnqIkwr16Ae6f6aIk7Fw/I/Z IulDoC079uiubxwMHKztCcOh7MaeR0avMLGrJj0QuJuwLpxRmen5N0qFpgZWp+GU0hw6Q7 mbwMrE+UGkCnMWeOOI5xG+iy+UTX5isinETWJ5kJmOJM+/5GJEJPgL1jOI8Jjn9eI1Qvze WkwVnys/rs0My2WHu0XHSkzwHpGQtARPVbkjbC5Y6FiGLns4GXg7nRq2CX2Wl/48LzacuS gakk6si3tWNdWcgTEduEtquy0nlj2+Olu4KuFv8PXaGaCO/vtQzAxSk20xdZCw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705973756; a=rsa-sha256; cv=none; b=mWa8JLhSxSjdFKhhlqIemH3RSiSUwgYajkK13tyJzMVDPjY1i9AsO0WZUQiHPANBbZ6XRe 0/Lnv5U8B8ZZbjqB3IGxZXXoNK1VrFlUlxfECciNoJGaSdOvcMaeApmoMCYGcFXPBQgf0B zUFtSsOHBTOgUXOR5E2WcVeOtil/AFLYy4Sv/I3GnE3kubTh7pQZSDEvy/FqwFrg/vPkOC lJz9kbvc8xe8Ea8/stocMpqlT3dP3rsNyrTr4dAU3TCHzuFSCKw2HptPFN7yjyfD58V0Zm YjCwvFz1vk6IZyZcWgAmbXEuKuQ5akqpmZ8EwuFnOfdRDTBXGS7Oei4KueDfbQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TJqRc0YBwz1PYF for ; Tue, 23 Jan 2024 01:35:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40N1ZuZ0028262 for ; Tue, 23 Jan 2024 01:35:56 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40N1ZuLa028255 for net@FreeBSD.org; Tue, 23 Jan 2024 01:35:56 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 273533] need to sleep before using IPsec tunnel Date: Tue, 23 Jan 2024 01:35:56 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: andrew.cagney@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273533 --- Comment #7 from Andrew Cagney --- (In reply to Zhenlei Huang from comment #6) Yes the problem is (was) in fping 5.0 packaged by FreeBSD but that is old. = The issue is confirmed fixed in the latest version 5.1. Can fping please be updated. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Tue Jan 23 08:08:22 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TK08R0CHtz57XCw for ; Tue, 23 Jan 2024 08:08:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TK08Q6GR1z4t3c for ; Tue, 23 Jan 2024 08:08:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705997302; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lcmc92HLxnA8B1PWKEDSMqMRxFCeWyAtvasX8MxT5CI=; b=p+ger+gZZWf68Y42iJ1GIHMYJnVkQ2CAAPWq1VkP3uQYDmYdJFoSWHmPJDlA5qTaErZDJA BDUxPeLValzA1Q4HVr9X+24BIlk3I1chUKCoU+/vAI/dOWWtCYW1qVYbD1M7Ei79t/AeBo UxNjRcPFAsNeAtDkgLl3XzdIzwRDpWMF+1WX7Uzjfb+6TbRWOlgOn0wrjs0tdmCSqU4L9H PvJwivH6kyovBtE8ZOv9zDgZK19yRdqciguEEzOC9oPe+NJB16YqL1yBxAKNKZHzK1cY6g JKwQBa9VmPXJjOshsriQIlqLGwJg4ObumRdhQz+vfwo8OUVok1Gn4/yJ2n2pcg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705997302; a=rsa-sha256; cv=none; b=flVItem+1bP4cjOWQrH0eK3KCcmTGC/s7scKrGbw6PWriRPtmZUH4bUSyH1BSIUf91vNQ6 /4dTyJ9JYpMeJj81hwtzrEiG/7VXYIqjFaeNLCdaAzVLPWhMyh6KliIG0K8W12DYQ9Bwik uRPF2IAkVHtXe00mi7Y/9Q8SgwDbE/a7PDOn5bava9JoWuozQABAgnA99fazSC17+fnjNR FOQI3gKCsGF/AW9H4EZL0F0bS1WCmfFuoDussmN0a8k+nMRjYwF3llqy1FHSwouyoZ3CzG SBwz3xMyt25UEtaBx5npIbVFoCL2fRvF+22L3VqEA7EB3jpw5TyA9GDxadnLIw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TK08Q5FVSzMNv for ; Tue, 23 Jan 2024 08:08:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40N88Mrd057766 for ; Tue, 23 Jan 2024 08:08:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40N88M4S057765 for net@FreeBSD.org; Tue, 23 Jan 2024 08:08:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 273533] need to sleep before using IPsec tunnel Date: Tue, 23 Jan 2024 08:08:22 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: zlei@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273533 Zhenlei Huang changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jharris@widomaker.com --- Comment #8 from Zhenlei Huang --- (In reply to Andrew Cagney from comment #7) > Yes the problem is (was) in fping 5.0 packaged by FreeBSD but that is old. > The issue is confirmed fixed in the latest version 5.1. Can fping please= be updated. CC ports maintainer Jason . --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Tue Jan 23 15:03:14 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TK9MK1MsVz570M8 for ; Tue, 23 Jan 2024 15:03:25 +0000 (UTC) (envelope-from freebsd-net@c0decafe.de) Received: from mail.c0decafe.de (mail.c0decafe.de [IPv6:2a01:4f8:222:100a::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.c0decafe.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TK9MJ2DBDz4WfY for ; Tue, 23 Jan 2024 15:03:24 +0000 (UTC) (envelope-from freebsd-net@c0decafe.de) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=c0decafe.de header.s=c0decafe.de header.b=hYfOrUkk; dmarc=pass (policy=none) header.from=c0decafe.de; spf=pass (mx1.freebsd.org: domain of freebsd-net@c0decafe.de designates 2a01:4f8:222:100a::2 as permitted sender) smtp.mailfrom=freebsd-net@c0decafe.de Received: from [172.17.30.254] (unknown [172.17.30.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.c0decafe.de (Postfix) with ESMTPSA id 54538B4DE4 for ; Tue, 23 Jan 2024 16:03:15 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=c0decafe.de; s=c0decafe.de; t=1706022195; bh=+qwtJ4mX0jLy4eejh2m5mcO3+X62rA9ckQ4GBPy/vF8=; h=Date:From:To:Subject; b=hYfOrUkkQ7ygupvk6k9mQKsz3WVfkYL2uBIIz3VlBijozumJWoXMoSz5JxW0z6iDG gGLzn9sKS0Ctrv95fxGiogwj2pWud8vHVHWAyJ7uL5PB8Z8LHraXSTJkFIczAsJA91 wRBVppoJERsosTd4v5T4PaE4CQSsIjxDRaO1x6vE= Message-ID: <3779d6c1-48de-4941-9444-36d69890be26@c0decafe.de> Date: Tue, 23 Jan 2024 16:03:14 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US From: Daniel Autocrypt: addr=mail@c0decafe.de; keydata= xsFNBFuKxS8BEADGswc2TX/b65QzcDw+b/W30LGgJXEn/GUnV8SqTNI5G3LoJLzJkVZtXh21 ng3wkc13JBD7Vb1yC6NRrmFUf77Gq3uyDVnqaKreMmZRgds9/uLFHiYM8NNEm/IjdY3nbhlk +WW/Reae8PVk7lOrO0VNcy+rwm/hJF8hFGzzBCx4tEyVZw5O4FPGAiD/SkM+FD5veupcuzI8 qkuuaInuuP8oZ4fTqdJTd1JvkRLMvytqHBx744v2Pg9Oos0ucxXYpTMXVIYO1S3KxJFyiRuO sxc+jtEft/2VwMNVp2wFssboHIMc9rKziJVHadfqBY4LxqVPhgbExjK3f65RmvZ/d/dEsF3I mTgyr4sIi1OBFLapxLdzzH1QYc6HVDVMDnndckS/4spHCKnCsPsKkeEx+L2lwAlr6PwE9xMi BtM+2NjMXN4g6u9SmIxoIHcIDOQwpmtFp70UB3SBZlIParjmZysIN9fSOtzBksuSUFGJ7PP+ lo/96PW1u6OBDocRBdtTD5710d9tsGluU4S86BVdytn/u/QAoEviae29arUYIGsMR9oeJhJc wEqRS4KfEuMhzjhJQDyJ4fLE7MKB5rGPdvhIhY7XqjKVTBIoRABZzYaPeHDvLyP83G0qye3l mwE6E8xsDPBZ4cFgZPl6xkLWugHiRVkE8VsY/RM3+v323ZvT9QARAQABzRlEYW5pZWwgPG1h aWxAYzBkZWNhZmUuZGU+wsGUBBMBCgA+FiEEw5F1cA3yVgaiOsGl9pDM4NUKhiIFAluKxS8C GyMFCRLMAwAFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ9pDM4NUKhiKRLw//XhDaN9QY o5lotBPWJSosFCdiEJBgMKfIWFmg8HgKbRVbxPV025zFXYU2WEMcymMw0cZEMCS3KtsvsyTv M04Qi5U5fxGs8RWTi8VuclUZQ96wJjWu9yDIL0jfOyzibq2Gi4zE2DE5zGd27Zpe/mHNlpmO 6wojZur5H5VaP+Mfeb5vq7D8oJJwLI7/qtZgesJzIv2rDy5og8CyCjM9uZKAAWTxCV6j6qUX K9DNanx16NBT3bTGA1AxqkvuogRmbY+GWqb+Jjtz0uOdUY4BQhW3rM30kOZybtmResaHwtaT EQm6YVKns2rAFzVS4Vcn9rYB4RJ5ovUCjk90tBXZrR2XvWJenckC+9oOkc4uoYF28lOzFoBa C/P4DzlVag5AiJTF7R2mHCnOj3wBKQqV1VhyHnqHGpVbwPEAbm0RX97lAn5cSLJ9ZFCY+Hin 1Ssh1hjA0McQNs9uFSyNj8HSfwenn5wqA6zwJzCaYONPNWZs3ejajCOOHyMoSswbkC/uupPA GvFaZdb34n6C3ShuUfr6DqbTbp+xER2sl/QQnrZ5cpPwEo4bG4aaEi0T0LbLcCZgVLQzC3iw BfjOHKjx9AIEOENbVjw5aTAEA6IPPJVvqMIjTy9lbTO/dteOpHfQ4lbeMyenYMVmHeiTeNA3 yV9KKWkrdr0C1VvpDM9/Z9uHMWHOwU0EW4rFLwEQALPCXxjWvvbQca6wmu8GzBZ0ymUd2eDq B7CTJmfR7FwvAIzNslGKH+kUIF18EnfDYiTBlsJCrCLaRsrGtUfNOmti0qVi/fjfllasicpp S+oxC2yBcGvGhm3/HH9g9HkezvEM4QOjsPjKLZMi+suVYRipaSJCf3RGRdCh9vxmN0MLRMoe 1jHVr94BvgQo4ktaFn8ACl2Z5351uOmedL1y3/LgmUyCm/vCa9z5YRb9sp3h5YQyEupFae2x i8NoDrm0StHcKAGucz04DwV2hC2NWL9UfJKhqC1l8gx7NkcohE8nEbMmRcuc9vhGUPquIMm3 ejvd5XGetN7lKC+5YVeG0e7kiCPIwNnON22dEMWv1bCuYXUoLDkejlKCqX+n8xC8Ddao+5t1 7oLXYQJqTaFKz67kxKJG/gXRBDXWrkdQ/7tE7qZbHTqaREEXRA1SYLxJGCNSUzt4kkq0kuvB AI6f72EYj5GZPKENIRZAbHv6pDy9qd9f6cB+qj1Cz7zqfDPLpN228nV88T0Fq5QH4s9KLXSs vT4nyKz5p0I+u4IydOKLwEqcjlqMNwIaBEZTjD8UFNnd8mCJcwn7uZiKWobjU2jJRU2SmROP /WjDHEff2SmJws7FVVmoyPl/FRD4QYDtuu9qwqh1tU1ut73PXxMoB/IHNkjBe5g++R1tvXWE fF0ZABEBAAHCwXwEGAEKACYWIQTDkXVwDfJWBqI6waX2kMzg1QqGIgUCW4rFLwIbDAUJEswD AAAKCRD2kMzg1QqGIoofD/9tB2wD6G7nAL9mWEC79Kusioh2HNn7HqUnB0HcGb6jD9coD8BK 1Io/1Z//slcw9+2FFwP4AXv0DTmYhb/zNX/SPrTQqSP2TPgaecVyIHzK5r5hqNE6nponvUVe jJfIzTJ5r+eKxuuMi/BkltZC98IuQV0PRLHlrVRKHWgRH/YGyFZ/OXRGeoxwZhkFE3ftwr+o ORz3ZZJIGjJpQGK3ujZ328qiswfNN3g65GoW2HU9LlWul6UgM8lFdIfOmvZqzGPnHEvPzidi q+/dezdTWFJtifQHjdpWYNnO2141N+1fU+tH7dt4TxdN1KP600BXvD29jWxPnnA6fSOyAxYT wdZOrDwrftWMF97dOIVrvhnC3Sm7PwtK639ksP2eCHWn532S4A3Ikb7xoPnuFeAXM9o9/9In yqKixsI+JodUY+wpTJsqkvhzPtrnzH+rwPSB9mpnbajRqVZ0qR0n2z8IkYhvqhIOwD5BBj// RjfZNvxaQ94UFxyqbEWOnBv5osYbprO1eZwJnNvYuf0bCaYKJX/UM87GbgTimDp1jolmJ0Nw KZRkdfs+a1j480Xt/Pyzr/muuGmFRk7/gj1tRkxAeKSdsUW88il88ZXPEwDT0BRzXo51tiiu dSHhtMS24Qzevf3cP93tAanM4Xni6Tu10ZveOALJYC5T161VfZAur0yJBA== To: freebsd-net@freebsd.org Subject: problem with ixl(4) and vlans Content-Type: text/html; charset=UTF-8 X-Clacks-Overhead: GNU Terry Pratchett Content-Transfer-Encoding: 8bit X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.69 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[c0decafe.de,none]; R_DKIM_ALLOW(-0.20)[c0decafe.de:s=c0decafe.de]; MIME_HTML_ONLY(0.20)[]; R_SPF_ALLOW(-0.20)[+mx]; XM_UA_NO_VERSION(0.01)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/32, country:DE]; RCVD_COUNT_ONE(0.00)[1]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:~]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[c0decafe.de:+] X-Rspamd-Queue-Id: 4TK9MJ2DBDz4WfY

Hi List,


just recently I discovered a problem with the ixl(4) driver. Hopefully someone here can help me. my setup is as follows:


Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- bridge0 ----- vnet0.1 to jail


the problem now is that the jail can send data out (arp requests), i do see the responses on the ixl3 interface of the host, but they never make their way up to the ixl3.15 vlan interface (even though they are tagged correctly). To rule out that my config or the network is the cruel pit i did test the same setup with a cheap usb-ethernet adapter and there everything works as expected. I'm on FreeBSD 13.2-RELEASE-p8 and I did test both, the in kernel driver and the driver from ports intel-ixl-kmod-1.13.4_1.

Here is a bit of information on my environment:

# uname -a
FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64

# pciconf -lBbcevV pci0:25:0:3
ixl3@pci0:25:0:3:       class=0x020000 rev=0x09 hdr=0x00 vendor=0x8086 device=0x37d3 subvendor=0x8086 subdevice=0x35d5
    vendor     = 'Intel Corporation'
    device     = 'Ethernet Connection X722 for 10GbE SFP+'
    class      = network
    subclass   = ethernet
    bar   [10] = type Prefetchable Memory, range 64, base 0xb0000000, size 16777216, enabled
    bar   [1c] = type Prefetchable Memory, range 64, base 0xb5000000, size 32768, enabled
    cap 01[40] = powerspec 3  supports D0 D3  current D0
    cap 05[50] = MSI supports 1 message, 64 bit, vector masks
    cap 11[70] = MSI-X supports 129 messages, enabled
                 Table in map 0x1c[0x0], PBA in map 0x1c[0x1000]
    cap 10[a0] = PCI-Express 2 endpoint max data 256(512) FLR RO
                 max read 512
                 link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1)
    cap 03[e0] = VPD
    ecap 0001[100] = AER 2 0 fatal 0 non-fatal 1 corrected
    ecap 0003[140] = Serial 1 9aef76ffff01bfa4
    ecap 000e[150] = ARI 1
    ecap 0010[160] = SR-IOV 1 IOV disabled, Memory Space disabled, ARI disabled
                     0 VFs configured out of 32 supported
                     First VF RID Offset 0x006d, VF RID Stride 0x0001
                     VF Device ID 0x37cd
                     Page Sizes: 4096 (enabled), 8192, 65536, 262144, 1048576, 4194304
    ecap 0017[1a0] = TPH Requester 1
    ecap 000d[1b0] = ACS 1 Source Validation unavailable, Translation Blocking unavailable
                     P2P Req Redirect unavailable, P2P Cmpl Redirect unavailable
                     P2P Upstream Forwarding unavailable, P2P Egress Control unavailable
                     P2P Direct Translated unavailable, Enhanced Capability unavailable
  PCI-e errors = Correctable Error Detected
                 Unsupported Request Detected
     Corrected = Advisory Non-Fatal Error
    VPD ident  = 'Example VPD'

# ifconfig
[...]
ixl3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ixl3.15: flags=8942<BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4200001<RXCSUM,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        groups: vlan
        vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 58:9c:fc:10:dd:05
        inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: ixl3.15 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 8 priority 128 path cost 55
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>
[...]



# cat /etc/rc.conf
[...]
ifconfig_ixl3="up"
vlans_ixl3="15"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm ixl3.15 up"
[...]



# dmesg | grep ixl
ixl0: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain 0 on pci6
ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl0: Using 1024 TX descriptors and 1024 RX descriptors
ixl0: Using 12 RX queues 12 TX queues
ixl0: Using MSI-X interrupts with 13 vectors
ixl0: Ethernet address: a4:bf:01:76:ef:9a
ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl0: SR-IOV ready
ixl0: netmap queues/slots: TX 12/1024, RX 12/1024
ixl1: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain 0 on pci6
ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl1: Using 1024 TX descriptors and 1024 RX descriptors
ixl1: Using 12 RX queues 12 TX queues
ixl1: Using MSI-X interrupts with 13 vectors
ixl1: Ethernet address: a4:bf:01:76:ef:9b
ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl1: SR-IOV ready
ixl1: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 numa-domain 0 on pci6
ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl2: Using 1024 TX descriptors and 1024 RX descriptors
ixl2: Using 12 RX queues 12 TX queues
ixl2: Using MSI-X interrupts with 13 vectors
ixl2: Ethernet address: a4:bf:01:76:ef:9c
ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl2: SR-IOV ready
ixl2: netmap queues/slots: TX 12/1024, RX 12/1024
ixl3: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 numa-domain 0 on pci6
ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl3: Using 1024 TX descriptors and 1024 RX descriptors
ixl3: Using 12 RX queues 12 TX queues
ixl3: Using MSI-X interrupts with 13 vectors
ixl3: Ethernet address: a4:bf:01:76:ef:9d
ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl3: SR-IOV ready
ixl3: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl2: link state changed to UP
ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl3: link state changed to UP
bridge0: can't disable some capabilities on ixl3.15: 0x400
ixl3: promiscuous mode enabled
ixl3.15: promiscuous mode enabled


from my packet traces:

# tcpdump -vvv -i ixl3
tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size 262144 bytes
[...]
13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46
13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46

Here the answer can be see, its tagged with 802.1q tag 15


# tcpdump -vvv -i ixl3.15
tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture size 262144 bytes
14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28

The answer cannot be seen on the VLAN interface ):


I hope the list can help me out here, as I am lost.


Thanks & best


Daniel

From nobody Tue Jan 23 22:33:53 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TKMM55bPxz58J5g for ; Tue, 23 Jan 2024 22:33:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TKMM53pMlz4tB6 for ; Tue, 23 Jan 2024 22:33:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706049233; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jiFQKP3P3WnItAv5jHTDlyUWqVaivRh36AydAGv2SqU=; b=Ix7kEdRef/kRaFYtWu4ejPQMA2B+AE8vrxDgokasWYLNBVVqxTx0I7NIgSH11+/FTtenWV CmwuHnjzluc/8WKve3rVaI04KWW53JNFO9b2VRk89IA769pdntjbNBdNMsHglz18IX+1mw 9VYFAqsrpcEtNGM0G46kFl6uubDPIQYxrG/+0UbIN+eHRqDx7EDQDUVJboIP389OrCGo7y naUY8vxpudoKDoUflOERIIKRTZbdKymc5kQiwwMQrPwMGXg+Wkw9Bm0FtO4JMXZ1NS1Xc0 L74XAyGUhLt6F1xhTK3hvV3Naekarq+wPYUAgfPZhj3c5In0NY0ToI4Q0s2UIQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706049233; a=rsa-sha256; cv=none; b=xoN6bZJnIgYuSzd3ENw1btnFQSUzotxycpG2eOlvv41xBH/UTuA5UsFTuF6Vl2GNoVS41D Vsug/XVBO/mcXGFYCn0QfTHiKNp0MxE21EMjJjUtLj6zH2Sa3+P70efmdJgFuSUAjW++Xi 3FhYfV0NQb2DLpUqYi9jdoMsa08Y1Ac/cc/n3m5eiYF4esgVMaSP2zxhfr4eS+ivA9f9bX iSS9ETRxGZrJklsHhyiSCh5milaGB/aXtGdOrEIffsf1/zSKX3fi/JmErTCZ949D7FBSPX s3inDY/XIEV/djeTZhosMIPsMZckFSEXKuR6lch8vNZqQ34u0IRnZmQrNQBlZw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TKMM52vl4zpFG for ; Tue, 23 Jan 2024 22:33:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40NMXrsZ058873 for ; Tue, 23 Jan 2024 22:33:53 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40NMXrDi058871 for net@FreeBSD.org; Tue, 23 Jan 2024 22:33:53 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 233683] IPv6 ND neighbor solicitation messages fail to arrive Date: Tue, 23 Jan 2024 22:33:53 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.mimetype attachments.ispatch Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D233683 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #243488|application/mbox |text/plain mime type| | Attachment #243488|0 |1 is patch| | --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Jan 24 10:17:24 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TKfyx3Mv0z57yHB for ; Wed, 24 Jan 2024 10:17:29 +0000 (UTC) (envelope-from freebsd-net@c0decafe.de) Received: from mail.c0decafe.de (mail.c0decafe.de [IPv6:2a01:4f8:222:100a::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.c0decafe.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TKfyw29Qwz47c6 for ; Wed, 24 Jan 2024 10:17:28 +0000 (UTC) (envelope-from freebsd-net@c0decafe.de) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=c0decafe.de header.s=c0decafe.de header.b="dICob/hC"; dmarc=pass (policy=none) header.from=c0decafe.de; spf=pass (mx1.freebsd.org: domain of freebsd-net@c0decafe.de designates 2a01:4f8:222:100a::2 as permitted sender) smtp.mailfrom=freebsd-net@c0decafe.de Received: from [172.17.30.254] (unknown [172.17.30.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.c0decafe.de (Postfix) with ESMTPSA id 50675B6C3E for ; Wed, 24 Jan 2024 11:17:25 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=c0decafe.de; s=c0decafe.de; t=1706091445; bh=bvAZL0Mrpc8obWwGSYpHCKr14nLud4DLEnUkMc+xRHw=; h=Date:Subject:To:References:From:In-Reply-To; b=dICob/hC2wvPCFgcg3SGSIx0RVsrP/ZIxfDDih9O7eSa1Z8eILlhYbZBYnUuAUQ9d SnAamclVQUX7smbixW3z4ELn/JPbgYiGXs6PrblRBKZgzU8gur32YEetG5Xo9PCb/4 4pFEeA+WeefKmv2rYJSxJ0xp61SSW/V026uYmO9A= Content-Type: multipart/alternative; boundary="------------96ROJWhXi54irKyWyJKUgqbR" Message-ID: Date: Wed, 24 Jan 2024 11:17:24 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: problem with ixl(4) and vlans Content-Language: en-US To: freebsd-net@freebsd.org References: <3779d6c1-48de-4941-9444-36d69890be26@c0decafe.de> From: Daniel In-Reply-To: <3779d6c1-48de-4941-9444-36d69890be26@c0decafe.de> X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[c0decafe.de,none]; R_DKIM_ALLOW(-0.20)[c0decafe.de:s=c0decafe.de]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; XM_UA_NO_VERSION(0.01)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/32, country:DE]; RCVD_COUNT_ONE(0.00)[1]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_ALL(0.00)[]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[c0decafe.de:+] X-Rspamd-Queue-Id: 4TKfyw29Qwz47c6 This is a multi-part message in MIME format. --------------96ROJWhXi54irKyWyJKUgqbR Content-Type: text/plain; charset=UTF-8; format=flowed X-Clacks-Overhead: GNU Terry Pratchett Content-Transfer-Encoding: 8bit Hi List, because i've been asked, yes, the ixl3.15 interface is also UP (even my output in the last mail showed different, result of my desperate tries to make it work. One thing I didn't mention, this is an onboard ixl on a Intel S2600STB Board, is has this wired config, were the first two interfaces are 10g base-t and the other two are sfp+ ports. While looking around further I noticed that only one of the sfp+ ports shows information on the sfp+ module correctly (both modules are genuine intel and have been cycled): # ifconfig -v ixl2 ixl2: flags=8863 metric 0 mtu 9184 options=4e507bb         ether a4:bf:01:76:ef:9c         inet [...]         media: Ethernet autoselect (10Gbase-SR )         status: active         nd6 options=23         plugged: GBIC 100G AOC (Active Optical Cable (SC)         vendor:  PN:  SN:  DATE: 20-- does not show the correct information (100G AOC, i'd wish ;) even thou it has the same kind of sfp+ as ixl3 here: # ifconfig -v ixl3 ixl3: flags=8963 metric 0 mtu 1500 options=4a500b9         ether a4:bf:01:76:ef:9d         media: Ethernet autoselect (10Gbase-SR )         status: active         nd6 options=29         plugged: SFP/SFP+/SFP28 10G Base-SR (LC)         vendor: Intel Corp PN: FTLX8571D3BCV-IT SN: MHT27ZB DATE: 2018-11-09         module temperature: 43.24 C voltage: 3.32 Volts         lane 1: RX power: 0.57 mW (-2.41 dBm) TX bias: 8.20 mA this made me thinking; is this 'wired' base-t and sfp+ configuration properly supported by the driver? Any ideas from the list? thanks & best Daniel On 1/23/24 16:03, Daniel wrote: > > Hi List, > > > just recently I discovered a problem with the ixl(4) driver. Hopefully > someone here can help me. my setup is as follows: > > > Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- > bridge0 ----- vnet0.1 to jail > > > the problem now is that the jail can send data out (arp requests), i > do see the responses on the ixl3 interface of the host, but they never > make their way up to the ixl3.15 vlan interface (even though they are > tagged correctly). To rule out that my config or the network is the > cruel pit i did test the same setup with a cheap usb-ethernet adapter > and there everything works as expected. I'm on FreeBSD 13.2-RELEASE-p8 > and I did test both, the in kernel driver and the driver from ports > intel-ixl-kmod-1.13.4_1. > > Here is a bit of information on my environment: > > # uname -a > FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64 > > # pciconf -lBbcevV pci0:25:0:3 > ixl3@pci0:25:0:3:       class=0x020000 rev=0x09 hdr=0x00 vendor=0x8086 > device=0x37d3 subvendor=0x8086 subdevice=0x35d5 >     vendor     = 'Intel Corporation' >     device     = 'Ethernet Connection X722 for 10GbE SFP+' >     class      = network >     subclass   = ethernet >     bar   [10] = type Prefetchable Memory, range 64, base 0xb0000000, > size 16777216, enabled >     bar   [1c] = type Prefetchable Memory, range 64, base 0xb5000000, > size 32768, enabled >     cap 01[40] = powerspec 3  supports D0 D3  current D0 >     cap 05[50] = MSI supports 1 message, 64 bit, vector masks >     cap 11[70] = MSI-X supports 129 messages, enabled >                  Table in map 0x1c[0x0], PBA in map 0x1c[0x1000] >     cap 10[a0] = PCI-Express 2 endpoint max data 256(512) FLR RO >                  max read 512 >                  link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1) >     cap 03[e0] = VPD >     ecap 0001[100] = AER 2 0 fatal 0 non-fatal 1 corrected >     ecap 0003[140] = Serial 1 9aef76ffff01bfa4 >     ecap 000e[150] = ARI 1 >     ecap 0010[160] = SR-IOV 1 IOV disabled, Memory Space disabled, ARI > disabled >                      0 VFs configured out of 32 supported >                      First VF RID Offset 0x006d, VF RID Stride 0x0001 >                      VF Device ID 0x37cd >                      Page Sizes: 4096 (enabled), 8192, 65536, 262144, > 1048576, 4194304 >     ecap 0017[1a0] = TPH Requester 1 >     ecap 000d[1b0] = ACS 1 Source Validation unavailable, Translation > Blocking unavailable >                      P2P Req Redirect unavailable, P2P Cmpl Redirect > unavailable >                      P2P Upstream Forwarding unavailable, P2P Egress > Control unavailable >                      P2P Direct Translated unavailable, Enhanced > Capability unavailable >   PCI-e errors = Correctable Error Detected >                  Unsupported Request Detected >      Corrected = Advisory Non-Fatal Error >     VPD ident  = 'Example VPD' > > # ifconfig > [...] > ixl3: flags=8963 > metric 0 mtu 1500 > options=4a500b9 >         ether a4:bf:01:76:ef:9d >         media: Ethernet autoselect (10Gbase-SR ) >         status: active >         nd6 options=29 > ixl3.15: flags=8942 > metric 0 mtu 1500 >         options=4200001 >         ether a4:bf:01:76:ef:9d >         groups: vlan >         vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3 >         media: Ethernet autoselect (10Gbase-SR ) >         status: active >         nd6 options=29 > bridge0: flags=8843 metric 0 > mtu 1500 >         ether 58:9c:fc:10:dd:05 >         inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255 >         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 >         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 >         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 >         member: vnet0.1 flags=143 >                 ifmaxaddr 0 port 9 priority 128 path cost 2000 >         member: ixl3.15 flags=143 >                 ifmaxaddr 0 port 8 priority 128 path cost 55 >         groups: bridge >         nd6 options=9 > [...] > > > > # cat /etc/rc.conf > [...] > ifconfig_ixl3="up" > vlans_ixl3="15" > cloned_interfaces="bridge0" > ifconfig_bridge0="addm ixl3.15 up" > [...] > > > > # dmesg | grep ixl > ixl0: mem > 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain > 0 on pci6 > ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 > ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared > ixl0: Using 1024 TX descriptors and 1024 RX descriptors > ixl0: Using 12 RX queues 12 TX queues > ixl0: Using MSI-X interrupts with 13 vectors > ixl0: Ethernet address: a4:bf:01:76:ef:9a > ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active > ixl0: SR-IOV ready > ixl0: netmap queues/slots: TX 12/1024, RX 12/1024 > ixl1: mem > 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain > 0 on pci6 > ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 > ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared > ixl1: Using 1024 TX descriptors and 1024 RX descriptors > ixl1: Using 12 RX queues 12 TX queues > ixl1: Using MSI-X interrupts with 13 vectors > ixl1: Ethernet address: a4:bf:01:76:ef:9b > ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active > ixl1: SR-IOV ready > ixl1: netmap queues/slots: TX 12/1024, RX 12/1024 > ixl2: mem > 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 numa-domain > 0 on pci6 > ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 > ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C > ixl2: Using 1024 TX descriptors and 1024 RX descriptors > ixl2: Using 12 RX queues 12 TX queues > ixl2: Using MSI-X interrupts with 13 vectors > ixl2: Ethernet address: a4:bf:01:76:ef:9c > ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active > ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5 > ixl2: SR-IOV ready > ixl2: netmap queues/slots: TX 12/1024, RX 12/1024 > ixl3: mem > 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 numa-domain > 0 on pci6 > ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 > ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C > ixl3: Using 1024 TX descriptors and 1024 RX descriptors > ixl3: Using 12 RX queues 12 TX queues > ixl3: Using MSI-X interrupts with 13 vectors > ixl3: Ethernet address: a4:bf:01:76:ef:9d > ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active > ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5 > ixl3: SR-IOV ready > ixl3: netmap queues/slots: TX 12/1024, RX 12/1024 > ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated > FEC: None, Autoneg: False, Flow Control: None > ixl2: link state changed to UP > ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated > FEC: None, Autoneg: False, Flow Control: None > ixl3: link state changed to UP > bridge0: can't disable some capabilities on ixl3.15: 0x400 > ixl3: promiscuous mode enabled > ixl3.15: promiscuous mode enabled > > > from my packet traces: > > # tcpdump -vvv -i ixl3 > tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size > 262144 bytes > [...] > 13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has > 192.168.55.1 tell 192.168.55.10, length 28 > 13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply > 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46 > 13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has > 192.168.55.1 tell 192.168.55.10, length 28 > 13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply > 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46 > > Here the answer can be see, its tagged with 802.1q tag 15 > > > # tcpdump -vvv -i ixl3.15 > tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture > size 262144 bytes > 14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has > 192.168.55.1 tell 192.168.55.10, length 28 > 14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has > 192.168.55.1 tell 192.168.55.10, length 28 > 14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has > 192.168.55.1 tell 192.168.55.10, length 28 > 14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has > 192.168.55.1 tell 192.168.55.10, length 28 > > The answer cannot be seen on the VLAN interface ): > > > I hope the list can help me out here, as I am lost. > > > Thanks & best > > > Daniel > --------------96ROJWhXi54irKyWyJKUgqbR Content-Type: text/html; charset=UTF-8 X-Clacks-Overhead: GNU Terry Pratchett Content-Transfer-Encoding: 8bit

Hi List,


because i've been asked, yes, the ixl3.15 interface is also UP (even my output in the last mail showed different, result of my desperate tries to make it work.

One thing I didn't mention, this is an onboard ixl on a Intel S2600STB Board, is has this wired config, were the first two interfaces are 10g base-t and the other two are sfp+ ports. While looking around further I noticed that only one of the sfp+ ports shows information on the sfp+ module correctly (both modules are genuine intel and have been cycled):


# ifconfig -v ixl2
ixl2: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 9184
        options=4e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6,NOM
AP>
        ether a4:bf:01:76:ef:9c
        inet [...]
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        plugged: GBIC 100G AOC (Active Optical Cable (SC)
        vendor:  PN:  SN:  DATE: 20--


does not show the correct information (100G AOC, i'd wish ;) even thou it has the same kind of sfp+ as ixl3 here:


# ifconfig -v ixl3
ixl3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        plugged: SFP/SFP+/SFP28 10G Base-SR (LC)
        vendor: Intel Corp PN: FTLX8571D3BCV-IT SN: MHT27ZB DATE: 2018-11-09
        module temperature: 43.24 C voltage: 3.32 Volts
        lane 1: RX power: 0.57 mW (-2.41 dBm) TX bias: 8.20 mA

this made me thinking; is this 'wired' base-t and sfp+ configuration properly supported by the driver?

Any ideas from the list?


thanks & best


Daniel


On 1/23/24 16:03, Daniel wrote:

Hi List,


just recently I discovered a problem with the ixl(4) driver. Hopefully someone here can help me. my setup is as follows:


Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- bridge0 ----- vnet0.1 to jail


the problem now is that the jail can send data out (arp requests), i do see the responses on the ixl3 interface of the host, but they never make their way up to the ixl3.15 vlan interface (even though they are tagged correctly). To rule out that my config or the network is the cruel pit i did test the same setup with a cheap usb-ethernet adapter and there everything works as expected. I'm on FreeBSD 13.2-RELEASE-p8 and I did test both, the in kernel driver and the driver from ports intel-ixl-kmod-1.13.4_1.

Here is a bit of information on my environment:

# uname -a
FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64

# pciconf -lBbcevV pci0:25:0:3
ixl3@pci0:25:0:3:       class=0x020000 rev=0x09 hdr=0x00 vendor=0x8086 device=0x37d3 subvendor=0x8086 subdevice=0x35d5
    vendor     = 'Intel Corporation'
    device     = 'Ethernet Connection X722 for 10GbE SFP+'
    class      = network
    subclass   = ethernet
    bar   [10] = type Prefetchable Memory, range 64, base 0xb0000000, size 16777216, enabled
    bar   [1c] = type Prefetchable Memory, range 64, base 0xb5000000, size 32768, enabled
    cap 01[40] = powerspec 3  supports D0 D3  current D0
    cap 05[50] = MSI supports 1 message, 64 bit, vector masks
    cap 11[70] = MSI-X supports 129 messages, enabled
                 Table in map 0x1c[0x0], PBA in map 0x1c[0x1000]
    cap 10[a0] = PCI-Express 2 endpoint max data 256(512) FLR RO
                 max read 512
                 link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1)
    cap 03[e0] = VPD
    ecap 0001[100] = AER 2 0 fatal 0 non-fatal 1 corrected
    ecap 0003[140] = Serial 1 9aef76ffff01bfa4
    ecap 000e[150] = ARI 1
    ecap 0010[160] = SR-IOV 1 IOV disabled, Memory Space disabled, ARI disabled
                     0 VFs configured out of 32 supported
                     First VF RID Offset 0x006d, VF RID Stride 0x0001
                     VF Device ID 0x37cd
                     Page Sizes: 4096 (enabled), 8192, 65536, 262144, 1048576, 4194304
    ecap 0017[1a0] = TPH Requester 1
    ecap 000d[1b0] = ACS 1 Source Validation unavailable, Translation Blocking unavailable
                     P2P Req Redirect unavailable, P2P Cmpl Redirect unavailable
                     P2P Upstream Forwarding unavailable, P2P Egress Control unavailable
                     P2P Direct Translated unavailable, Enhanced Capability unavailable
  PCI-e errors = Correctable Error Detected
                 Unsupported Request Detected
     Corrected = Advisory Non-Fatal Error
    VPD ident  = 'Example VPD'

# ifconfig
[...]
ixl3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ixl3.15: flags=8942<BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4200001<RXCSUM,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        groups: vlan
        vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 58:9c:fc:10:dd:05
        inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: ixl3.15 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 8 priority 128 path cost 55
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>
[...]



# cat /etc/rc.conf
[...]
ifconfig_ixl3="up"
vlans_ixl3="15"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm ixl3.15 up"
[...]



# dmesg | grep ixl
ixl0: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain 0 on pci6
ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl0: Using 1024 TX descriptors and 1024 RX descriptors
ixl0: Using 12 RX queues 12 TX queues
ixl0: Using MSI-X interrupts with 13 vectors
ixl0: Ethernet address: a4:bf:01:76:ef:9a
ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl0: SR-IOV ready
ixl0: netmap queues/slots: TX 12/1024, RX 12/1024
ixl1: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain 0 on pci6
ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl1: Using 1024 TX descriptors and 1024 RX descriptors
ixl1: Using 12 RX queues 12 TX queues
ixl1: Using MSI-X interrupts with 13 vectors
ixl1: Ethernet address: a4:bf:01:76:ef:9b
ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl1: SR-IOV ready
ixl1: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 numa-domain 0 on pci6
ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl2: Using 1024 TX descriptors and 1024 RX descriptors
ixl2: Using 12 RX queues 12 TX queues
ixl2: Using MSI-X interrupts with 13 vectors
ixl2: Ethernet address: a4:bf:01:76:ef:9c
ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl2: SR-IOV ready
ixl2: netmap queues/slots: TX 12/1024, RX 12/1024
ixl3: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 numa-domain 0 on pci6
ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl3: Using 1024 TX descriptors and 1024 RX descriptors
ixl3: Using 12 RX queues 12 TX queues
ixl3: Using MSI-X interrupts with 13 vectors
ixl3: Ethernet address: a4:bf:01:76:ef:9d
ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl3: SR-IOV ready
ixl3: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl2: link state changed to UP
ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl3: link state changed to UP
bridge0: can't disable some capabilities on ixl3.15: 0x400
ixl3: promiscuous mode enabled
ixl3.15: promiscuous mode enabled


from my packet traces:

# tcpdump -vvv -i ixl3
tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size 262144 bytes
[...]
13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46
13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46

Here the answer can be see, its tagged with 802.1q tag 15


# tcpdump -vvv -i ixl3.15
tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture size 262144 bytes
14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28

The answer cannot be seen on the VLAN interface ):


I hope the list can help me out here, as I am lost.


Thanks & best


Daniel

--------------96ROJWhXi54irKyWyJKUgqbR-- From nobody Thu Jan 25 07:22:51 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TLC3673l9z57xmn for ; Thu, 25 Jan 2024 07:22:58 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TLC366Zc7z40xb; Thu, 25 Jan 2024 07:22:58 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706167378; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=O/8mK+txRjcDNrSPhM4S74vPdQ7oZXsAwDNYnuuKhkQ=; b=c9Vu1Gc2htf82KxwWgsa1f31lpeN71rLMBxuKPuJkUrekrwo16g9MC50NVtD3y/a+wcCwX oZkdEWh8HM3m6dWyaH8MzjHS/iiNOfaIqRsHV5ODyyseT+zfolHyXWdnGr0GnRgOxdw/zv smOqF6FaeU4BA8tPFHnkawPSVq7GoamXSIJKAlIPJdIFyw46Mzul0mMPMDoN6DNFwsn8YI 9fwGT8hm59TGN3JmHn5Eb3C95Kr7LCcLvpc2Y5cTKc3JBihJbsIqKemWcVexskEaWCNS5L D9KR1QB8D/jym+76gCTLyVf8DxBnDjxU42lWaQYGJntONsINXbNaFlhz19uH5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706167378; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=O/8mK+txRjcDNrSPhM4S74vPdQ7oZXsAwDNYnuuKhkQ=; b=HrjWbRP1dJs1eI8b5P8rawaACo1G1np7MHLbpOhVJeG0278wufiAJNlbyjf4d6Sqv4AqZj twvmTVgIHCLjtJWpgRJi9ljEn5Hq3X2HoHIO68Gvj1GX3SgIcQyyJG3LV6PGp4Bh1QotI+ mYQyZoaMhKNuyJCLhk2SSe7PCsBxvlAmgxyQzBAqd7HAYWxYUCFLJFUlKY8fQVdlq9Lmj2 k96IE36+SdHh1+ehWBXiQ/g4HEWT+/RPKxZ28V69wx9fKXJcllY+14k4OtPozJWWFQWgG7 msq1VEpP4o+WNlxRXmYv8fopxQQSvNy0OvE2GAWtJ/u86PfEfPYhOgbF6L3jLg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706167378; a=rsa-sha256; cv=none; b=PMpYqDdQWHCol5kbzHdYhvBukwwPMZMP7+2sEPFYUVbKcq8nXkaIed6MVwltd0FWbKVqBR OrvW0hEudlzuh4F2C/uWxLu4caXm+doGxq9hDpIuxVvK6XMUOtDxN1+UojN/O71VP7ZndM 4Hg47YMB9dRDBOM22KQBNXlHOIk5VoDCROWm+V9R85+VjvkbFFRmkk65/MgljUrVm+CTfZ CA8o9CmiBDnruACSapV/gvW6FKE3krFPbDzFyiiFqdqIn4f2QkuwjWrVNrqVYEwmJSmS0b 9yuELaKaIGJKHUKiZFaNgx4LRwJY2xBbuEYUZ65i8hOYiwfJfGcv0z+hIO9yKA== Received: from smtpclient.apple (ns1.oxydns.net [45.32.91.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4TLC352GFTz194L; Thu, 25 Jan 2024 07:22:56 +0000 (UTC) (envelope-from zlei@FreeBSD.org) From: Zhenlei Huang Message-Id: <40DB5F45-6507-4274-BF28-6B9A5F45CAE9@FreeBSD.org> Content-Type: multipart/alternative; boundary="Apple-Mail=_F07AB117-A8B6-48CF-ADCD-C93C51B4E353" List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.4\)) Subject: Re: problem with ixl(4) and vlans Date: Thu, 25 Jan 2024 15:22:51 +0800 In-Reply-To: <3779d6c1-48de-4941-9444-36d69890be26@c0decafe.de> Cc: FreeBSD Net To: Daniel References: <3779d6c1-48de-4941-9444-36d69890be26@c0decafe.de> X-Mailer: Apple Mail (2.3696.120.41.1.4) --Apple-Mail=_F07AB117-A8B6-48CF-ADCD-C93C51B4E353 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Jan 23, 2024, at 11:03 PM, Daniel wrote: >=20 > Hi List,=20 >=20 >=20 > just recently I discovered a problem with the ixl(4) driver. Hopefully = someone here can help me. my setup is as follows:=20 >=20 >=20 > Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- = bridge0 ----- vnet0.1 to jail=20 >=20 >=20 > the problem now is that the jail can send data out (arp requests), i = do see the responses on the ixl3 interface of the host, but they never = make their way up to the ixl3.15 vlan interface (even though they are = tagged correctly). To rule out that my config or the network is the = cruel pit i did test the same setup with a cheap usb-ethernet adapter = and there everything works as expected. I'm on FreeBSD 13.2-RELEASE-p8 = and I did test both, the in kernel driver and the driver from ports = intel-ixl-kmod-1.13.4_1.=20 >=20 I would encourage you to do plain VLAN tests, i.e. plug ixl3.15 out from = bridge0 ``` # ifconfig bridge0 deletem ixl3.15 # ifconfig bridge0 inet 192.168.55.20/24 delete ### to prevent confusion # ifconfig ixl3.15 inet 192.168.55.x/24 # ping -c1 192.168.55.1 ```=20 >=20 > Here is a bit of information on my environment:=20 >=20 > # uname -a=20 > FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64=20 >=20 > # pciconf -lBbcevV pci0:25:0:3=20 > ixl3@pci0:25:0:3: class=3D0x020000 rev=3D0x09 hdr=3D0x00 = vendor=3D0x8086 device=3D0x37d3 subvendor=3D0x8086 subdevice=3D0x35d5=20 > vendor =3D 'Intel Corporation'=20 > device =3D 'Ethernet Connection X722 for 10GbE SFP+'=20 > class =3D network=20 > subclass =3D ethernet=20 > bar [10] =3D type Prefetchable Memory, range 64, base = 0xb0000000, size 16777216, enabled=20 > bar [1c] =3D type Prefetchable Memory, range 64, base = 0xb5000000, size 32768, enabled=20 > cap 01[40] =3D powerspec 3 supports D0 D3 current D0=20 > cap 05[50] =3D MSI supports 1 message, 64 bit, vector masks=20 > cap 11[70] =3D MSI-X supports 129 messages, enabled=20 > Table in map 0x1c[0x0], PBA in map 0x1c[0x1000]=20 > cap 10[a0] =3D PCI-Express 2 endpoint max data 256(512) FLR RO=20 > max read 512=20 > link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1)=20 > cap 03[e0] =3D VPD=20 > ecap 0001[100] =3D AER 2 0 fatal 0 non-fatal 1 corrected=20 > ecap 0003[140] =3D Serial 1 9aef76ffff01bfa4=20 > ecap 000e[150] =3D ARI 1=20 > ecap 0010[160] =3D SR-IOV 1 IOV disabled, Memory Space disabled, = ARI disabled=20 > 0 VFs configured out of 32 supported=20 > First VF RID Offset 0x006d, VF RID Stride 0x0001=20= > VF Device ID 0x37cd=20 > Page Sizes: 4096 (enabled), 8192, 65536, 262144, = 1048576, 4194304=20 > ecap 0017[1a0] =3D TPH Requester 1=20 > ecap 000d[1b0] =3D ACS 1 Source Validation unavailable, = Translation Blocking unavailable=20 > P2P Req Redirect unavailable, P2P Cmpl Redirect = unavailable=20 > P2P Upstream Forwarding unavailable, P2P Egress = Control unavailable=20 > P2P Direct Translated unavailable, Enhanced = Capability unavailable=20 > PCI-e errors =3D Correctable Error Detected=20 > Unsupported Request Detected=20 > Corrected =3D Advisory Non-Fatal Error=20 > VPD ident =3D 'Example VPD'=20 >=20 > # ifconfig > [...] > ixl3: flags=3D8963 = metric 0 mtu 1500 > = options=3D4a500b9 > ether a4:bf:01:76:ef:9d > media: Ethernet autoselect (10Gbase-SR ) > status: active > nd6 options=3D29 > ixl3.15: flags=3D8942 = metric 0 mtu 1500 > options=3D4200001 > ether a4:bf:01:76:ef:9d > groups: vlan > vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3 > media: Ethernet autoselect (10Gbase-SR ) > status: active > nd6 options=3D29 > bridge0: flags=3D8843 metric 0 = mtu 1500 > ether 58:9c:fc:10:dd:05 > inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255 > id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 > maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 > root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 > member: vnet0.1 flags=3D143 > ifmaxaddr 0 port 9 priority 128 path cost 2000 > member: ixl3.15 flags=3D143 > ifmaxaddr 0 port 8 priority 128 path cost 55 > groups: bridge > nd6 options=3D9 > [...] >=20 >=20 >=20 >=20 > # cat /etc/rc.conf=20 > [...]=20 > ifconfig_ixl3=3D"up"=20 > vlans_ixl3=3D"15"=20 > cloned_interfaces=3D"bridge0"=20 > ifconfig_bridge0=3D"addm ixl3.15 up"=20 > [...] >=20 >=20 >=20 > # dmesg | grep ixl=20 > ixl0: mem = 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain 0 = on pci6=20 > ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0=20 > ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared=20 > ixl0: Using 1024 TX descriptors and 1024 RX descriptors=20 > ixl0: Using 12 RX queues 12 TX queues=20 > ixl0: Using MSI-X interrupts with 13 vectors=20 > ixl0: Ethernet address: a4:bf:01:76:ef:9a=20 > ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active=20 > ixl0: SR-IOV ready=20 > ixl0: netmap queues/slots: TX 12/1024, RX 12/1024=20 > ixl1: mem = 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain 0 = on pci6=20 > ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0=20 > ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared=20 > ixl1: Using 1024 TX descriptors and 1024 RX descriptors=20 > ixl1: Using 12 RX queues 12 TX queues=20 > ixl1: Using MSI-X interrupts with 13 vectors=20 > ixl1: Ethernet address: a4:bf:01:76:ef:9b=20 > ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active=20 > ixl1: SR-IOV ready=20 > ixl1: netmap queues/slots: TX 12/1024, RX 12/1024=20 > ixl2: mem = 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 numa-domain 0 = on pci6=20 > ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0=20 > ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C=20 > ixl2: Using 1024 TX descriptors and 1024 RX descriptors=20 > ixl2: Using 12 RX queues 12 TX queues=20 > ixl2: Using MSI-X interrupts with 13 vectors=20 > ixl2: Ethernet address: a4:bf:01:76:ef:9c=20 > ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active=20 > ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5=20 > ixl2: SR-IOV ready=20 > ixl2: netmap queues/slots: TX 12/1024, RX 12/1024=20 > ixl3: mem = 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 numa-domain 0 = on pci6=20 > ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0=20 > ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C=20 > ixl3: Using 1024 TX descriptors and 1024 RX descriptors=20 > ixl3: Using 12 RX queues 12 TX queues=20 > ixl3: Using MSI-X interrupts with 13 vectors=20 > ixl3: Ethernet address: a4:bf:01:76:ef:9d=20 > ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active=20 > ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5=20 > ixl3: SR-IOV ready=20 > ixl3: netmap queues/slots: TX 12/1024, RX 12/1024=20 > ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated = FEC: None, Autoneg: False, Flow Control: None=20 > ixl2: link state changed to UP=20 > ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated = FEC: None, Autoneg: False, Flow Control: None=20 > ixl3: link state changed to UP=20 > bridge0: can't disable some capabilities on ixl3.15: 0x400=20 > ixl3: promiscuous mode enabled=20 > ixl3.15: promiscuous mode enabled=20 >=20 >=20 > from my packet traces:=20 >=20 > # tcpdump -vvv -i ixl3=20 >=20 May you please add the option -e to tcpdump, so that the link-level = header can be printed out. ``` # tcpdump -nvei ixl3 ``` > tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size = 262144 bytes=20 > [...]=20 > 13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has = 192.168.55.1 tell 192.168.55.10, length 28=20 > 13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply = 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46=20 > 13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has = 192.168.55.1 tell 192.168.55.10, length 28=20 > 13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply = 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46=20 >=20 > Here the answer can be see, its tagged with 802.1q tag 15=20 >=20 >=20 > # tcpdump -vvv -i ixl3.15=20 > tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture = size 262144 bytes=20 > 14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has = 192.168.55.1 tell 192.168.55.10, length 28=20 > 14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has = 192.168.55.1 tell 192.168.55.10, length 28=20 > 14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has = 192.168.55.1 tell 192.168.55.10, length 28=20 > 14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has = 192.168.55.1 tell 192.168.55.10, length 28=20 >=20 > The answer cannot be seen on the VLAN interface ):=20 >=20 >=20 > I hope the list can help me out here, as I am lost. >=20 >=20 > Thanks & best >=20 >=20 >=20 > Daniel >=20 Best regards, Zhenlei --Apple-Mail=_F07AB117-A8B6-48CF-ADCD-C93C51B4E353 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii

On Jan 23, 2024, at 11:03 PM, Daniel <freebsd-net@c0decafe.de> wrote:

Hi List,


just recently I discovered a problem with the ixl(4) driver. Hopefully someone here can help me. my setup is as follows:


Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- bridge0 ----- vnet0.1 to jail


the problem now is that the jail can send data out (arp requests), i do see the responses on the ixl3 interface of the host, but they never make their way up to the ixl3.15 vlan interface (even though they are tagged correctly). To rule out that my config or the network is the cruel pit i did test the same setup with a cheap usb-ethernet adapter and there everything works as expected. I'm on FreeBSD 13.2-RELEASE-p8 and I did test both, the in kernel driver and the driver from ports intel-ixl-kmod-1.13.4_1.

I would encourage you to do plain VLAN tests, i.e. plug ixl3.15 out from bridge0

```
# ifconfig bridge0 deletem ixl3.15
# ifconfig bridge0 inet 192.168.55.20/24 delete ### to prevent confusion
# ifconfig ixl3.15 inet 192.168.55.x/24
# ping -c1 192.168.55.1
``` 


Here is a bit of information on my environment:

# uname -a
FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64

# pciconf -lBbcevV pci0:25:0:3
ixl3@pci0:25:0:3:       class=0x020000 rev=0x09 hdr=0x00 vendor=0x8086 device=0x37d3 subvendor=0x8086 subdevice=0x35d5
    vendor     = 'Intel Corporation'
    device     = 'Ethernet Connection X722 for 10GbE SFP+'
    class      = network
    subclass   = ethernet
    bar   [10] = type Prefetchable Memory, range 64, base 0xb0000000, size 16777216, enabled
    bar   [1c] = type Prefetchable Memory, range 64, base 0xb5000000, size 32768, enabled
    cap 01[40] = powerspec 3  supports D0 D3  current D0
    cap 05[50] = MSI supports 1 message, 64 bit, vector masks
    cap 11[70] = MSI-X supports 129 messages, enabled
                 Table in map 0x1c[0x0], PBA in map 0x1c[0x1000]
    cap 10[a0] = PCI-Express 2 endpoint max data 256(512) FLR RO
                 max read 512
                 link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1)
    cap 03[e0] = VPD
    ecap 0001[100] = AER 2 0 fatal 0 non-fatal 1 corrected
    ecap 0003[140] = Serial 1 9aef76ffff01bfa4
    ecap 000e[150] = ARI 1
    ecap 0010[160] = SR-IOV 1 IOV disabled, Memory Space disabled, ARI disabled
                     0 VFs configured out of 32 supported
                     First VF RID Offset 0x006d, VF RID Stride 0x0001
                     VF Device ID 0x37cd
                     Page Sizes: 4096 (enabled), 8192, 65536, 262144, 1048576, 4194304
    ecap 0017[1a0] = TPH Requester 1
    ecap 000d[1b0] = ACS 1 Source Validation unavailable, Translation Blocking unavailable
                     P2P Req Redirect unavailable, P2P Cmpl Redirect unavailable
                     P2P Upstream Forwarding unavailable, P2P Egress Control unavailable
                     P2P Direct Translated unavailable, Enhanced Capability unavailable
  PCI-e errors = Correctable Error Detected
                 Unsupported Request Detected
     Corrected = Advisory Non-Fatal Error
    VPD ident  = 'Example VPD'

# ifconfig
[...]
ixl3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ixl3.15: flags=8942<BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4200001<RXCSUM,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        groups: vlan
        vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 58:9c:fc:10:dd:05
        inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: ixl3.15 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 8 priority 128 path cost 55
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>
[...]



# cat /etc/rc.conf
[...]
ifconfig_ixl3="up"
vlans_ixl3="15"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm ixl3.15 up"
[...]



# dmesg | grep ixl
ixl0: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain 0 on pci6
ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl0: Using 1024 TX descriptors and 1024 RX descriptors
ixl0: Using 12 RX queues 12 TX queues
ixl0: Using MSI-X interrupts with 13 vectors
ixl0: Ethernet address: a4:bf:01:76:ef:9a
ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl0: SR-IOV ready
ixl0: netmap queues/slots: TX 12/1024, RX 12/1024
ixl1: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain 0 on pci6
ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl1: Using 1024 TX descriptors and 1024 RX descriptors
ixl1: Using 12 RX queues 12 TX queues
ixl1: Using MSI-X interrupts with 13 vectors
ixl1: Ethernet address: a4:bf:01:76:ef:9b
ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl1: SR-IOV ready
ixl1: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 numa-domain 0 on pci6
ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl2: Using 1024 TX descriptors and 1024 RX descriptors
ixl2: Using 12 RX queues 12 TX queues
ixl2: Using MSI-X interrupts with 13 vectors
ixl2: Ethernet address: a4:bf:01:76:ef:9c
ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl2: SR-IOV ready
ixl2: netmap queues/slots: TX 12/1024, RX 12/1024
ixl3: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 numa-domain 0 on pci6
ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl3: Using 1024 TX descriptors and 1024 RX descriptors
ixl3: Using 12 RX queues 12 TX queues
ixl3: Using MSI-X interrupts with 13 vectors
ixl3: Ethernet address: a4:bf:01:76:ef:9d
ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl3: SR-IOV ready
ixl3: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl2: link state changed to UP
ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl3: link state changed to UP
bridge0: can't disable some capabilities on ixl3.15: 0x400
ixl3: promiscuous mode enabled
ixl3.15: promiscuous mode enabled


from my packet traces:

# tcpdump -vvv -i ixl3

May you please add the option -e to tcpdump, so that the link-level header can be printed out.

```
# tcpdump -nvei ixl3
```

tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size 262144 bytes
[...]
13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46
13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46

Here the answer can be see, its tagged with 802.1q tag 15


# tcpdump -vvv -i ixl3.15
tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture size 262144 bytes
14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28

The answer cannot be seen on the VLAN interface ):


I hope the list can help me out here, as I am lost.


Thanks & best


Daniel


Best regards,
Zhenlei

--Apple-Mail=_F07AB117-A8B6-48CF-ADCD-C93C51B4E353-- From nobody Thu Jan 25 09:06:59 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TLFML6YF4z587js for ; Thu, 25 Jan 2024 09:07:10 +0000 (UTC) (envelope-from freebsd-net@c0decafe.de) Received: from mail.c0decafe.de (mail.c0decafe.de [IPv6:2a01:4f8:222:100a::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.c0decafe.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TLFML2njcz4B7S; Thu, 25 Jan 2024 09:07:10 +0000 (UTC) (envelope-from freebsd-net@c0decafe.de) Authentication-Results: mx1.freebsd.org; none Received: from [172.17.30.254] (unknown [172.17.30.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.c0decafe.de (Postfix) with ESMTPSA id 180A9E592F; Thu, 25 Jan 2024 10:07:00 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=c0decafe.de; s=c0decafe.de; t=1706173620; bh=R4PL6kCcSY3GnlRQmjXTMNZ7nss9LHbvPWqL3sojKy8=; h=Date:Subject:To:References:From:Cc:In-Reply-To; b=JbCM5YXHIJGVi77+INS9BHsOoLyKv96mqk2rcaKJcH9lKJoEtOJb89GLnHmnc5PFG Vt6dZMo38p8rNYGfxftPUJvvzsj4q6M85QblOoJufOPGgxzkOdLlJjljI2giFtFgrz CfpWBo8wo9dV0n0M7imfuMsZf0gH6qyg2xzEgrJI= Content-Type: multipart/alternative; boundary="------------1W4CUCK5105E1AOz0qmc0SmV" Message-ID: <401ae00d-730c-4ac7-a18c-a2b1b75b3edf@c0decafe.de> Date: Thu, 25 Jan 2024 10:06:59 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: problem with ixl(4) and vlans Content-Language: en-US To: Zhenlei Huang References: <3779d6c1-48de-4941-9444-36d69890be26@c0decafe.de> <40DB5F45-6507-4274-BF28-6B9A5F45CAE9@FreeBSD.org> From: Daniel Autocrypt: addr=mail@c0decafe.de; keydata= xsFNBFuKxS8BEADGswc2TX/b65QzcDw+b/W30LGgJXEn/GUnV8SqTNI5G3LoJLzJkVZtXh21 ng3wkc13JBD7Vb1yC6NRrmFUf77Gq3uyDVnqaKreMmZRgds9/uLFHiYM8NNEm/IjdY3nbhlk +WW/Reae8PVk7lOrO0VNcy+rwm/hJF8hFGzzBCx4tEyVZw5O4FPGAiD/SkM+FD5veupcuzI8 qkuuaInuuP8oZ4fTqdJTd1JvkRLMvytqHBx744v2Pg9Oos0ucxXYpTMXVIYO1S3KxJFyiRuO sxc+jtEft/2VwMNVp2wFssboHIMc9rKziJVHadfqBY4LxqVPhgbExjK3f65RmvZ/d/dEsF3I mTgyr4sIi1OBFLapxLdzzH1QYc6HVDVMDnndckS/4spHCKnCsPsKkeEx+L2lwAlr6PwE9xMi BtM+2NjMXN4g6u9SmIxoIHcIDOQwpmtFp70UB3SBZlIParjmZysIN9fSOtzBksuSUFGJ7PP+ lo/96PW1u6OBDocRBdtTD5710d9tsGluU4S86BVdytn/u/QAoEviae29arUYIGsMR9oeJhJc wEqRS4KfEuMhzjhJQDyJ4fLE7MKB5rGPdvhIhY7XqjKVTBIoRABZzYaPeHDvLyP83G0qye3l mwE6E8xsDPBZ4cFgZPl6xkLWugHiRVkE8VsY/RM3+v323ZvT9QARAQABzRlEYW5pZWwgPG1h aWxAYzBkZWNhZmUuZGU+wsGUBBMBCgA+FiEEw5F1cA3yVgaiOsGl9pDM4NUKhiIFAluKxS8C GyMFCRLMAwAFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ9pDM4NUKhiKRLw//XhDaN9QY o5lotBPWJSosFCdiEJBgMKfIWFmg8HgKbRVbxPV025zFXYU2WEMcymMw0cZEMCS3KtsvsyTv M04Qi5U5fxGs8RWTi8VuclUZQ96wJjWu9yDIL0jfOyzibq2Gi4zE2DE5zGd27Zpe/mHNlpmO 6wojZur5H5VaP+Mfeb5vq7D8oJJwLI7/qtZgesJzIv2rDy5og8CyCjM9uZKAAWTxCV6j6qUX K9DNanx16NBT3bTGA1AxqkvuogRmbY+GWqb+Jjtz0uOdUY4BQhW3rM30kOZybtmResaHwtaT EQm6YVKns2rAFzVS4Vcn9rYB4RJ5ovUCjk90tBXZrR2XvWJenckC+9oOkc4uoYF28lOzFoBa C/P4DzlVag5AiJTF7R2mHCnOj3wBKQqV1VhyHnqHGpVbwPEAbm0RX97lAn5cSLJ9ZFCY+Hin 1Ssh1hjA0McQNs9uFSyNj8HSfwenn5wqA6zwJzCaYONPNWZs3ejajCOOHyMoSswbkC/uupPA GvFaZdb34n6C3ShuUfr6DqbTbp+xER2sl/QQnrZ5cpPwEo4bG4aaEi0T0LbLcCZgVLQzC3iw BfjOHKjx9AIEOENbVjw5aTAEA6IPPJVvqMIjTy9lbTO/dteOpHfQ4lbeMyenYMVmHeiTeNA3 yV9KKWkrdr0C1VvpDM9/Z9uHMWHOwU0EW4rFLwEQALPCXxjWvvbQca6wmu8GzBZ0ymUd2eDq B7CTJmfR7FwvAIzNslGKH+kUIF18EnfDYiTBlsJCrCLaRsrGtUfNOmti0qVi/fjfllasicpp S+oxC2yBcGvGhm3/HH9g9HkezvEM4QOjsPjKLZMi+suVYRipaSJCf3RGRdCh9vxmN0MLRMoe 1jHVr94BvgQo4ktaFn8ACl2Z5351uOmedL1y3/LgmUyCm/vCa9z5YRb9sp3h5YQyEupFae2x i8NoDrm0StHcKAGucz04DwV2hC2NWL9UfJKhqC1l8gx7NkcohE8nEbMmRcuc9vhGUPquIMm3 ejvd5XGetN7lKC+5YVeG0e7kiCPIwNnON22dEMWv1bCuYXUoLDkejlKCqX+n8xC8Ddao+5t1 7oLXYQJqTaFKz67kxKJG/gXRBDXWrkdQ/7tE7qZbHTqaREEXRA1SYLxJGCNSUzt4kkq0kuvB AI6f72EYj5GZPKENIRZAbHv6pDy9qd9f6cB+qj1Cz7zqfDPLpN228nV88T0Fq5QH4s9KLXSs vT4nyKz5p0I+u4IydOKLwEqcjlqMNwIaBEZTjD8UFNnd8mCJcwn7uZiKWobjU2jJRU2SmROP /WjDHEff2SmJws7FVVmoyPl/FRD4QYDtuu9qwqh1tU1ut73PXxMoB/IHNkjBe5g++R1tvXWE fF0ZABEBAAHCwXwEGAEKACYWIQTDkXVwDfJWBqI6waX2kMzg1QqGIgUCW4rFLwIbDAUJEswD AAAKCRD2kMzg1QqGIoofD/9tB2wD6G7nAL9mWEC79Kusioh2HNn7HqUnB0HcGb6jD9coD8BK 1Io/1Z//slcw9+2FFwP4AXv0DTmYhb/zNX/SPrTQqSP2TPgaecVyIHzK5r5hqNE6nponvUVe jJfIzTJ5r+eKxuuMi/BkltZC98IuQV0PRLHlrVRKHWgRH/YGyFZ/OXRGeoxwZhkFE3ftwr+o ORz3ZZJIGjJpQGK3ujZ328qiswfNN3g65GoW2HU9LlWul6UgM8lFdIfOmvZqzGPnHEvPzidi q+/dezdTWFJtifQHjdpWYNnO2141N+1fU+tH7dt4TxdN1KP600BXvD29jWxPnnA6fSOyAxYT wdZOrDwrftWMF97dOIVrvhnC3Sm7PwtK639ksP2eCHWn532S4A3Ikb7xoPnuFeAXM9o9/9In yqKixsI+JodUY+wpTJsqkvhzPtrnzH+rwPSB9mpnbajRqVZ0qR0n2z8IkYhvqhIOwD5BBj// RjfZNvxaQ94UFxyqbEWOnBv5osYbprO1eZwJnNvYuf0bCaYKJX/UM87GbgTimDp1jolmJ0Nw KZRkdfs+a1j480Xt/Pyzr/muuGmFRk7/gj1tRkxAeKSdsUW88il88ZXPEwDT0BRzXo51tiiu dSHhtMS24Qzevf3cP93tAanM4Xni6Tu10ZveOALJYC5T161VfZAur0yJBA== Cc: freebsd-net@freebsd.org In-Reply-To: <40DB5F45-6507-4274-BF28-6B9A5F45CAE9@FreeBSD.org> X-Rspamd-Queue-Id: 4TLFML2njcz4B7S X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/32, country:DE] This is a multi-part message in MIME format. --------------1W4CUCK5105E1AOz0qmc0SmV Content-Type: text/plain; charset=UTF-8; format=flowed X-Clacks-Overhead: GNU Terry Pratchett Content-Transfer-Encoding: 8bit Hi, thanks for your suggestion. Turns out, when i unplug the vlan interface from the bridge and put the ip address on the vlan interface, as you suggested, things start to work, e.g. arp resolves. as soon as i put the ip and the vlan interface back on the bridge, things stop again. so where does this lead me? the problem is not in the vlan handling, but on the bridge? I started playing with the net.link.bridge sysctls and indeed, when i set # sysctl net.link.bridge.inherit_mac=1 and then recreate the bridge # ifconfig bridge0 deletem ixl3.15 deletem vnet0.1 # ifconfig bridge0 addm ixl3.15 addm vnet0.1 with the ip address still on bridge0 and ixl3, ixl3.15 and bridge0 all sharing the same mac address, arp starts resolving. but only for requests sent from the bridge0 interface. inside of the jail things still don't work (as the vnet interface again has another mac address). # ifconfig ixl3 ixl3: flags=28963 metric 0 mtu 1500 options=4a500b9         ether a4:bf:01:76:ef:9d         media: Ethernet autoselect (10Gbase-SR )         status: active         nd6 options=29 # ifconfig ixl3.15 ixl3.15: flags=8943 metric 0 mtu 1500         options=4200001         ether a4:bf:01:76:ef:9d         groups: vlan         vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3         media: Ethernet autoselect (10Gbase-SR )         status: active         nd6 options=29 # ifconfig bridge0 bridge0: flags=8843 metric 0 mtu 1500         ether a4:bf:01:76:ef:9d         inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0         member: vnet0.1 flags=143                 ifmaxaddr 0 port 9 priority 128 path cost 2000         member: ixl3.15 flags=143                 ifmaxaddr 0 port 8 priority 128 path cost 2000         groups: bridge         nd6 options=9 # ping 192.168.55.1 PING 192.168.55.1 (192.168.55.1): 56 data bytes ^C --- 192.168.55.1 ping statistics --- 2 packets transmitted, 0 packets received, 100.0% packet loss [! yes, the host does not answer on ICMP, but that is to be expected !] # arp -an ? (192.168.55.20) at a4:bf:01:76:ef:9d on bridge0 permanent [bridge] ? (192.168.55.1) at b8:27:eb:47:8f:43 on bridge0 expires in 1197 seconds [bridge] [...] [! into the jail !] JAIL # ifconfig epair0b epair0b: flags=8863 metric 0 mtu 1500         options=8         ether ac:16:2d:bd:b7:34         hwaddr 02:51:73:d1:33:0b         inet 192.168.55.10 netmask 0xffffff00 broadcast 192.168.55.255         inet6 fe80::ae16:2dff:febd:b734%epair0b prefixlen 64 scopeid 0x2         groups: epair         media: Ethernet 10Gbase-T (10Gbase-T )         status: active         nd6 options=21 JAIL # ping 192.168.55.1 PING 192.168.55.1 (192.168.55.1): 56 data bytes ^C --- 192.168.55.1 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss JAIL # arp -an ? (192.168.55.10) at ac:16:2d:bd:b7:34 on epair0b permanent [ethernet] ? (192.168.55.1) at (incomplete) on epair0b expired [ethernet] I conclude that there must be some mac address filtering going on in the data path, whether its on ixl or the bridge. In dmesg I also see: >> bridge0: can't disable some capabilities on ixl3.15: 0x400 but as of /usr/src/sys/net/if.h:233 this maps to IFCAP_LRO which afaik should not have any influence on L2 filtering. Have to say, I'm out of ideas again. Never had something like this. So far just 'throwing interfaces on a bridge' worked in the past. Any ideas where to look next? Thanks a lot & best Daniel On 1/25/24 08:22, Zhenlei Huang wrote: > > >> On Jan 23, 2024, at 11:03 PM, Daniel wrote: >> >> Hi List, >> >> >> just recently I discovered a problem with the ixl(4) driver. >> Hopefully someone here can help me. my setup is as follows: >> >> >> Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- >> bridge0 ----- vnet0.1 to jail >> >> >> the problem now is that the jail can send data out (arp requests), i >> do see the responses on the ixl3 interface of the host, but they >> never make their way up to the ixl3.15 vlan interface (even though >> they are tagged correctly). To rule out that my config or the network >> is the cruel pit i did test the same setup with a cheap usb-ethernet >> adapter and there everything works as expected. I'm on FreeBSD >> 13.2-RELEASE-p8 and I did test both, the in kernel driver and the >> driver from ports intel-ixl-kmod-1.13.4_1. >> > I would encourage you to do plain VLAN tests, i.e. plug ixl3.15 out > from bridge0 > > ``` > # ifconfig bridge0 deletem ixl3.15 > # ifconfig bridge0 inet 192.168.55.20/24 delete ### to prevent confusion > # ifconfig ixl3.15 inet 192.168.55.x/24 > # ping -c1 192.168.55.1 > ``` > >> >> Here is a bit of information on my environment: >> >> # uname -a >> FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64 >> >> # pciconf -lBbcevV pci0:25:0:3 >> ixl3@pci0:25:0:3:       class=0x020000 rev=0x09 hdr=0x00 >> vendor=0x8086 device=0x37d3 subvendor=0x8086 subdevice=0x35d5 >>     vendor     = 'Intel Corporation' >>     device     = 'Ethernet Connection X722 for 10GbE SFP+' >>     class      = network >>     subclass   = ethernet >>     bar   [10] = type Prefetchable Memory, range 64, base 0xb0000000, >> size 16777216, enabled >>     bar   [1c] = type Prefetchable Memory, range 64, base 0xb5000000, >> size 32768, enabled >>     cap 01[40] = powerspec 3  supports D0 D3  current D0 >>     cap 05[50] = MSI supports 1 message, 64 bit, vector masks >>     cap 11[70] = MSI-X supports 129 messages, enabled >>                  Table in map 0x1c[0x0], PBA in map 0x1c[0x1000] >>     cap 10[a0] = PCI-Express 2 endpoint max data 256(512) FLR RO >>                  max read 512 >>                  link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1) >>     cap 03[e0] = VPD >>     ecap 0001[100] = AER 2 0 fatal 0 non-fatal 1 corrected >>     ecap 0003[140] = Serial 1 9aef76ffff01bfa4 >>     ecap 000e[150] = ARI 1 >>     ecap 0010[160] = SR-IOV 1 IOV disabled, Memory Space disabled, >> ARI disabled >>                      0 VFs configured out of 32 supported >>                      First VF RID Offset 0x006d, VF RID Stride 0x0001 >>                      VF Device ID 0x37cd >>                      Page Sizes: 4096 (enabled), 8192, 65536, 262144, >> 1048576, 4194304 >>     ecap 0017[1a0] = TPH Requester 1 >>     ecap 000d[1b0] = ACS 1 Source Validation unavailable, Translation >> Blocking unavailable >>                      P2P Req Redirect unavailable, P2P Cmpl Redirect >> unavailable >>                      P2P Upstream Forwarding unavailable, P2P Egress >> Control unavailable >>                      P2P Direct Translated unavailable, Enhanced >> Capability unavailable >>   PCI-e errors = Correctable Error Detected >>                  Unsupported Request Detected >>      Corrected = Advisory Non-Fatal Error >>     VPD ident  = 'Example VPD' >> >> # ifconfig >> [...] >> ixl3: flags=8963 >> metric 0 mtu 1500 >> options=4a500b9 >>         ether a4:bf:01:76:ef:9d >>         media: Ethernet autoselect (10Gbase-SR ) >>         status: active >>         nd6 options=29 >> ixl3.15: flags=8942 >> metric 0 mtu 1500 >>         options=4200001 >>         ether a4:bf:01:76:ef:9d >>         groups: vlan >>         vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3 >>         media: Ethernet autoselect (10Gbase-SR ) >>         status: active >>         nd6 options=29 >> bridge0: flags=8843 metric 0 >> mtu 1500 >>         ether 58:9c:fc:10:dd:05 >>         inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255 >>         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 >>         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 >>         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 >>         member: vnet0.1 flags=143 >>                 ifmaxaddr 0 port 9 priority 128 path cost 2000 >>         member: ixl3.15 flags=143 >>                 ifmaxaddr 0 port 8 priority 128 path cost 55 >>         groups: bridge >>         nd6 options=9 >> [...] >> >> >> >> # cat /etc/rc.conf >> [...] >> ifconfig_ixl3="up" >> vlans_ixl3="15" >> cloned_interfaces="bridge0" >> ifconfig_bridge0="addm ixl3.15 up" >> [...] >> >> >> >> # dmesg | grep ixl >> ixl0: mem >> 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain >> 0 on pci6 >> ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 >> ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared >> ixl0: Using 1024 TX descriptors and 1024 RX descriptors >> ixl0: Using 12 RX queues 12 TX queues >> ixl0: Using MSI-X interrupts with 13 vectors >> ixl0: Ethernet address: a4:bf:01:76:ef:9a >> ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active >> ixl0: SR-IOV ready >> ixl0: netmap queues/slots: TX 12/1024, RX 12/1024 >> ixl1: mem >> 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain >> 0 on pci6 >> ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 >> ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared >> ixl1: Using 1024 TX descriptors and 1024 RX descriptors >> ixl1: Using 12 RX queues 12 TX queues >> ixl1: Using MSI-X interrupts with 13 vectors >> ixl1: Ethernet address: a4:bf:01:76:ef:9b >> ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active >> ixl1: SR-IOV ready >> ixl1: netmap queues/slots: TX 12/1024, RX 12/1024 >> ixl2: >> mem 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 >> numa-domain 0 on pci6 >> ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 >> ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C >> ixl2: Using 1024 TX descriptors and 1024 RX descriptors >> ixl2: Using 12 RX queues 12 TX queues >> ixl2: Using MSI-X interrupts with 13 vectors >> ixl2: Ethernet address: a4:bf:01:76:ef:9c >> ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active >> ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5 >> ixl2: SR-IOV ready >> ixl2: netmap queues/slots: TX 12/1024, RX 12/1024 >> ixl3: >> mem 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 >> numa-domain 0 on pci6 >> ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0 >> ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C >> ixl3: Using 1024 TX descriptors and 1024 RX descriptors >> ixl3: Using 12 RX queues 12 TX queues >> ixl3: Using MSI-X interrupts with 13 vectors >> ixl3: Ethernet address: a4:bf:01:76:ef:9d >> ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active >> ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5 >> ixl3: SR-IOV ready >> ixl3: netmap queues/slots: TX 12/1024, RX 12/1024 >> ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, >> Negotiated FEC: None, Autoneg: False, Flow Control: None >> ixl2: link state changed to UP >> ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, >> Negotiated FEC: None, Autoneg: False, Flow Control: None >> ixl3: link state changed to UP >> bridge0: can't disable some capabilities on ixl3.15: 0x400 >> ixl3: promiscuous mode enabled >> ixl3.15: promiscuous mode enabled >> >> >> from my packet traces: >> >> # tcpdump -vvv -i ixl3 >> > May you please add the option -e to tcpdump, so that the link-level > header can be printed out. > > ``` > # tcpdump -nvei ixl3 > ``` > >> tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size >> 262144 bytes >> [...] >> 13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has >> 192.168.55.1 tell 192.168.55.10, length 28 >> 13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply >> 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46 >> 13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has >> 192.168.55.1 tell 192.168.55.10, length 28 >> 13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply >> 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46 >> >> Here the answer can be see, its tagged with 802.1q tag 15 >> >> >> # tcpdump -vvv -i ixl3.15 >> tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture >> size 262144 bytes >> 14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has >> 192.168.55.1 tell 192.168.55.10, length 28 >> 14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has >> 192.168.55.1 tell 192.168.55.10, length 28 >> 14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has >> 192.168.55.1 tell 192.168.55.10, length 28 >> 14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has >> 192.168.55.1 tell 192.168.55.10, length 28 >> >> The answer cannot be seen on the VLAN interface ): >> >> >> I hope the list can help me out here, as I am lost. >> >> >> Thanks & best >> >> >> Daniel >> > > Best regards, > Zhenlei > --------------1W4CUCK5105E1AOz0qmc0SmV Content-Type: text/html; charset=UTF-8 X-Clacks-Overhead: GNU Terry Pratchett Content-Transfer-Encoding: 8bit

Hi,

thanks for your suggestion. Turns out, when i unplug the vlan interface from the bridge and put the ip address on the vlan interface, as you suggested, things start to work, e.g. arp resolves.

as soon as i put the ip and the vlan interface back on the bridge, things stop again. so where does this lead me? the problem is not in the vlan handling, but on the bridge?

I started playing with the net.link.bridge sysctls and indeed, when i set


# sysctl net.link.bridge.inherit_mac=1


and then recreate the bridge


# ifconfig bridge0 deletem ixl3.15 deletem vnet0.1
# ifconfig bridge0 addm ixl3.15 addm vnet0.1


with the ip address still on bridge0 and ixl3, ixl3.15 and bridge0 all sharing the same mac address, arp starts resolving. but only for requests sent from the bridge0 interface. inside of the jail things still don't work (as the vnet interface again has another mac address).


# ifconfig ixl3
ixl3: flags=28963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
# ifconfig ixl3.15
ixl3.15: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4200001<RXCSUM,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        groups: vlan
        vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
# ifconfig bridge0
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether a4:bf:01:76:ef:9d
        inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: ixl3.15 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 8 priority 128 path cost 2000
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>
# ping 192.168.55.1
PING 192.168.55.1 (192.168.55.1): 56 data bytes
^C
--- 192.168.55.1 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss

[! yes, the host does not answer on ICMP, but that is to be expected !]

# arp -an
? (192.168.55.20) at a4:bf:01:76:ef:9d on bridge0 permanent [bridge]
? (192.168.55.1) at b8:27:eb:47:8f:43 on bridge0 expires in 1197 seconds [bridge]
[...]

[! into the jail !]

JAIL # ifconfig epair0b
epair0b: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether ac:16:2d:bd:b7:34
        hwaddr 02:51:73:d1:33:0b
        inet 192.168.55.10 netmask 0xffffff00 broadcast 192.168.55.255
        inet6 fe80::ae16:2dff:febd:b734%epair0b prefixlen 64 scopeid 0x2
        groups: epair
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
JAIL # ping 192.168.55.1
PING 192.168.55.1 (192.168.55.1): 56 data bytes
^C
--- 192.168.55.1 ping statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss
JAIL # arp -an
? (192.168.55.10) at ac:16:2d:bd:b7:34 on epair0b permanent [ethernet]
? (192.168.55.1) at (incomplete) on epair0b expired [ethernet]


I conclude that there must be some mac address filtering going on in the data path, whether its on ixl or the bridge.

In dmesg I also see:

>> bridge0: can't disable some capabilities on ixl3.15: 0x400

but as of /usr/src/sys/net/if.h:233 this maps to IFCAP_LRO which afaik should not have any influence on L2 filtering.


Have to say, I'm out of ideas again. Never had something like this. So far just 'throwing interfaces on a bridge' worked in the past. Any ideas where to look next?


Thanks a lot & best


Daniel


On 1/25/24 08:22, Zhenlei Huang wrote:


On Jan 23, 2024, at 11:03 PM, Daniel <freebsd-net@c0decafe.de> wrote:

Hi List,


just recently I discovered a problem with the ixl(4) driver. Hopefully someone here can help me. my setup is as follows:


Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- bridge0 ----- vnet0.1 to jail


the problem now is that the jail can send data out (arp requests), i do see the responses on the ixl3 interface of the host, but they never make their way up to the ixl3.15 vlan interface (even though they are tagged correctly). To rule out that my config or the network is the cruel pit i did test the same setup with a cheap usb-ethernet adapter and there everything works as expected. I'm on FreeBSD 13.2-RELEASE-p8 and I did test both, the in kernel driver and the driver from ports intel-ixl-kmod-1.13.4_1.

I would encourage you to do plain VLAN tests, i.e. plug ixl3.15 out from bridge0

```
# ifconfig bridge0 deletem ixl3.15
# ifconfig bridge0 inet 192.168.55.20/24 delete ### to prevent confusion
# ifconfig ixl3.15 inet 192.168.55.x/24
# ping -c1 192.168.55.1
``` 


Here is a bit of information on my environment:

# uname -a
FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64

# pciconf -lBbcevV pci0:25:0:3
ixl3@pci0:25:0:3:       class=0x020000 rev=0x09 hdr=0x00 vendor=0x8086 device=0x37d3 subvendor=0x8086 subdevice=0x35d5
    vendor     = 'Intel Corporation'
    device     = 'Ethernet Connection X722 for 10GbE SFP+'
    class      = network
    subclass   = ethernet
    bar   [10] = type Prefetchable Memory, range 64, base 0xb0000000, size 16777216, enabled
    bar   [1c] = type Prefetchable Memory, range 64, base 0xb5000000, size 32768, enabled
    cap 01[40] = powerspec 3  supports D0 D3  current D0
    cap 05[50] = MSI supports 1 message, 64 bit, vector masks
    cap 11[70] = MSI-X supports 129 messages, enabled
                 Table in map 0x1c[0x0], PBA in map 0x1c[0x1000]
    cap 10[a0] = PCI-Express 2 endpoint max data 256(512) FLR RO
                 max read 512
                 link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1)
    cap 03[e0] = VPD
    ecap 0001[100] = AER 2 0 fatal 0 non-fatal 1 corrected
    ecap 0003[140] = Serial 1 9aef76ffff01bfa4
    ecap 000e[150] = ARI 1
    ecap 0010[160] = SR-IOV 1 IOV disabled, Memory Space disabled, ARI disabled
                     0 VFs configured out of 32 supported
                     First VF RID Offset 0x006d, VF RID Stride 0x0001
                     VF Device ID 0x37cd
                     Page Sizes: 4096 (enabled), 8192, 65536, 262144, 1048576, 4194304
    ecap 0017[1a0] = TPH Requester 1
    ecap 000d[1b0] = ACS 1 Source Validation unavailable, Translation Blocking unavailable
                     P2P Req Redirect unavailable, P2P Cmpl Redirect unavailable
                     P2P Upstream Forwarding unavailable, P2P Egress Control unavailable
                     P2P Direct Translated unavailable, Enhanced Capability unavailable
  PCI-e errors = Correctable Error Detected
                 Unsupported Request Detected
     Corrected = Advisory Non-Fatal Error
    VPD ident  = 'Example VPD'

# ifconfig
[...]
ixl3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ixl3.15: flags=8942<BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4200001<RXCSUM,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
        groups: vlan
        vlan: 15 vlanproto: 802.1q vlanpcp: 0 parent interface: ixl3
        media: Ethernet autoselect (10Gbase-SR <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 58:9c:fc:10:dd:05
        inet 192.168.55.20 netmask 0xffffff00 broadcast 192.168.55.255
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: ixl3.15 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 8 priority 128 path cost 55
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>
[...]



# cat /etc/rc.conf
[...]
ifconfig_ixl3="up"
vlans_ixl3="15"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm ixl3.15 up"
[...]



# dmesg | grep ixl
ixl0: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain 0 on pci6
ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl0: Using 1024 TX descriptors and 1024 RX descriptors
ixl0: Using 12 RX queues 12 TX queues
ixl0: Using MSI-X interrupts with 13 vectors
ixl0: Ethernet address: a4:bf:01:76:ef:9a
ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl0: SR-IOV ready
ixl0: netmap queues/slots: TX 12/1024, RX 12/1024
ixl1: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain 0 on pci6
ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl1: Using 1024 TX descriptors and 1024 RX descriptors
ixl1: Using 12 RX queues 12 TX queues
ixl1: Using MSI-X interrupts with 13 vectors
ixl1: Ethernet address: a4:bf:01:76:ef:9b
ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl1: SR-IOV ready
ixl1: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 numa-domain 0 on pci6
ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl2: Using 1024 TX descriptors and 1024 RX descriptors
ixl2: Using 12 RX queues 12 TX queues
ixl2: Using MSI-X interrupts with 13 vectors
ixl2: Ethernet address: a4:bf:01:76:ef:9c
ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl2: SR-IOV ready
ixl2: netmap queues/slots: TX 12/1024, RX 12/1024
ixl3: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 numa-domain 0 on pci6
ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl3: Using 1024 TX descriptors and 1024 RX descriptors
ixl3: Using 12 RX queues 12 TX queues
ixl3: Using MSI-X interrupts with 13 vectors
ixl3: Ethernet address: a4:bf:01:76:ef:9d
ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl3: SR-IOV ready
ixl3: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl2: link state changed to UP
ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl3: link state changed to UP
bridge0: can't disable some capabilities on ixl3.15: 0x400
ixl3: promiscuous mode enabled
ixl3.15: promiscuous mode enabled


from my packet traces:

# tcpdump -vvv -i ixl3

May you please add the option -e to tcpdump, so that the link-level header can be printed out.

```
# tcpdump -nvei ixl3
```

tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size 262144 bytes
[...]
13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46
13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46

Here the answer can be see, its tagged with 802.1q tag 15


# tcpdump -vvv -i ixl3.15
tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture size 262144 bytes
14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28

The answer cannot be seen on the VLAN interface ):


I hope the list can help me out here, as I am lost.


Thanks & best


Daniel


Best regards,
Zhenlei

--------------1W4CUCK5105E1AOz0qmc0SmV-- From nobody Thu Jan 25 21:10:49 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TLYQd6TV1z583Zg for ; Thu, 25 Jan 2024 21:11:05 +0000 (UTC) (envelope-from sm@codenetworks.net) Received: from relayout10-q02.dominioabsoluto.net (relayout10-q02.dominioabsoluto.net [217.116.26.36]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TLYQd3X6Rz4VRg; Thu, 25 Jan 2024 21:11:05 +0000 (UTC) (envelope-from sm@codenetworks.net) Authentication-Results: mx1.freebsd.org; none Received: from relayout10-redir.dominioabsoluto.net (relayout10-redir.dominioabsoluto.net [217.116.26.39]) by relayout10.dominioabsoluto.net (Postfix) with ESMTP id 4TLYQY69V6zB2dF; Thu, 25 Jan 2024 22:11:01 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=codenetworks.net; s=domabs; t=1706217061; bh=Rr+Y0fC72xW4QO0N7E87TtOjzOduG5hZ35uLDBCfDvU=; h=From:Subject:Date:References:Cc:In-Reply-To:To:From; b=iLLU4Cvl0QQZyQsfs39IbfLi+trEJET53+2b2vxlVAwfgE7C4RC7AAh9mfm3R6N1F cv1ZvKGVmS2pS/gXzvv2fRxllESwppmWl8ODtBu2ob7pMAqt5NVA0qYe/XnjGq6WGf bWuOEYqZzfttyKqnWdsFOa92XwU4YNIrrsind+C4= Received: from smtpclient.apple (105.85-87-101.dynamic.clientes.euskaltel.es [85.87.101.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: sm.codenetworks.net) by relayout10-dsp.dominioabsoluto.net (Postfix) with ESMTPSA id 4TLYQX2rDCzB2d1; Thu, 25 Jan 2024 22:11:00 +0100 (CET) Content-Type: multipart/alternative; boundary=Apple-Mail-63F0A263-997C-4872-BFBB-3F96575D20C1 Content-Transfer-Encoding: 7bit From: Santiago Martinez List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (1.0) Subject: Re: problem with ixl(4) and vlans Date: Thu, 25 Jan 2024 22:10:49 +0100 Message-Id: <063A269F-B479-4A43-8E3B-B044C2E779F0@codenetworks.net> References: <401ae00d-730c-4ac7-a18c-a2b1b75b3edf@c0decafe.de> Cc: Zhenlei Huang , freebsd-net@freebsd.org In-Reply-To: <401ae00d-730c-4ac7-a18c-a2b1b75b3edf@c0decafe.de> To: Daniel X-Mailer: iPhone Mail (21C66) X-PostalOut-Country: IP: 85.87.101.105 | Country: ES X-PostalOut-Information: AntiSPAM and AntiVIRUS on relayout10 X-PostalOut-MsgID: 4TLYQX2rDCzB2d1.A08B7 X-PostalOut-SpamCheck: no es spam, clean X-PostalOut-From: sm@codenetworks.net X-PostalOut-Watermark: 1706821861.48339@+0iG26ARXFXupTdeYHrHZw X-Spam-Status: No X-Rspamd-Queue-Id: 4TLYQd3X6Rz4VRg X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:16371, ipnet:217.116.24.0/21, country:ES] --Apple-Mail-63F0A263-997C-4872-BFBB-3F96575D20C1 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
Hi D= aniel, 

have you try d= isabling hardware vlan filtering?

Also I guess there is not ipfw or pf modules loaded right?

Best 
Santi=

On 25 Jan 2024, at 10:0= 7, Daniel <freebsd-net@c0decafe.de> wrote:

<= blockquote type=3D"cite">
=EF=BB=BF =20 =20 =20

Hi,

thanks for your suggestion. Turns out, when i unplug the vlan interface from the bridge and put the ip address on the vlan interface, as you suggested, things start to work, e.g. arp resolves.

as soon as i put the ip and the vlan interface back on the bridge, things stop again. so where does this lead me? the problem is not in the vlan handling, but on the bridge?

I started playing with the net.link.bridge sysctls and indeed, when i set


# sysctl net.link.bridge.inherit_mac=3D1


and then recreate the bridge


# ifconfig bridge0 deletem ixl3.15 deletem vnet0.1
# ifconfig bridge0 addm ixl3.15 addm vnet0.1


with the ip address still on bridge0 and ixl3, ixl3.15 and bridge0 all sharing the same mac address, arp starts resolving. but only for requests sent from the bridge0 interface. inside of the jail things still don't work (as the vnet interface again has another mac address).


# ifconfig ixl3
ixl3: flags=3D28963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3D4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VL= AN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
=         media: Ethernet autoselect (= 10Gbase-SR <full-duplex>)
        status: active
        nd6 options=3D29<PERFORM= NUD,IFDISABLED,AUTO_LINKLOCAL>
# ifconfig ixl3.15
ixl3.15: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3D4200001<RXCSUM= ,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76:ef:9d
=         groups: vlan
        vlan: 15 vlanproto: 802.1q v= lanpcp: 0 parent interface: ixl3
        media: Ethernet autoselect (= 10Gbase-SR <full-duplex>)
        status: active
        nd6 options=3D29<PERFORM= NUD,IFDISABLED,AUTO_LINKLOCAL>
# ifconfig bridge0
bridge0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether a4:bf:01:76:ef:9d
=         inet 192.168.55.20 netmask 0= xffffff00 broadcast 192.168.55.255
        id 00:00:00:00:00:00 priori= ty 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto r= stp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 p= riority 32768 ifcost 0 port 0
        member: vnet0.1 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
           &nbs= p;    ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: ixl3.15 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
           &nbs= p;    ifmaxaddr 0 port 8 priority 128 path cost 2000
        groups: bridge
        nd6 options=3D9<PERFORMN= UD,IFDISABLED>
# ping 192.168.55.1
PING 192.168.55.1 (192.168.55.1): 56 data bytes
^C
--- 192.168.55.1 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss

[! yes, the host does not answer on ICMP, but that is to be expected !]

# arp -an
? (192.168.55.20) at a4:bf:01:76:ef:9d on bridge0 permanent [bridge]
? (192.168.55.1) at b8:27:eb:47:8f:43 on bridge0 expires in 1197 seconds [bridge]
[...]

[! into the jail !]

JAIL # ifconfig epair0b
epair0b: flags=3D8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3D8<VLAN_MTU>=
        ether ac:16:2d:bd:b7:34
=         hwaddr 02:51:73:d1:33:0b         inet 192.168.55.10 netmask 0= xffffff00 broadcast 192.168.55.255
        inet6 fe80::ae16:2dff:febd:= b734%epair0b prefixlen 64 scopeid 0x2
        groups: epair
        media: Ethernet 10Gbase-T (= 10Gbase-T <full-duplex>)
        status: active
        nd6 options=3D21<PERFORM= NUD,AUTO_LINKLOCAL>
JAIL # ping 192.168.55.1
PING 192.168.55.1 (192.168.55.1): 56 data bytes
^C
--- 192.168.55.1 ping statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss
JAIL # arp -an
? (192.168.55.10) at ac:16:2d:bd:b7:34 on epair0b permanent [ethernet]
? (192.168.55.1) at (incomplete) on epair0b expired [ethernet]


I conclude that there must be some mac address filtering going on in the data path, whether its on ixl or the bridge.

In dmesg I also see:

>> bridge0: can't disable some capabilities on ixl3.15: 0x400

but as of /usr/src/sys/net/if.h:233 this maps to IFCAP_LRO which afaik should not have any influence on L2 filtering.


Have to say, I'm out of ideas again. Never had something like this. So far just 'throwing interfaces on a bridge' worked in the past. Any ideas where to look next?


Thanks a lot & best


Daniel


On 1/25/24 08:22, Zhenlei Huang wrote:


On Jan 23, 2024, at 11:03 PM, Daniel <freebsd-net@c0decafe.de> wrote:

Hi List,


just recently I discovered a problem with the ixl(4) driver. Hopefully someone here can help me. my setup is as follows:


Network ----- ixl3 interface ----- ixl3.15 vlan interface ----- bridge0 ----- vnet0.1 to jail


the problem now is that the jail can send data out (arp requests), i do see the responses on the ixl3 interface of the host, but they never make their way up to the ixl3.15 vlan interface (even though they are tagged correctly). To rule out that my config or the network is the cruel pit i did test the same setup with a cheap usb-ethernet adapter and there everything works as expected. I'm on FreeBSD 13.2-RELEASE-p8 and I did test both, the in kernel driver and the driver from ports intel-ixl-kmod-1.13.4_1.

I would encourage you to do plain VLAN tests, i.e. plug ixl3.15 out from bridge0

```
# ifconfig bridge0 deletem ixl3.15
# ifconfig bridge0 inet 192.168.55.20/24 delete ### to prevent confusion
# ifconfig ixl3.15 inet 192.168.55.x/24
# ping -c1 192.168.55.1
``` 


Here is a bit of information on my environment:

# uname -a
FreeBSD mimir 13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64

# pciconf -lBbcevV pci0:25:0:3
ixl3@pci0:25:0:3:       class=3D= 0x020000 rev=3D0x09 hdr=3D0x00 vendor=3D0x8086 device=3D0x37d3 subvendor=3D0x8086 subdevice=3D0x35d5
    vendor     =3D 'Intel= Corporation'
    device     =3D 'Ether= net Connection X722 for 10GbE SFP+'
    class      =3D n= etwork
    subclass   =3D ethernet
    bar   [10] =3D type Prefetchabl= e Memory, range 64, base 0xb0000000, size 16777216, enabled
    bar   [1c] =3D type Prefetchabl= e Memory, range 64, base 0xb5000000, size 32768, enabled
    cap 01[40] =3D powerspec 3  supports= D0 D3  current D0
    cap 05[50] =3D MSI supports 1 message, 64= bit, vector masks
    cap 11[70] =3D MSI-X supports 129 message= s, enabled
          =        Table in map 0x1c[0x0], PBA in map 0x1c[0x1000]
    cap 10[a0] =3D PCI-Express 2 endpoint max= data 256(512) FLR RO
          =        max read 512
          =        link x1(x1) speed 2.5(2.5) ASPM disabled(L0s/L1)
    cap 03[e0] =3D VPD
    ecap 0001[100] =3D AER 2 0 fatal 0 non-fa= tal 1 corrected
    ecap 0003[140] =3D Serial 1 9aef76ffff01b= fa4
    ecap 000e[150] =3D ARI 1
    ecap 0010[160] =3D SR-IOV 1 IOV disabled,= Memory Space disabled, ARI disabled
          =            0 VFs configure= d out of 32 supported
          =            First VF RID Of= fset 0x006d, VF RID Stride 0x0001
          =            VF Device ID 0x= 37cd
          =            Page Sizes: 409= 6 (enabled), 8192, 65536, 262144, 1048576, 4194304
    ecap 0017[1a0] =3D TPH Requester 1
    ecap 000d[1b0] =3D ACS 1 Source Validatio= n unavailable, Translation Blocking unavailable
          =            P2P Req Redirec= t unavailable, P2P Cmpl Redirect unavailable
          =            P2P Upstream Fo= rwarding unavailable, P2P Egress Control unavailable
          =            P2P Direct Tran= slated unavailable, Enhanced Capability unavailable
  PCI-e errors =3D Correctable Error Detected
          =        Unsupported Request Detected
     Corrected =3D Advisory Non-Fatal Er= ror
    VPD ident  =3D 'Example VPD'

# ifconfig
[...]
ixl3: flags=3D8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICA= ST> metric 0 mtu 1500
        options=3D4a500b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VL= AN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76= :ef:9d
        media: Ethernet a= utoselect (10Gbase-SR <full-duplex>)
        status: active         nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ixl3.15: flags=3D8942<BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST&= gt; metric 0 mtu 1500
        options=3D4200001= <RXCSUM,RXCSUM_IPV6,NOMAP>
        ether a4:bf:01:76= :ef:9d
        groups: vlan
        vlan: 15 vlanprot= o: 802.1q vlanpcp: 0 parent interface: ixl3
        media: Ethernet a= utoselect (10Gbase-SR <full-duplex>)
        status: active         nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
bridge0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 58:9c:fc:10= :dd:05
        inet 192.168.55.2= 0 netmask 0xffffff00 broadcast 192.168.55.255
        id 00:00:00:00:00= :00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt= 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:= 00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0.1 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
          =       ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: ixl3.15 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
          =       ifmaxaddr 0 port 8 priority 128 path cost 55
        groups: bridge         nd6 options=3D9&l= t;PERFORMNUD,IFDISABLED>
[...]



# cat /etc/rc.conf
[...]
ifconfig_ixl3=3D"up"
vlans_ixl3=3D"15"
cloned_interfaces=3D"bridge0"
ifconfig_bridge0=3D"addm ixl3.15 up"
[...]



# dmesg | grep ixl
ixl0: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb3000000-0xb3ffffff,0xb5018000-0xb501ffff at device 0.0 numa-domain 0 on pci6
ixl0: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl0: PF-ID[0]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl0: Using 1024 TX descriptors and 1024 RX descriptors
ixl0: Using 12 RX queues 12 TX queues
ixl0: Using MSI-X interrupts with 13 vectors
= ixl0: Ethernet address: a4:bf:01:76:ef:9a
ixl0: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl0: SR-IOV ready
ixl0: netmap queues/slots: TX 12/1024, RX 12/1024
ixl1: <Intel(R) Ethernet Connection X722 for 10GBASE-T - 2.3.3-k> mem 0xb2000000-0xb2ffffff,0xb5010000-0xb5017fff at device 0.1 numa-domain 0 on pci6
ixl1: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl1: PF-ID[1]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, MDIO shared
ixl1: Using 1024 TX descriptors and 1024 RX descriptors
ixl1: Using 12 RX queues 12 TX queues
ixl1: Using MSI-X interrupts with 13 vectors
= ixl1: Ethernet address: a4:bf:01:76:ef:9b
ixl1: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl1: SR-IOV ready
ixl1: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb1000000-0xb1ffffff,0xb5008000-0xb500ffff at device 0.2 numa-domain 0 on pci6
ixl2: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl2: PF-ID[2]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl2: Using 1024 TX descriptors and 1024 RX descriptors
ixl2: Using 12 RX queues 12 TX queues
ixl2: Using MSI-X interrupts with 13 vectors
= ixl2: Ethernet address: a4:bf:01:76:ef:9c
ixl2: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl2: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl2: SR-IOV ready
ixl2: netmap queues/slots: TX 12/1024, RX 12/1024
ixl3: <Intel(R) Ethernet Connection X722 for 10GbE SFP+ - 2.3.3-k> mem 0xb0000000-0xb0ffffff,0xb5000000-0xb5007fff at device 0.3 numa-domain 0 on pci6
ixl3: fw 3.1.55727 api 1.5 nvm 3.31 etid 80000d32 oem 1.262.0
ixl3: PF-ID[3]: VFs 32, MSI-X 129, VF MSI-X 5, QPs 384, I2C
ixl3: Using 1024 TX descriptors and 1024 RX descriptors
ixl3: Using 12 RX queues 12 TX queues
ixl3: Using MSI-X interrupts with 13 vectors
= ixl3: Ethernet address: a4:bf:01:76:ef:9d
ixl3: Allocating 16 queues for PF LAN VSI; 12 queues active
ixl3: ixl_set_link: Error getting phy capabilities -7, aq error: 5
ixl3: SR-IOV ready
ixl3: netmap queues/slots: TX 12/1024, RX 12/1024
ixl2: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl2: link state changed to UP
ixl3: Link is up, 10 Gbps Full Duplex, Requested FEC: None, Negotiated FEC: None, Autoneg: False, Flow Control: None
ixl3: link state changed to UP
bridge0: can't disable some capabilities on ixl3.15: 0x400
ixl3: promiscuous mode enabled
ixl3.15: promiscuous mode enabled


from my packet traces:

# tcpdump -vvv -i ixl3

May you please add the option -e to tcpdump, so that the link-level header can be printed out.

```
# tcpdump -nvei ixl3
```

tcpdump: listening on ixl3, link-type EN10MB (Ethernet), capture size 262144 bytes
[...]
13:36:20.155843 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:20.156285 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46
13:36:21.169003 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
13:36:21.169538 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.55.1 is-at b8:27:eb:47:8f:43 (oui Unknown), length 46

Here the answer can be see, its tagged with 802.1q tag 15


# tcpdump -vvv -i ixl3.15
tcpdump: listening on ixl3.15, link-type EN10MB (Ethernet), capture size 262144 bytes
14:14:37.255429 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:14:42.263475 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:02.556311 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28
14:15:07.557644 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.55.1 tell 192.168.55.10, length 28

The answer cannot be seen on the VLAN interface ):


I hope the list can help me out here, as I am lost.


Thanks & best


Daniel


Best regards,
Zhenlei

=20
= --Apple-Mail-63F0A263-997C-4872-BFBB-3F96575D20C1-- From nobody Fri Jan 26 19:32:39 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TM7Bg5Vmgz58hhp; Fri, 26 Jan 2024 19:32:43 +0000 (UTC) (envelope-from kfodil-lemelin@xiplink.com) Received: from CAN01-YT3-obe.outbound.protection.outlook.com (mail-yt3can01on2130.outbound.protection.outlook.com [40.107.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "DigiCert Cloud Services CA-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TM7Bf6w2yz4887; Fri, 26 Jan 2024 19:32:42 +0000 (UTC) (envelope-from kfodil-lemelin@xiplink.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=xiplink.com header.s=selector2 header.b=WGYZgMHx; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=reject) header.from=xiplink.com; spf=pass (mx1.freebsd.org: domain of kfodil-lemelin@xiplink.com designates 40.107.115.130 as permitted sender) smtp.mailfrom=kfodil-lemelin@xiplink.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MyRh3AdGLr/jJAtzB+7p3tftv4eBCcagOE8QguoTpxRbR66zcYttU0iEAyjyPh6KW85ASj20Sa1AMcMFbzAd1lER/59xXlfn7V+1rWgelQJm2jGCqLDSRolr5swAWwn4sKWeQom75+j174Bqc6/QEn1/A+fWMIxdJrVBZxeB82QaI9kL7RnzsuI4f6labUAJFvM/ujvg3tbniWRB2Ac56DQnUdpI0lwea0DuNqr1bQBamGwmnkuIfl1+VpDkMK6XFL8mztjYt7Qvqv7jlxmHyQO7nAPtiLu1x5yJPKZBDqoxgX3b64lZtOb9JRl+uwdg84ZCscLqGJ7qAHNrYvXluQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FVWLPLP8SfGdchqxEX/bJIOZWot80DUVp4Z6G38om7o=; b=M1184+V/ANg1f+3CLlel2W+IfpT76BZjc3uQVcYlZ/1uJV4Ie2UyiTajeRx9VtsCvEu26xJiiYGe6MBvpSsW4unr7IO3FiTadD5WYIuUvUXbgX+Iz8869RXLfk3Qb8bKAdh2KYDuG9O//KKIfF9qUdrHzJC6IrpP8zlIerhxiKkCcWvwg48KzFkO/9wXTdeN/8MLVU4+ulDVDd0rKj2CQTWLa4Izr7lfQ7Hm9WlTrW5JCvNnpEKspf/71uciAd2xjlhw2f3YQXY9Zok111PVDZRbiiOkMZL+GnLeSKG6VtrC/Rhy2W+sB6TbIi5p+ZDjlTaQO02acxSpeq2WHDtWcA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=xiplink.com; dmarc=pass action=none header.from=xiplink.com; dkim=pass header.d=xiplink.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=xiplink.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FVWLPLP8SfGdchqxEX/bJIOZWot80DUVp4Z6G38om7o=; b=WGYZgMHxIE6XT68PNNHiHGCVMWlnrPVam222bML7rg2OLnsJbBXedod0jBtirknSYG64YZtR9A39a91xmPoFfvU5gdtK1IHNN1SZWI3Ozg+p+AP1UMqbyR/t6W9zy3v+iGGwTOv4yP2/NLOvWntnpWDfKc+YZqRKYB3RZ1Y2+5jAiRlLIOpMmY/Haj/Kx09Z48cg18L2fYGub6uGauGqM6uEWUV3NL+qR8yJDM/rkCFyCX1dg66aydtvsMnO5B/9dVQB2Iiox+c1TT/qdYsuhxWTkpY9PamCgaewFtgzo+GeRI36iDpjRYDo+2LBc84gI0si6LstVRCB9TWnj7UF2Q== Received: from QB1PR01MB3428.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:3a::13) by YT1PR01MB9097.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:cc::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27; Fri, 26 Jan 2024 19:32:41 +0000 Received: from QB1PR01MB3428.CANPRD01.PROD.OUTLOOK.COM ([fe80::fedb:1b11:3b0f:924a]) by QB1PR01MB3428.CANPRD01.PROD.OUTLOOK.COM ([fe80::fedb:1b11:3b0f:924a%5]) with mapi id 15.20.7228.027; Fri, 26 Jan 2024 19:32:41 +0000 Content-Type: multipart/alternative; boundary="------------UN2Nz2O9jdpjqwIdAJgUl4uu" Message-ID: <427708c9-7d62-443a-ad0f-4848bf8aff8f@xiplink.com> Date: Fri, 26 Jan 2024 14:32:39 -0500 User-Agent: Mozilla Thunderbird Subject: Re: tag/untag Content-Language: en-US References: <7915c1d1-99a3-4459-85ac-9451bec06c24@xiplink.com> To: Mikhail Holt , freebsd-ipfw@FreeBSD.org, FreeBSD Net Cc: Kristof Provost , imp@freebsd.org From: Karim Fodil-Lemelin In-Reply-To: <7915c1d1-99a3-4459-85ac-9451bec06c24@xiplink.com> X-Forwarded-Message-Id: <7915c1d1-99a3-4459-85ac-9451bec06c24@xiplink.com> X-ClientProxiedBy: YQZPR01CA0075.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c01:84::10) To QB1PR01MB3428.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:3a::13) List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: QB1PR01MB3428:EE_|YT1PR01MB9097:EE_ X-MS-Office365-Filtering-Correlation-Id: f328602f-3824-4ade-d5fa-08dc1ea58f7e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qM90gb7M4tbuxIzZ1eHbDRVNlgsTMpNaLZ7w/E+4FoD9z4+B7sPfkfk8x/oAjCyMSo/LQffGp2+MyiWkfkNMLUGBJNxs3BqTDGB36ysuqwLX5LU3yFm9tX6TXr21U2OHatVBYv4Jf5Gw+RsR7S2ym0OhhrQUbMAqOyPeZ8u8QcDBpVaF4uEqAbqlg7noyJIn4WtupeGo/nVksSs/ws+UTU4TrA843vG06KS6iNOuIYe3QtpFK+dartf2RW+StMGmZgneuZZ5WmQQrKuYvxTEkwxSL8174MfgFD5nRR+xdbQxzkwGVrlhgI7iRTQYc0d6j+iaRyFG5i8RLQ+pLH2OM2C5vBgwjFFe6fyprNsTPYoVbPmBigL+fownJ5O7faU9o+t8+cRpnOB+xHKBPKmRsuH9gvPE40mk6LKgZShkj22CE1mtOER0llUOzNxeac9rYGmRLSKiz6JoIB9ob8UhQTo1wVqTDPEmZGlztTrMyxRsxPf8epY+hY0GouGlSqH6fwgzs2KbRPQXaYcEDmXJcfxm0obDiLpCG98LrJovX4H0nEuTw7i1/ms3TVVWpgs5b+R6dO22LI2aQsskJFTKdleUfqnB3+NLPd9AAQSdWfqqkFiJjAg2u6ONOqVTcHDZnEMDq6MfgAYPUlVPhIqlzw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:QB1PR01MB3428.CANPRD01.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230031)(366004)(346002)(39830400003)(396003)(136003)(376002)(230922051799003)(186009)(64100799003)(451199024)(1800799012)(83380400001)(3480700007)(6512007)(2616005)(38100700002)(8936002)(5660300002)(4326008)(110136005)(8676002)(66556008)(478600001)(6486002)(30864003)(6506007)(33964004)(66476007)(2906002)(66946007)(53546011)(316002)(41300700001)(31696002)(36756003)(86362001)(31686004)(43740500002)(45980500001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MXEweWhjWnI3ajZua3lyNXRaY1ZlS0w0UjFjcGZCc3d2aU52aWtXa0JFTmV2?= =?utf-8?B?VzVyTTVBbERzd3Bybmx1OHg3N2NGWmRFWGF2NVBOeGQvREpXTDErR2J0Ynp3?= =?utf-8?B?OHFIVEtFaTlsczFKUTVYYW8xRU1LSFhwakpHNzloMitjRVRxenFCWmptcllT?= =?utf-8?B?ZDk0cXJyd21vbmwydzI2RnBYcEFYaWtGVzJmamFKMG5mK3l3N2ZBUy9kRng4?= =?utf-8?B?OUhMOG56OWVKQVA3K0EyQk1IdHEyRjA1Um14TGdKNTA4WXI5NEpxQm96MjB1?= =?utf-8?B?YXBYKzB5UTlkcTNTeDhrK2I4T0haajc1ekkvR2VrWnB2TWluRnlPWWVOZHlp?= =?utf-8?B?aXdmM2xtRHVnYTgzNXJ0ZUhLWTVncU1nZ0tBazBZSUpKa01DT2dySW5ZVG9j?= =?utf-8?B?TVNlK3JmaUtlK2lRUitEL0RmaVVFV3J5U0lDSUxmUkt4ZHBvTFZuZTlLcHZC?= =?utf-8?B?QkJsZjF0U1NocTZvNXhjblA5VG1VZVE2dkxqaytWT3EzNkhMTlpxUHkyamJw?= =?utf-8?B?M05FU3BtOGtHU3A5VHRteDh2TXI5RHZoVHZBcWdHWnNDaFBRRUQ3VVFDbmxU?= =?utf-8?B?N3NqdWd5UFFtellrWlI4WW1WbkFWNlM5UWpacFlLNjJpaXo4MXNBU2xGQ3do?= =?utf-8?B?aHdjaW5mNHJ3MzVIb3BYczFNUWVDVUJXZWRtYnUwbENGVzJzQXo0THJWVmdR?= =?utf-8?B?b1h0WDA3VDZ1QitoRkh0cXJES0pqeFN2aVlFWWZhSTRqWWVvWTVsNVFaOFM4?= =?utf-8?B?YTdyTEJnOUlFY0NkN040NzZUS0twSFg0Y29GMDlYMUt4d0JleUlFbUs3MlN5?= =?utf-8?B?aVY3dFBRK05EZTA5U3ZpTGV3eDlSL0V1MStRcjJ6Q05MSGsyZENHZm44ZUxI?= =?utf-8?B?TGdaOHRGMUJ2QWp3NWRoTmxzZ0UxWm13NG9lZzRGazJSYjFNRkRRUWFKSU9w?= =?utf-8?B?V0hTL1V3cGNhbXFxWlRPdDI1QUpZRzF0N3NJRDdqQ0kxaTFldisxNFYwTzli?= =?utf-8?B?dWduUUNMV0tSVmRTeGkxL25FM01McUw3MElGaU1wakpqbERxSjBBa1pKR3pR?= =?utf-8?B?dkpYY2dKNTY2dHlIM1cra01MMllHczFXbFJlalJ0TGtEMVNZS1VsSENWNkkr?= =?utf-8?B?UkJNdFovZkRPWlFmaW1JMTNLUmtoRU85Y2ZodEplZFN4cDFiMzgwZlpRVVVV?= =?utf-8?B?UWNuVHZkWFl2U1BxMHczSDhOb0FrN1kvWk5Zb0pXQWdpMlpwaXFZNEpoRG5u?= =?utf-8?B?amg0T2Y5YzJ2VFFVcnFXRDQxVDFvdkJwUnZzM1Q1QUNoWmdKSXlaYjFadWg0?= =?utf-8?B?VEVvNGo2TjRIK3FIdXczNFFwUjA3RG5XNW82SktBOERpRnJKYWpsa0NPbzJy?= =?utf-8?B?R2lNOWVzM1ExSFlEOVBoRzJHK2hVRDBVL3JsYklydFlqdGxLdnNaQ01qTUlT?= =?utf-8?B?b1hGSUNzeVd1UVBEYUNNQVdQMjlsR05DNDRHSTJadEppKzhPbkh2YlpITmZ3?= =?utf-8?B?YnVoWUF1QnRCZEpuMmhlVHQ1dEFzVkNPRzh3Y044U0Z0aHUvSHlhU1czUXRM?= =?utf-8?B?RGgxZTBPU0grbldsT3FhRnpNVU1GbHFzak9MVStpR0RPRTR2eG4wVVQxbmEy?= =?utf-8?B?cGNsdC8vNC9kWmRHUW1kVjBXUU9zMnpMWTJMUURKTFJRSjEwYUhKWnNnd296?= =?utf-8?B?Y3paRzZFV2NmdWMzeUd5dUM5YmpKV2ExOGZ4c0VMbDkvbzkyTCtYc085K1Vm?= =?utf-8?B?dDRGN3ZZZDVsM0NSd2RmWVFUMnEzOHpyQVJvc1dYVWZyTFErRTBDV1hHOG9T?= =?utf-8?B?UlkwaFowM01yeDZqYThGeFE3ckI1OGt3L0p1SGxqbjZUaHlvbjV1UFlsOGxE?= =?utf-8?B?QXhKUEJXMHgwS0RhVStyQkY5YnFEMzJid0xJTFlhM1BDRU1ncEZGZHJ2OUhU?= =?utf-8?B?cnFyK0ZZUndqZjZ0d1lsMVZtckNJOTh2YlFsVzlZNkxxdE10VktabUJpYnd6?= =?utf-8?B?YkZiaVMwc2NQM1FUTEwvb292a3V0eEczQzRYdVBkcWU2dHNwOTBLdWs3TUIv?= =?utf-8?B?Ym8rMnJMZW9CdXJZR3c4RXR2UHp3dmtLYjdhQ1JHN084V1hKOG5Ga0cwL1Nm?= =?utf-8?B?SWZjVVNud0NLTy9mZXowSjg2QURhQm1VcVU3SkQ2N0lMcUdlbXY3VFpxTS9j?= =?utf-8?B?ZHpVWEthQ1dwQzFVb1NidEdiR3Q4SUE1VlhFUTBqT3MvcndnRzVuTjZZbDlB?= =?utf-8?B?cUxvU3VPTU9ZNXhiRi8zYndldmRBPT0=?= X-OriginatorOrg: xiplink.com X-MS-Exchange-CrossTenant-Network-Message-Id: f328602f-3824-4ade-d5fa-08dc1ea58f7e X-MS-Exchange-CrossTenant-AuthSource: QB1PR01MB3428.CANPRD01.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 19:32:41.0974 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 14f927ba-c95b-4aa6-b674-375045ee9d4d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: lceuzQHP3MfVEe9m16dfRdFJ4qwMEWdyIZL4a8iPBpKdFmtTUSLeEsU8y14SKQR8ADO1UR92K/hy9yXrEi25NuBhz3/080o7RAhViDyAk/w= X-MS-Exchange-Transport-CrossTenantHeadersStamped: YT1PR01MB9097 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.46 / 15.00]; SUSPICIOUS_RECIPS(1.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.97)[-0.975]; DMARC_POLICY_ALLOW(-0.50)[xiplink.com,reject]; R_SPF_ALLOW(-0.20)[+ip4:40.107.0.0/16:c]; R_DKIM_ALLOW(-0.20)[xiplink.com:s=selector2]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; XM_UA_NO_VERSION(0.01)[]; TO_DN_SOME(0.00)[]; FREEMAIL_TO(0.00)[gmail.com,FreeBSD.org,freebsd.org]; DKIM_TRACE(0.00)[xiplink.com:+]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[40.107.115.130:from]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:8075, ipnet:40.104.0.0/14, country:US]; MLMMJ_DEST(0.00)[freebsd-ipfw@FreeBSD.org,freebsd-net@freebsd.org]; TAGGED_RCPT(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[40.107.115.130:from]; RCPT_COUNT_FIVE(0.00)[5] X-Rspamd-Queue-Id: 4TM7Bf6w2yz4887 --------------UN2Nz2O9jdpjqwIdAJgUl4uu Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Hi Mikhail, This is a very old bug in FreeBSD/ipfw O_PROBE_STATE and the good news is I have a fix for it. The fix is very easy and I will try to explain here what the bug is and what the fix is. The issue is only related to rules that have the F_NOT bit set and that are the beginning of the actions list of a keep-state rule. I'm also CCing some other folks that have authority in moving this forward so it hopefully gets into main eventually. If you are like me, this is a perfect read for a Friday afternoon ;) So here is how it goes: When you create a keep-state rule, the userland part of ipfw will insert a O_PROBE_STATE action at the very beginning of the rule so when a packet hits the rule the kernel will PROBE the list of installed dynamic rules for a match before installing such a rule (we don't want to create more than one dynamic rule per parent rule). The code responsible for this looks like this in ipfw2.c:         /*          * generate O_PROBE_STATE if necessary          */         if (have_state && have_state->opcode != O_CHECK_STATE && !have_rstate) {                 fill_cmd(dst, O_PROBE_STATE, 0, have_state->arg1);                 dst = next_cmd(dst, &rblen);         } Now ipfw userland also does something else when building the list of actions for a rule, it records the actions offset in the rule and put those actions together in a predetermined way, here is the section of ipfw2.c that does something like this:         /*          * start action section          */         rule->act_ofs = dst - rule->cmd;         /* put back O_LOG, O_ALTQ, O_TAG if necessary */ log --> if (have_log) {                 i = F_LEN(have_log);                 CHECK_RBUFLEN(i);                 bcopy(have_log, dst, i * sizeof(uint32_t));                 dst += i;         }         if (have_altq) {                 i = F_LEN(have_altq);                 CHECK_RBUFLEN(i);                 bcopy(have_altq, dst, i * sizeof(uint32_t));                 dst += i;         } tag --> if (have_tag) {                 i = F_LEN(have_tag);                 CHECK_RBUFLEN(i);                 bcopy(have_tag, dst, i * sizeof(uint32_t));                 dst += i;         } Nothing wrong with all this and if you are still with me (kudos to you) please take a moment to notice the 'log' action is _before_ the 'tag' action. This will be important later to understand why some rules in your example works and why some don't, although you may already have a clue... Now let's transport ourselves into the kernel code, precisely in sys/netpfil/ipfw/ip_fw2.c around line 2865. Here we are inside the O_PROBE_STATE case and notice how after we find a dynamic entry how the kernel will 'reset' the cmd pointer to the action part of the parent rule by doing something like this: /*                                          * Found dynamic entry, jump to the                                          * 'action' part of the parent rule                                          * by setting f, cmd, l and clearing                                          * cmdlen.                                          */                                         f = q;                                         f_pos = dyn_info.f_pos; cmd pointer is reset -->                cmd = ACTION_PTR(f);                                         l = f->cmd_len - f->act_ofs;                                         cmdlen = 0;                                         match = 1;                                         break;                                 } At this precise moment (pointed by the -->), if we refer to your example below, we would be hitting the dynamic rule entry and have cmd pointer reset to the ACTION part of the 'untag 10' action you have entered. We then set a few things and break from the switch statement. Now this gets us at the end of the switch statement where FreeBSD does something like this (around line 3337): /*                          * if we get here with l=0, then match is irrelevant.                          */ cmd is 'untag' -->      if (cmd->len & F_NOT)                                 match = !match;                         if (match) {                                 if (cmd->len & F_OR)                                         skip_or = 1;                         } else {                                 if (!(cmd->len & F_OR)) /* not an OR block, */ exits too early -->                     break;          /* try next rule    */                         }                 }       /* end of inner loop, scan opcodes */ If you look at the check for F_NOT bit (which is cleverly folded in the len part of the cmd) you realize that check is actually made against the 'untag' action and since untag is actually NOT tag it will match and change match into !match. The code will not try to go through the actual action and it will exit the loop too early. Essentially, by resetting the cmd action pointer we should give a chance for O_TAG (F_NOT) to be called and not simply turn match into a no match. The fix for this is very simple and goes like this: diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c index d2b01fd..57c02dc 100644 --- a/sys/netpfil/ipfw/ip_fw2.c +++ b/sys/netpfil/ipfw/ip_fw2.c @@ -2887,7 +2887,8 @@ do { \                                   l = f->cmd_len - f->act_ofs;                                   cmdlen = 0;                                   match = 1; -                                 break; +                                 continue; +                                 break; /* not reached */                                 }                                 /*                                  * Dynamic entry not found. If CHECK_STATE, Now why did it work for you when you used log? Well I'm sure you remember that, because O_LOG is inserted _before_ O_TAG and that O_LOG doesn't have the F_NOT bit set then match is still 1 at the end of the loop and the actual cmd (LOG in this case) will have a chance to execute. Finally, if your still reading, I think this bug has been in ipfw for a very long time, great catch buddy! Best, Karim. PS: If you feel like compiling a kernel with my fix and testing it I'm sure the community would appreciate your feedback. On 2023-11-08 2:26 a.m., Mikhail Holt wrote: > Hello List, > > On a recent Stable 13 test host I, by accident, found that: > > /sbin/ipfw -q add 0031 allow              tcp from 192.168.64.0/24 to > me dst-port ssh in via igb3 setup keep-state   WORKS > > /sbin/ipfw -q add 0031 allow log          tcp from 192.168.64.0/24 to > me dst-port ssh in via igb3 setup keep-state   WORKS > > /sbin/ipfw -q add 0031 allow log tag   10 tcp from 192.168.64.0/24 to > me dst-port ssh in via igb3 setup keep-state   WORKS > > /sbin/ipfw -q add 0031 allow log untag 10 tcp from 192.168.64.0/24 to > me dst-port ssh in via igb3 setup keep-state   WORKS > > /sbin/ipfw -q add 0031 allow     untag 10 tcp from 192.168.64.0/24 to > me dst-port ssh in via igb3 setup keep-state   DOES NOT WORK? > - A dynamic rule is created as per the rules that work. > - Packets are logged by a deny all rule which of course is never > reached by the rules that work. > > Not a real issue for me but thought it worth noting. > > Mik. --------------UN2Nz2O9jdpjqwIdAJgUl4uu Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit Hi Mikhail,

This is a very old bug in FreeBSD/ipfw O_PROBE_STATE and the good news is I have a fix for it. The fix is very easy and I will try to explain here what the bug is and what the fix is. The issue is only related to rules that have the F_NOT bit set and that are the beginning of the actions list of a keep-state rule. I'm also CCing some other folks that have authority in moving this forward so it hopefully gets into main eventually.

If you are like me, this is a perfect read for a Friday afternoon ;)

So here is how it goes:

When you create a keep-state rule, the userland part of ipfw will insert a O_PROBE_STATE action at the very beginning of the rule so when a packet hits the rule the kernel will PROBE the list of installed dynamic rules for a match before installing such a rule (we don't want to create more than one dynamic rule per parent rule). The code responsible for this looks like this in ipfw2.c:

        /*
         * generate O_PROBE_STATE if necessary
         */
        if (have_state && have_state->opcode != O_CHECK_STATE && !have_rstate) {
                fill_cmd(dst, O_PROBE_STATE, 0, have_state->arg1);
                dst = next_cmd(dst, &rblen);
        }  

Now ipfw userland also does something else when building the list of actions for a rule, it records the actions offset in the rule and put those actions together in a predetermined way, here is the section of ipfw2.c that does something like this:

        /*
         * start action section
         */
        rule->act_ofs = dst - rule->cmd;
           
        /* put back O_LOG, O_ALTQ, O_TAG if necessary */
log --> if (have_log) {
                i = F_LEN(have_log);
                CHECK_RBUFLEN(i);
                bcopy(have_log, dst, i * sizeof(uint32_t));
                dst += i;
        }
        if (have_altq) {
                i = F_LEN(have_altq);
                CHECK_RBUFLEN(i);
                bcopy(have_altq, dst, i * sizeof(uint32_t));
                dst += i;
        }
tag --> if (have_tag) {
                i = F_LEN(have_tag);
                CHECK_RBUFLEN(i);
                bcopy(have_tag, dst, i * sizeof(uint32_t));
                dst += i;   
        }

Nothing wrong with all this and if you are still with me (kudos to you) please take a moment to notice the 'log' action is _before_ the 'tag' action. This will be important later to understand why some rules in your example works and why some don't, although you may already have a clue...

Now let's transport ourselves into the kernel code, precisely in sys/netpfil/ipfw/ip_fw2.c around line 2865. Here we are inside the O_PROBE_STATE case and notice how after we find a dynamic entry how the kernel will 'reset' the cmd pointer to the action part of the parent rule by doing something like this:

                                       /*
                                         * Found dynamic entry, jump to the
                                         * 'action' part of the parent rule
                                         * by setting f, cmd, l and clearing
                                         * cmdlen.
                                         */
                                        f = q;
                                        f_pos = dyn_info.f_pos;
cmd pointer is reset -->                cmd = ACTION_PTR(f);
                                        l = f->cmd_len - f->act_ofs;
                                        cmdlen = 0;
                                        match = 1;
                                        break;
                                }

At this precise moment (pointed by the -->), if we refer to your example below, we would be hitting the dynamic rule entry and have cmd pointer reset to the ACTION part of the 'untag 10' action you have entered. We then set a few things and break from the switch statement. Now this gets us at the end of the switch statement where FreeBSD does something like this (around line 3337):

                        /*
                         * if we get here with l=0, then match is irrelevant.
                         */

cmd is 'untag' -->      if (cmd->len & F_NOT)
                                match = !match;

                        if (match) {
                                if (cmd->len & F_OR)
                                        skip_or = 1;
                        } else {
                                if (!(cmd->len & F_OR)) /* not an OR block, */
exits too early -->                     break;          /* try next rule    */
                        }

                }       /* end of inner loop, scan opcodes */

If you look at the check for F_NOT bit (which is cleverly folded in the len part of the cmd) you realize that check is actually made against the 'untag' action and since untag is actually NOT tag it will match and change match into !match. The code will not try to go through the actual action and it will exit the loop too early.

Essentially, by resetting the cmd action pointer we should give a chance for O_TAG (F_NOT) to be called and not simply turn match into a no match. The fix for this is very simple and goes like this:

diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c
index d2b01fd..57c02dc 100644
--- a/sys/netpfil/ipfw/ip_fw2.c
+++ b/sys/netpfil/ipfw/ip_fw2.c
@@ -2887,7 +2887,8 @@ do {                                                              \
                                  l = f->cmd_len - f->act_ofs;
                                  cmdlen = 0;
                                  match = 1;
-                                 break;
+                                 continue;
+                                 break; /* not reached */
                                }
                                /*
                                 * Dynamic entry not found. If CHECK_STATE,


Now why did it work for you when you used log? Well I'm sure you remember that, because O_LOG is inserted _before_ O_TAG and that O_LOG doesn't have the F_NOT bit set then match is still 1 at the end of the loop and the actual cmd (LOG in this case) will have a chance to execute.

Finally, if your still reading, I think this bug has been in ipfw for a very long time, great catch buddy!

Best,

Karim.

PS: If you feel like compiling a kernel with my fix and testing it I'm sure the community would appreciate your feedback.

On 2023-11-08 2:26 a.m., Mikhail Holt wrote:
Hello List,

On a recent Stable 13 test host I, by accident, found that:

/sbin/ipfw -q add 0031 allow              tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state   WORKS

/sbin/ipfw -q add 0031 allow log          tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state   WORKS

/sbin/ipfw -q add 0031 allow log tag   10 tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state   WORKS

/sbin/ipfw -q add 0031 allow log untag 10 tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state   WORKS

/sbin/ipfw -q add 0031 allow     untag 10 tcp from 192.168.64.0/24 to me dst-port ssh in via igb3 setup keep-state   DOES NOT WORK?
- A dynamic rule is created as per the rules that work.
- Packets are logged by a deny all rule which of course is never reached by the rules that work.

Not a real issue for me but thought it worth noting.

Mik.

--------------UN2Nz2O9jdpjqwIdAJgUl4uu-- From nobody Sun Jan 28 04:08:04 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TMyZt1w6zz57f2X for ; Sun, 28 Jan 2024 04:08:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TMyZs6lPKz4st6 for ; Sun, 28 Jan 2024 04:08:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706414885; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qvtz44VXqFhHVzWt7czqABgl/om77JTVahhg6Pz4Usc=; b=nSfBjTJEHIsmkBqlJAwa3Evikxria2zGlspUxxXNz1EF+h+rnb8VzRWrmzgDXGF/5nmxwZ 3VfScq0YGR+Dz2/orh9D1mx18s8gTGeOijV0uZ2c2vdzbeSL53fC2aXSZWnf8uU8PU34aJ sSfhZCR6seQ7lu/6Vq3neakR2w8fCyWK7sPzSy/2g2QFlUfkybhQyEr++siuZQpH8hreHa a6LLFl9CkbIW27ZtEfvBfVlETiZqKJwwEULuL/HepPUusKvJt3xzBOUNbPrlLjCOgQzKzj ym/nDlPzhqNsgXk5sixpMbUSM8s/HLAqxr/nwcL9U9TLkqvrWD4xstJO3sJjcQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706414885; a=rsa-sha256; cv=none; b=NuzgOOUzYcmJh2HiLWu/EYIodPc98HseYoy5hGKWAoxYm7UnBGUr4+mXNsIJ1XuyJ3pqd0 Z+tNR6aSr0dPEFaMv4qu6Uyk7LcPNMf/NZ47hUWj7yorRhhH9tKskxrcWwO5Dre4iMZrY9 vvFj5ZD4Qly4HbFIKHsrKkmz9AVxi6yfi3I1K7yYqtmbD6qq6JHOXz/NolhNxj2N+9sb/6 y3tgS8pyOSzhl1pH2G4WT5YE7AsHIiCseR8TRZZLfI+yoP8SAQWxLIR64NTNs+bRM0V3Y8 yHL76yS7zad3lkWsBeopU1QJYgO9J491aXd+g8mPh9aSYn27GnHZTK5tcUkmmQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TMyZs5lPqzsvV for ; Sun, 28 Jan 2024 04:08:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40S485p9066299 for ; Sun, 28 Jan 2024 04:08:05 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40S485Ar066298 for net@FreeBSD.org; Sun, 28 Jan 2024 04:08:05 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276674] [panic] [htcp] sysctl net.inet.tcp.cc.algorithm=htcp produces kernel panic Date: Sun, 28 Jan 2024 04:08:04 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276674 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |net@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sun Jan 28 07:30:11 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TN3445JCWz5819w for ; Sun, 28 Jan 2024 07:30:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TN3443fD3z4H8x for ; Sun, 28 Jan 2024 07:30:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706427012; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8oHN7Lpb9+W3pEdbtUnunDoca8AED5/mWuYTxhinMRU=; b=esEkz4UDnAJCuW6M5ejO9EeGGjrFLzMS6Pbs9i+zhEwQKCHqoAfm/WWAIVDLAIKSqtNucA tdt88vnXKdFG304fHV3dOoV1UbcnvMpk4QFBqwtGoMaWma85GrjoLasYtKv+S3KjEvQmo4 YQk5YtVZ8oE7PCkHBIgwjN/ZjipN2iOj9tkvvprlI6bVd+6z6v1a+uqGlIm+brLpHpqd5G DA29MnaADyhWyLqrd+3vPMLnOUbtcFprdMqnDIVuXFLlPY1xTwR3WpcBw1G8MqI+19rl0G X3V/nXiwIywTOXUbROnu0+/eW2xSXbLkbWJBWEjOTbjQregM1agJj7m249S1Ig== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706427012; a=rsa-sha256; cv=none; b=ROVjBvsxo4hPMUQ19+ToudRmjT7zkYNcTQkhr6hvoF0+5mdOvGlxkOwsYOsqnF2Mk4U/r0 nngQHVH+F0Zw+tmQJX0LEEE1XTKiPCuCJkyszseNmXq+5CskVeN6JszrbHvygLUqAiiK8k 371D4z28JR0TcivpVoNmcVjxLLKmRetB+6Su5ee4Mxg+Ox6pwpbCQQdferHkd+K3OnB+qM P813ilo7VUjn+Wj69MZ1nPWnX+cC7LERhy4hwTRTvk+gx0XQY+vdShqTPFFxmXkbJ9csLt qxM3f1jTtrzxj2nr085nSBvr0hEEtTOJnceXUvSdLw7/p/jSknRraamkYLNrSw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TN3442lYxzyXQ for ; Sun, 28 Jan 2024 07:30:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40S7UCMa059011 for ; Sun, 28 Jan 2024 07:30:12 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40S7UCZ1059010 for net@FreeBSD.org; Sun, 28 Jan 2024 07:30:12 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276674] [panic] [htcp] sysctl net.inet.tcp.cc.algorithm=htcp produces kernel panic Date: Sun, 28 Jan 2024 07:30:11 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: rscheff@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276674 --- Comment #2 from Richard Scheffenegger --- would the core be available? the backtrace or minidump don't reveal anything obvious... --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sun Jan 28 14:13:05 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TND0y5Bl3z58fX7 for ; Sun, 28 Jan 2024 14:13:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TND0y0DnMz57Hh for ; Sun, 28 Jan 2024 14:13:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706451186; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Brwvu2pxy0vdvZYX7PQllUbF9EuDEW3n4sJpY/cf838=; b=YXUbRqFIgtvVJn/mXSEIpzvtBU0Fy3lwrnkBTCGIKKRnBpQ0MF9QhdQOqUyG3iHWX4QhLo +GfVJWCgJPEno9gxPj39DVjh4ciLHGe5HP6a5GnR3sJOEgpXIsQIt0kiTBzBorfs2dHg7p i9A3Wz4FxCsrkdQNSzuRfi1LAgIDaPvPy0rEa4FVgjQ6t0/+610IXosGAP+BItOeGDKfQj sYtMda+W8y+j1riLOiYGyYa3awS43IAjuvdhUx5zZoxxRDGuUBRpzLYj7/PsYn9gyzHwT1 WhuEb88+Wf3Q0qrg3Ein319xUVpASIlkkZ+RlWD/6YtyfZ8dKcu9ix74KAM57Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706451186; a=rsa-sha256; cv=none; b=DkQsy+z/Eh/+bGfzyXZhO0nSlzXh+Uw9Fv8TtCZ/K7Im37Tb/HZnu5s/11QF/+pAuh7PR3 v4T45mwqnRizyxxVulw/XjF2gk1nlFDA9yZ5yWYFW0TDX1ag0lahPQcG8VufbaxYi8GWW9 q05t7+SpsP3ihgzHEWTx9Xn4goYbxaPYgYlcbVb6JB13FOqsZ5/h63F0nntCzrb0qGL1lA v211LcyRwDPLBspr6dOKmnlT4HKAi9ppZjmwQE27yv1aCqxm2/e9NnrEgRCV8Ko7rgMS5Q WFg8J6pdP6VLOnnHvpUNkdYVX7h7PnZ9REvicyFgo4Q7V7HXCdD6ooJyvLyz2A== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TND0x6Pbpz19df for ; Sun, 28 Jan 2024 14:13:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40SED5gO059520 for ; Sun, 28 Jan 2024 14:13:05 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40SED5XI059518 for net@FreeBSD.org; Sun, 28 Jan 2024 14:13:05 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276674] [panic] [htcp] sysctl net.inet.tcp.cc.algorithm=htcp produces kernel panic Date: Sun, 28 Jan 2024 14:13:05 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: admin@support.od.ua X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276674 --- Comment #3 from Vladyslav V. Prodan --- (In reply to Richard Scheffenegger from comment #2) I added the option sysrc savecore=3D"YES" And unpacked the debug kernel on the target machine. # env LANG=3Den_EN.UTF-8 ls -l /usr/lib/debug/boot/kernel/kernel.debug -r--r--r-- 1 root wheel 122662424 Jan 9 06:11 /usr/lib/debug/boot/kernel/kernel.debug Changed sysctl option to trigger crashdump # sysctl net.inet.tcp.cc.algorithm=3Dhtcp net.inet.tcp.cc.algorithm: newreno -> htcp You need to wait 2-6 days for crashdump to appear... --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sun Jan 28 14:17:56 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TND6Y5R7tz58fy3 for ; Sun, 28 Jan 2024 14:17:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TND6Y1lVhz58T0 for ; Sun, 28 Jan 2024 14:17:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706451477; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1styFdgO69dtX7J1drh7reXnJP2W+SbyWymguTZY8QI=; b=nT5C7wBSrKX2cRn9MFzQI2TmVG0yCVbPV5MkVLKNp/UH+P3j2kJVHATLkiab/x8Cj0iNIO rNvW8vsPWvndCyvRx8ooJi9rLOXnMb5mIwSnSFTB5aIIrDk6t+9eoDjTbM/4OHY/CQqm2W cX/0Q0D18qQqnubW/gWvnlpIhIgvVm1D7Qux1GXfMsPzVY3+UR/lOCt68pvzA9KlGt+FMZ Fv0I1YxmJP8m+TNWHF/nlasgwXciNjh+xxW4La1DLvmSmh9abQz0EUFEWnqSiNPBdksFKJ oxy7MkqYI9AfRerZfLZgz6gHr4DvuEzziAPROcvhObo2nReJIDZsSvtG9v3+Pw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706451477; a=rsa-sha256; cv=none; b=BnKhChSKI5oiCGVuCe0yN4CdKK2A/vtZwwdTCuMcgMXDOy1e+7sO9mPK16K22jRtZzDINz mO27c1EAn+PK+0wUHQ/Wkn4NgYgQUuWErViadirwjUwhDBTxYWjQjzK/N0UK6l3ksCj/Ed 1SF2KZQjMf4KhiRCaJ1Qh9ahTRGGSc4GIoZ/wsxvBYpLmI7Mkt36vaBZTqpaKMJu2jrl2S E6vuVgqL3mI1dq4Fha9Gg+mp1hbUoLyEndhGSzej+pEFifQDgA7QXfMIQ/dJhtf/nFvvPb NFrDwrXoK4TN2m36RB2Xkfgk2Z/FyWgcieuCZj22X0xf8IU4FeaWPcInpU11bA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TND6X3kTTz19Tf for ; Sun, 28 Jan 2024 14:17:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40SEHu6I074342 for ; Sun, 28 Jan 2024 14:17:56 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40SEHuHO074341 for net@FreeBSD.org; Sun, 28 Jan 2024 14:17:56 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 276674] [panic] [htcp] sysctl net.inet.tcp.cc.algorithm=htcp produces kernel panic Date: Sun, 28 Jan 2024 14:17:56 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: admin@support.od.ua X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276674 --- Comment #4 from Vladyslav V. Prodan --- Those interested can deploy the archives of my system snapshot and try to reproduce panic. https://freebsd.support.org.ua/snapshots/13.2/13.2-STABLE%202cd20d9bc%2008-= 01-2024/ --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sun Jan 28 21:00:07 2024 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNP2c0Mh0z59HP8 for ; Sun, 28 Jan 2024 21:00:08 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNP2b5PTnz49qg for ; Sun, 28 Jan 2024 21:00:07 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706475607; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XEnguCArXTKnjHG1f39XfcHnVv+eSYz/JPsyZCwFvH0=; b=RlQBahs/qgoEGjSv50tAwPqoWbyWQaEgJ6XTqihKE7/XOfqdnlW0ZDGWtMJPrhq4q5Odc4 BZVno9K6yU71uaSWYHRe2jMvxTZUtX9iapsDiCde3F/jIOte+gkYrsaGLnmmyy/+kqiV/y 5Ki78mql8DjFs7yfwtXg3hhTQZg4dW4inPs0/6snQPmVNYDdjiHb75nygFW9seVQRZTHdV Dj63GRlENtYRHZvq8mVxVd6Gpj2wCVa0GbBV5I7XucUBWkeDF+FQ6A7KZc332jBLWdtvt9 6J/MAgHy7EGLJm0fysqftoAtUacPZoOhgUF2Plt12ju6WJ6NFknWvglDZ8HZFQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706475607; a=rsa-sha256; cv=none; b=H+QKcTpLLIiQUb11vfgOEB6yIOJMiUINidct0Swt7NEpcuo84ndy9nFlMj9TuzPV2MFSjd JLmhRTPgpfw2dL9UdFB/LphPyfu8qK8T3JdMUAg6vzNfm3GMj+uWVY6UDd3O51OzbvAuNW Z7zJfdni8iygsYlqX3qazqQmZpKNlkEy3DUmaX5vyemWQ50dOAlm8IhOBzuapPi6GYvKc3 AF0pxI9/oF5CEQsp1KBv2SLrX6pbbjOMAK6ruezB2fQtas0wqtygaG4rKXPxjifvM+kB64 Ce8oL3lVBiDtso//7a7nCvZYHdQ9t0IAT511d+1OzFzod2PPamwj51SREs2YYA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TNP2b4W8DzMxk for ; Sun, 28 Jan 2024 21:00:07 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40SL07g1072396 for ; Sun, 28 Jan 2024 21:00:07 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40SL070g072395 for net@FreeBSD.org; Sun, 28 Jan 2024 21:00:07 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <202401282100.40SL070g072395@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: net@FreeBSD.org Subject: Problem reports for net@FreeBSD.org that need special attention Date: Sun, 28 Jan 2024 21:00:07 +0000 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="17064756070.e57aE4.69338" Content-Transfer-Encoding: 7bit --17064756070.e57aE4.69338 Date: Sun, 28 Jan 2024 21:00:07 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- In Progress | 275774 | IPv4 Mapper address problem New | 254445 | cloned_interfaces="bridge0" does not respect net. Open | 166724 | if_re(4): watchdog timeout Open | 200836 | iovctl(8): Return descriptions in the returned sc Open | 223824 | Panic in ng_base.c (netgraph) Open | 230807 | if_alc(4): Driver not working for Killer Networki Open | 232472 | ixgbe(4): SR-IOV passthru not working on Hyper-V Open | 234073 | ixl(4): Host X710-DA2 drops connect starting bhyv Open | 241106 | tun/ppp: panic: vm_fault: fault on nofault entry Open | 245981 | bnxt(4): BCM57414 / BCM57416 not initializing: bn Open | 256217 | [tcp] High system load because of interrupts with Open | 257038 | em(4): Panic on HTTP traffic to or from jail thro Open | 257286 | gateway with `ping -6 -e` is ignored Open | 258623 | cxgbe(4): Slow routing performance: 2 numa domain Open | 258850 | lagg(4): interface vanishes when both member inte Open | 261866 | ixgbe(4): Resets media type -> autoselect after s Open | 262024 | em(4): iflib handles bad packets incorrectly Open | 262093 | ixl(4): RX packet errors on Intel X710 after 12.2 Open | 263568 | ix(4): SR-IOV connection lost after loading VM wi In Progress | 118111 | rc: network.subr Add MAC address based interface 20 problems total for which you should take action. --17064756070.e57aE4.69338 Date: Sun, 28 Jan 2024 21:00:07 +0000 MIME-Version: 1.0 Content-Type: text/html; charset="UTF-8" 
The following is a listing of current problems submitted by FreeBSD users,
which need special attention. These represent problem reports covering
all versions including experimental development code and obsolete releases.

Status      |    Bug Id | Description
------------+-----------+---------------------------------------------------
In Progress |    275774 | IPv4 Mapper address problem
New         |    254445 | cloned_interfaces="bridge0" does not respect net.
Open        |    166724 | if_re(4): watchdog timeout
Open        |    200836 | iovctl(8): Return descriptions in the returned sc
Open        |    223824 | Panic in ng_base.c (netgraph)
Open        |    230807 | if_alc(4): Driver not working for Killer Networki
Open        |    232472 | ixgbe(4): SR-IOV passthru not working on Hyper-V 
Open        |    234073 | ixl(4): Host X710-DA2 drops connect starting bhyv
Open        |    241106 | tun/ppp: panic: vm_fault: fault on nofault entry 
Open        |    245981 | bnxt(4): BCM57414 / BCM57416 not initializing: bn
Open        |    256217 | [tcp] High system load because of interrupts with
Open        |    257038 | em(4): Panic on HTTP traffic to or from jail thro
Open        |    257286 | gateway with `ping -6 -e` is ignored
Open        |    258623 | cxgbe(4): Slow routing performance: 2 numa domain
Open        |    258850 | lagg(4): interface vanishes when both member inte
Open        |    261866 | ixgbe(4): Resets media type -> autoselect after s
Open        |    262024 | em(4): iflib handles bad packets incorrectly
Open        |    262093 | ixl(4): RX packet errors on Intel X710 after 12.2
Open        |    263568 | ix(4): SR-IOV connection lost after loading VM wi
In Progress |    118111 | rc: network.subr Add MAC address based interface 

20 problems total for which you should take action.
--17064756070.e57aE4.69338--