From nobody Tue Aug 27 11:42:26 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WtQdH3p4Mz5Vb5M
for <net@mlmmj.nyi.freebsd.org>; Tue, 27 Aug 2024 11:42:27 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WtQdH2mYnz4q5j
for <net@FreeBSD.org>; Tue, 27 Aug 2024 11:42:27 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724758947; a=rsa-sha256; cv=none;
b=szzpcq2L7ji238S1qDGZkV4Ft+Qh7AevJco8219hhg4NIUwHPbJJxaHWth26AgU+9DfXLF
7RVtiwUwwByo447u8vUjwUY1i4wFG/p7gmpcy24iEj39oPOXKjoFsDV3qBzUal5DyUHNvC
5SDCB2tvpp1afl9QjWFRLwyvpxgCh7sSzDf8oRbwmJ23bj7EBQk64t+OD128DbKc7G1Z59
rZSpFNp/kk330D1o8y8kDaTRkUAm2QaWgIUCxdMxpVrF4R9GHUNftI7P/e7j0woXOUlulY
drg+ee6Tl1Wai8JaAGTOHjZklMrrpsWZc/kBEJXEEw4n06smh6y21v+G30bMsA==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724758947;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=CYykLDnxCEIqzanPLtNicZerLTZUG0XBdum4rD17pTA=;
b=ZKlWMcD6SHpATiEhxKDhNqp9/JFnrApTGjQTz/rQtglihmOjz0Sct7MgLupwpRf3GhfNKs
ewdLLqHScAdenoBbYGCiTRBTLuw7ptqEiCd2ucRn1yRxahlVbFe8WmxdkhOdS9EY8kOP4y
g5V5sgLNUIxC/ePRHFBmaQ6yQts8SC0Ato2bY/wTXqM3+3CUxMd400HCOeLqb5vc/Ufs8I
TMO8JkC4HITO8oUQhNo9lZi4gr28vVzmMJFeKy6z6z5AiTC8iqWDk864/IpcAhbLVN+uty
WeAzivgo0eORJcMB3JNFIaGQ6fEjRQMFBh7OMwRsae5tUxNafp//gV/3xtkuWg==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WtQdH2Lwbzph5
for <net@FreeBSD.org>; Tue, 27 Aug 2024 11:42:27 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47RBgRp8068437
for <net@FreeBSD.org>; Tue, 27 Aug 2024 11:42:27 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47RBgRLG068436
for net@FreeBSD.org; Tue, 27 Aug 2024 11:42:27 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280701] FreeBSD-SA-24:05 fix breaks ICMP/ICMP6 states handling
in pf firewall (ping, traceroute)
Date: Tue, 27 Aug 2024 11:42:26 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: franco@opnsense.org
X-Bugzilla-Status: Open
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280701-7501-lvzSaHi1Rd@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280701
--- Comment #58 from Franco Fichtner <franco@opnsense.org> ---
I found these inconsistencies in the ported patches from OpenBSD:
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index ef488bad26d..c9180e877d5 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1878,7 +1878,7 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
*/
*icmp_dir =3D PF_IN;
*virtual_type =3D MLD_LISTENER_QUERY;
- *virtual_id =3D 0;
+ *virtual_id =3D 0; /* XXX missing fake id */
break;
}
case MLD_MTRACE:
@@ -1892,7 +1892,8 @@ pf_icmp_mapping(struct pf_pdesc *pd, u_int8_t type,
*icmp_dir =3D PF_IN;
case ND_NEIGHBOR_ADVERT: {
*virtual_type =3D ND_NEIGHBOR_SOLICIT;
- *virtual_id =3D 0;
+ *multi =3D PF_ICMP_MULTI_SOLICITED;
+ *virtual_id =3D 0; /* XXX missing fake id */
break;
}
>From early testing, however, it's not working any better with plugging back
PF_ICMP_MULTI_SOLICITED only. I'm unsure about the mock id effect. But wh=
at I
can say is that it's better to skip dealing with PF_ICMP_MULTI_SOLICITED as
OpenBSD did in 2012 too:
https://github.com/openbsd/src/commit/2633ae8c4c8a64
Another patch from 2023 is relevant as well as it disables half the state
tracking for unsolicited advertise cases:
https://github.com/openbsd/src/commit/49f39043a02d6
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Wed Aug 28 08:21:12 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wty6k61msz5PZxk
for <freebsd-net@mlmmj.nyi.freebsd.org>; Wed, 28 Aug 2024 08:21:18 +0000 (UTC)
(envelope-from yann.masson@thehomecave.fr)
Received: from smtp-42a9.mail.infomaniak.ch (smtp-42a9.mail.infomaniak.ch [84.16.66.169])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "relay.mail.infomaniak.ch", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wty6h363Qz4kqS
for <freebsd-net@freebsd.org>; Wed, 28 Aug 2024 08:21:16 +0000 (UTC)
(envelope-from yann.masson@thehomecave.fr)
Authentication-Results: mx1.freebsd.org;
dkim=pass header.d=thehomecave.fr header.s=20230803 header.b=U8DcHKEi;
dmarc=none;
spf=pass (mx1.freebsd.org: domain of yann.masson@thehomecave.fr designates 84.16.66.169 as permitted sender) smtp.mailfrom=yann.masson@thehomecave.fr
Received: from smtp-3-0001.mail.infomaniak.ch (smtp-3-0001.mail.infomaniak.ch [10.4.36.108])
by smtp-4-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4Wty6d51sdzGrb
for <freebsd-net@freebsd.org>; Wed, 28 Aug 2024 10:21:13 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thehomecave.fr;
s=20230803; t=1724833273;
bh=Yksu7+bOpEO6OFa1miR4yv4/QF7zQ4wXWCvaNoccik0=;
h=Date:To:From:Subject:From;
b=U8DcHKEiqMp8MYtLR2m25tOKdhtdXGxBPD0ivgCv/IEy4C/VxkGPDRZwRu+pJmk9b
qbVGIJFdl+q0t4RYB2QIlPYqmy4AtRPerJa32Ke5HQrfsQk/XrudyS0ej68tuDRgEg
+xPFDtz5bwBH25j4ho4boPig8p3XNM5cyTM1Lwvl8SIWYZHScReq3n9BYupmZbdCZA
8hH5iKbxCGg6nAY2kU3uwLspxdpyC5Mqnn9PyjDWEHF3Y4EG1tQYdcZJSay5U12lI7
QcLU0WTxvkZLnRzG4WEb8J+8ObX9HihTC9ZHme97EYXY3h/gpQ6yzaFExWSzz04oW8
4i3c+XmCQQiDw==
Received: from unknown by smtp-3-0001.mail.infomaniak.ch (Postfix) with ESMTPA id 4Wty6d2HmDzLp9
for <freebsd-net@freebsd.org>; Wed, 28 Aug 2024 10:21:13 +0200 (CEST)
Content-Type: multipart/alternative;
boundary="------------CXebCWEHadZeMXLtr0MEWi1X"
Message-ID: <d6e0e453-4322-4d57-9fbe-4b23b80ebfe9@thehomecave.fr>
Date: Wed, 28 Aug 2024 10:21:12 +0200
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: freebsd-net@freebsd.org
From: "yann.masson@thehomecave.fr" <yann.masson@thehomecave.fr>
Subject: wait link up before route configuration
X-Infomaniak-Routing: alpha
X-Spamd-Bar: --
X-Spamd-Result: default: False [-2.67 / 15.00];
NEURAL_HAM_MEDIUM(-1.00)[-1.000];
FROM_DN_EQ_ADDR(1.00)[];
NEURAL_HAM_LONG(-1.00)[-1.000];
NEURAL_HAM_SHORT(-0.98)[-0.981];
R_DKIM_ALLOW(-0.20)[thehomecave.fr:s=20230803];
R_SPF_ALLOW(-0.20)[+ip4:84.16.66.168/29];
MIME_GOOD(-0.10)[multipart/alternative,text/plain];
RCVD_IN_DNSWL_LOW(-0.10)[84.16.66.169:from];
RWL_MAILSPIKE_GOOD(-0.10)[84.16.66.169:from];
XM_UA_NO_VERSION(0.01)[];
RCPT_COUNT_ONE(0.00)[1];
ASN(0.00)[asn:29222, ipnet:84.16.64.0/19, country:CH];
MIME_TRACE(0.00)[0:+,1:+,2:~];
RCVD_VIA_SMTP_AUTH(0.00)[];
RCVD_COUNT_TWO(0.00)[2];
MID_RHS_MATCH_FROM(0.00)[];
ARC_NA(0.00)[];
TO_DN_NONE(0.00)[];
FROM_EQ_ENVFROM(0.00)[];
DMARC_NA(0.00)[thehomecave.fr];
TO_MATCH_ENVRCPT_ALL(0.00)[];
MLMMJ_DEST(0.00)[freebsd-net@freebsd.org];
PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org];
RCVD_TLS_LAST(0.00)[];
DKIM_TRACE(0.00)[thehomecave.fr:+]
X-Rspamd-Queue-Id: 4Wty6h363Qz4kqS
This is a multi-part message in MIME format.
--------------CXebCWEHadZeMXLtr0MEWi1X
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Hi After configuring interfaces and routes, and triggering a 'service
netif restart && service routing restart' is there a way to wait for the
'carrier up' of the interface before route reconfiguration? My use case
is a server with 2 Mellanox and a Lagg. The 2 mce interfaces are UP in
milliseconds but the lagg interface takes a few seconds to be UP, and
the routing service says 'Network unreachable'. The subnet is a /32 and
the gateway need a static route like: # /etc/rc.conf.d/netif
cloned_interfaces="lagg0" ifconfig_mce0="up" ifconfig_mce1="up"
ifconfig_lagg0="laggproto lacp laggport mce0 laggport mce1 198.51.100.1
netmask 255.255.255.255 mtu 1500" # /etc/rc.conf.d/routing
route_defaultgw="-host 203.0.113.1 -link -interface lagg0"
defaultrouter="203.0.113.1" static_routes="defaultgw" If I run 'service
netif restart && sleep 5 && service routing restart', everything is ok.
I didn't find any options for that, and was thinking about a patch in
the routing script. Thanks
--------------CXebCWEHadZeMXLtr0MEWi1X
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p><span
style="color: rgb(209, 210, 211); font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-size: 12px; font-style: normal; font-variant-ligatures: none; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgba(232, 232, 232, 0.04); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;">Hi
After configuring interfaces and routes, and triggering a 'service netif restart && service routing restart'
is there a way to wait for the 'carrier up' of the interface before route reconfiguration?
My use case is a server with 2 Mellanox and a Lagg. The 2 mce interfaces are UP in milliseconds but
the lagg interface takes a few seconds to be UP, and the routing service says 'Network unreachable'.
The subnet is a /32 and the gateway need a static route like:
# /etc/rc.conf.d/netif
cloned_interfaces="lagg0"
ifconfig_mce0="up"
ifconfig_mce1="up"
ifconfig_lagg0="laggproto lacp laggport mce0 laggport mce1 198.51.100.1 netmask 255.255.255.255 mtu 1500"
# /etc/rc.conf.d/routing
route_defaultgw="-host 203.0.113.1 -link -interface lagg0"
defaultrouter="203.0.113.1"
static_routes="defaultgw"
If I run 'service netif restart && sleep 5 && service routing restart', everything is ok.
I didn't find any options for that, and was thinking about a patch in the routing script.
Thanks</span></p>
</body>
</html>
--------------CXebCWEHadZeMXLtr0MEWi1X--
From nobody Wed Aug 28 13:14:12 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wv4cm4Ldjz5TDtH
for <net@mlmmj.nyi.freebsd.org>; Wed, 28 Aug 2024 13:14:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wv4cm3K07z4DQL
for <net@FreeBSD.org>; Wed, 28 Aug 2024 13:14:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724850856; a=rsa-sha256; cv=none;
b=MHrj9basz0PPVACjAiv/zO15AGrRr27Tla+E5gN3TkSQJsBvKTMCb74VCK4gWi8JSva+eI
5xTW7gURweVs9H/pi4pOobOx7B3cqnWchKF3yKO37Ln2NMQL4NGWaS6KMeZbc8MmoPagoE
CJLJPuayHQ7Mgoq9hmgBcsKS0eko7n3bWh8SqAxu98PrfJMksfIwSJe0LsFI3RwoFz4Qsu
TC9o5NUqEzVK7EV53mSQCK4OANtfnBT3M2Cfzox4RrBjNBjFcIIc8FevVaRn4QRWGIO9wG
iuqCk/PlJcAFjt2BPg9vLCLoVB8GShEkuCsQ3NAlqh1HMrs7XTFFIBa/mAxFeA==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724850856;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=0EqZthHGZfWQpnQDOO5cVnrY2uJbjAUhnvKRD9ylgcI=;
b=mooBgdbAqiO7S/3xYdDvXzkMIX646tsUVU6HfBBdzdnZ4KVDOlTQBV2sOXG29GovRMEueq
dQVEWSnFjWR7dXAc6ZhkXjyHHzHbZH/zAmmicVnVDsCfCIf3+xR7TY6sNROk3H7jMrbZyl
nizOEL2VPFcDS4/R+H6fOHIYpyRSj54rZNcNK0PwgFM9Vy7cYFsL5XtG4iFHqqlgd0cRS4
ZVt1ME9QGTO796wmsM7wpskQiP8rFVaVbi9J4y2tZszlIaDkGwEdREGdx8odaRgzNJ26TZ
/jucrqGTCUODLzNY5jAyjndI3NnUslBKvw4ydQ2ppfCB5l0wtg82u7Xf/8dm2Q==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wv4cm2tfjzZdQ
for <net@FreeBSD.org>; Wed, 28 Aug 2024 13:14:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47SDEGs7085038
for <net@FreeBSD.org>; Wed, 28 Aug 2024 13:14:16 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47SDEGhG085037
for net@FreeBSD.org; Wed, 28 Aug 2024 13:14:16 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280701] FreeBSD-SA-24:05 fix breaks ICMP/ICMP6 states handling
in pf firewall (ping, traceroute)
Date: Wed, 28 Aug 2024 13:14:12 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: natalino.picone@nozominetworks.com
X-Bugzilla-Status: Open
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-280701-7501-gdrfmbAN25@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280701
Natalino Picone <natalino.picone@nozominetworks.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |natalino.picone@nozominetwo
| |rks.com
--- Comment #59 from Natalino Picone <natalino.picone@nozominetworks.com> -=
--
Should this fix also be applied to releng/13.3 branch?
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Wed Aug 28 15:40:38 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wv7sv65Fmz52TXL
for <freebsd-net@mlmmj.nyi.freebsd.org>; Wed, 28 Aug 2024 15:40:51 +0000 (UTC)
(envelope-from fjwcash@gmail.com)
Received: from mail-yb1-xb33.google.com (mail-yb1-xb33.google.com [IPv6:2607:f8b0:4864:20::b33])
(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smtp.gmail.com", Issuer "WR4" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wv7st5fpQz4Vfp
for <freebsd-net@freebsd.org>; Wed, 28 Aug 2024 15:40:50 +0000 (UTC)
(envelope-from fjwcash@gmail.com)
Authentication-Results: mx1.freebsd.org;
none
Received: by mail-yb1-xb33.google.com with SMTP id 3f1490d57ef6-e02c4983bfaso7353191276.2
for <freebsd-net@freebsd.org>; Wed, 28 Aug 2024 08:40:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1724859650; x=1725464450; darn=freebsd.org;
h=cc:to:subject:message-id:date:from:in-reply-to:references
:mime-version:from:to:cc:subject:date:message-id:reply-to;
bh=cX+68ZFV7yrRDEPh5FMGemWqKdOoMov9i5M/klioCMQ=;
b=U2boO1a5oAvHBUCEKJfz1Qo9lTzFVH6bwnziCXYoZjHsYSFe5FqME1H2pbjHsDZNyI
BbLW5vuZTERPsdtIsWuVuGVbpavqhzncUUZlJaYL8cSwc4mR1LMODIOHgl5WJT/y+roZ
QCx6wjc+VtRJNBfrKRn+5GALIQZIdczpQ3K8NPCIx4P4xXdG2vE2taFzRP4TV9iLK01Z
JtQ1HkjdRq1TmYwu0WL3UD2Kthpw5rfqXI1Ht7TQllpHgW8DMs9MVQ0Y+SPDejK7p3lZ
KlyElsYNd3ZnPUnamvG5NK9omYtxTIw7an6BzX8CDVSOxTXQsxPmFcZJFgQappiSx5tF
UxEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1724859650; x=1725464450;
h=cc:to:subject:message-id:date:from:in-reply-to:references
:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=cX+68ZFV7yrRDEPh5FMGemWqKdOoMov9i5M/klioCMQ=;
b=Y44fheUHaT0X+ekanNN8oZ4kKmpOHjjZRXrnH8fMSLkTTmMIBxpT/tuPiSnUN51u50
O5dAiksrjlTMlTyMg4CkxmX9LaERRYMF0uxVm9idOzOAe9oRBYBLE1+RVncJqg8cGVFi
mMPY7+XQvm9yffZyem5xncNZsJOACHpZHIYfc7LGFeyFTqSdiijXAhJaIu65PASYB8HO
Nz3ZGh4n/utV2isMZS3pqlBHXtkI8BcH6AIcxwkSr51Kn1EfKawmti/7V24Qa7ZJbUPO
b9onWuX4fw4ETDqmH7kldRSrtsvlWaVRiP+znAw2nqVI93ntKd8NtrtfzI1f14rxRxjz
OtpQ==
X-Gm-Message-State: AOJu0YzUFMI5qgojPlGnFwrmGEtWrtEkoP+EZXAe56v9Vb0jWfmKhT2k
Tm24/mqs8CK8OQn7+dOuNuJmhb9QB+ezvfY/nAahnH0Gel2Lmmz5E9g3bErITNwV+AwBo931Y4E
vf0JRm1q5o5mqVuHpGjOyAO+rnAeYqQ==
X-Google-Smtp-Source: AGHT+IHozlCgL+/Lb0T1LIve3k+opmGf9jK5EXoxdztl1zke1+6wwHZOePPW03qdI549TCRUMgc/FgLQ0EVjqT3HWi8=
X-Received: by 2002:a05:6902:1703:b0:e11:7b16:9484 with SMTP id
3f1490d57ef6-e17a83bd00bmr20264543276.2.1724859649667; Wed, 28 Aug 2024
08:40:49 -0700 (PDT)
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
References: <d6e0e453-4322-4d57-9fbe-4b23b80ebfe9@thehomecave.fr>
In-Reply-To: <d6e0e453-4322-4d57-9fbe-4b23b80ebfe9@thehomecave.fr>
From: Freddie Cash <fjwcash@gmail.com>
Date: Wed, 28 Aug 2024 08:40:38 -0700
Message-ID: <CAOjFWZ4onB9SGbYNdcxLVdSptZ4Hc=d6JPFw30zwY0=L4FjqfQ@mail.gmail.com>
Subject: Re: wait link up before route configuration
To: "yann.masson@thehomecave.fr" <yann.masson@thehomecave.fr>
Cc: freebsd-net@freebsd.org
Content-Type: multipart/alternative; boundary="000000000000b4bb1a0620c02e48"
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
module=replies;
Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
REPLY(-4.00)[];
ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]
X-Rspamd-Queue-Id: 4Wv7st5fpQz4Vfp
--000000000000b4bb1a0620c02e48
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Wed, Aug 28, 2024 at 1:21=E2=80=AFAM yann.masson@thehomecave.fr <
yann.masson@thehomecave.fr> wrote:
> After configuring interfaces and routes, and triggering a 'service netif
> restart && service routing restart' is there a way to wait for the 'carri=
er
> up' of the interface before route reconfiguration? My use case is a serve=
r
> with 2 Mellanox and a Lagg. The 2 mce interfaces are UP in milliseconds b=
ut
> the lagg interface takes a few seconds to be UP, and the routing service
> says 'Network unreachable'. The subnet is a /32 and the gateway need a
> static route like: # /etc/rc.conf.d/netif cloned_interfaces=3D"lagg0"
> ifconfig_mce0=3D"up" ifconfig_mce1=3D"up" ifconfig_lagg0=3D"laggproto lac=
p
> laggport mce0 laggport mce1 198.51.100.1 netmask 255.255.255.255 mtu 1500=
"
> # /etc/rc.conf.d/routing route_defaultgw=3D"-host 203.0.113.1 -link
> -interface lagg0" defaultrouter=3D"203.0.113.1" static_routes=3D"defaultg=
w" If
> I run 'service netif restart && sleep 5 && service routing restart',
> everything is ok. I didn't find any options for that, and was thinking
> about a patch in the routing script. Thanks
>
Read through the comments in /etc/rc.d/netwait as that should do what
you're looking for (wait until the interface is active or wait until you
get a ping response from an IP before continuing with network
configuration).
--=20
Freddie Cash
fjwcash@gmail.com
--000000000000b4bb1a0620c02e48
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div dir=3D"ltr">On Wed, Aug 28, 2024 at 1:21=E2=80=AFAM <=
a href=3D"mailto:yann.masson@thehomecave.fr">yann.masson@thehomecave.fr</a>=
<<a href=3D"mailto:yann.masson@thehomecave.fr">yann.masson@thehomecave.=
fr</a>> wrote:<br></div><div class=3D"gmail_quote"><blockquote class=3D"=
gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(20=
4,204,204);padding-left:1ex"><u></u>
=20
=20
=20
<div>
<p><span style=3D"color:rgb(209,210,211);font-family:Monaco,Menlo,Conso=
las,"Courier New",monospace;font-size:12px;font-style:normal;font=
-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spa=
cing:normal;text-align:left;text-indent:0px;text-transform:none;word-spacin=
g:0px;white-space:pre-wrap;background-color:rgba(232,232,232,0.04);text-dec=
oration-style:initial;text-decoration-color:initial;float:none;display:inli=
ne">After configuring interfaces and routes, and triggering a 'service =
netif restart && service routing restart'
is there a way to wait for the 'carrier up' of the interface before=
route reconfiguration?
My use case is a server with 2 Mellanox and a Lagg. The 2 mce interfaces ar=
e UP in milliseconds but
the lagg interface takes a few seconds to be UP, and the routing service sa=
ys 'Network unreachable'.
The subnet is a /32 and the gateway need a static route like:
# /etc/rc.conf.d/netif
cloned_interfaces=3D"lagg0"
ifconfig_mce0=3D"up"
ifconfig_mce1=3D"up"
ifconfig_lagg0=3D"laggproto lacp laggport mce0 laggport mce1 198.51.10=
0.1 netmask 255.255.255.255 mtu 1500"
# /etc/rc.conf.d/routing
route_defaultgw=3D"-host 203.0.113.1 -link -interface lagg0"
defaultrouter=3D"203.0.113.1"
static_routes=3D"defaultgw"
If I run 'service netif restart && sleep 5 && service r=
outing restart', everything is ok.
I didn't find any options for that, and was thinking about a patch in t=
he routing script.
Thanks</span></p>
</div>
</blockquote></div>Read through the comments in /etc/rc.d/netwait as that s=
hould do what you're looking for (wait until the interface is active or=
wait until you get a ping response from an IP before continuing with netwo=
rk configuration).<br clear=3D"all"><div><br></div><span class=3D"gmail_sig=
nature_prefix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature">Fre=
ddie Cash<br><a href=3D"mailto:fjwcash@gmail.com" target=3D"_blank">fjwcash=
@gmail.com</a></div></div>
--000000000000b4bb1a0620c02e48--
From nobody Wed Aug 28 16:33:23 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wv92g71ZZz52YSJ
for <freebsd-net@mlmmj.nyi.freebsd.org>; Wed, 28 Aug 2024 16:33:31 +0000 (UTC)
(envelope-from yann.masson@thehomecave.fr)
Received: from smtp-190e.mail.infomaniak.ch (smtp-190e.mail.infomaniak.ch [IPv6:2001:1600:4:17::190e])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "relay.mail.infomaniak.ch", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wv92g4n5vz4ZdM
for <freebsd-net@freebsd.org>; Wed, 28 Aug 2024 16:33:31 +0000 (UTC)
(envelope-from yann.masson@thehomecave.fr)
Authentication-Results: mx1.freebsd.org;
none
Received: from smtp-3-0001.mail.infomaniak.ch (smtp-3-0001.mail.infomaniak.ch [10.4.36.108])
by smtp-3-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4Wv92W74VYzj7y;
Wed, 28 Aug 2024 18:33:23 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thehomecave.fr;
s=20230803; t=1724862803;
bh=/+e9/chtkfLBwI/Y1pyymBFzH2t45MiajepsoLvoy6o=;
h=Date:Subject:To:Cc:References:From:In-Reply-To:From;
b=kJ9J+TNU1+pZqkRBNZGJYcaeo6TZuC+mxvZkqZxoEl2gwUgtHoYWgmdU65gXWKgyV
mQ+pBHa4W5vIw7KlOM2rY/pltWQRkltZYPu/3EKGX3GKJXMGc4YC9yfn6qzDnytZne
vt7MFrC4+AIt+EsENb0z9HIvffkByyP1yPl0OuwI7Q95IMW817S+aaMeKtUDK9PRru
u3aWuHaT4WeaIALYk7MJ7l7SXuQuOZQ7csmdJ+XidJV6gotLeVJuOjbsYOCALgsqJy
0SC9jXzKjxniIfI9bPv2iBzlfABF7Ii2sH6rd+PzGyLVhVSrkKcdxNwQDTKk/0j+N3
mFRp7dOxyce3g==
Received: from unknown by smtp-3-0001.mail.infomaniak.ch (Postfix) with ESMTPA id 4Wv92W4Qyzz5N1;
Wed, 28 Aug 2024 18:33:23 +0200 (CEST)
Content-Type: multipart/alternative;
boundary="------------0qB0u0yPc0p76cb4o3xmB0uH"
Message-ID: <203f3066-af9e-40f9-bef3-89dd7b636dc7@thehomecave.fr>
Date: Wed, 28 Aug 2024 18:33:23 +0200
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: wait link up before route configuration
To: Freddie Cash <fjwcash@gmail.com>
Cc: freebsd-net@freebsd.org
References: <d6e0e453-4322-4d57-9fbe-4b23b80ebfe9@thehomecave.fr>
<CAOjFWZ4onB9SGbYNdcxLVdSptZ4Hc=d6JPFw30zwY0=L4FjqfQ@mail.gmail.com>
Content-Language: en-US
From: "yann.masson@thehomecave.fr" <yann.masson@thehomecave.fr>
In-Reply-To: <CAOjFWZ4onB9SGbYNdcxLVdSptZ4Hc=d6JPFw30zwY0=L4FjqfQ@mail.gmail.com>
X-Infomaniak-Routing: alpha
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
module=replies;
Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
REPLY(-4.00)[];
ASN(0.00)[asn:29222, ipnet:2001:1600::/32, country:CH]
X-Rspamd-Queue-Id: 4Wv92g4n5vz4ZdM
This is a multi-part message in MIME format.
--------------0qB0u0yPc0p76cb4o3xmB0uH
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
/etc/rc.d/netwait dependencies are
# PROVIDE: netwait
# REQUIRE: devd ipfw pf routing
[truncated] rcorder -p /etc/rc.d/*
/etc/rc.d/netif
/etc/rc.d/routing
/etc/rc.d/netwait
I've tested netwait. It doesn't work
If i configure routing like that:
# /etc/rc.conf.d/routing route_defaultgw="-host 203.0.113.1 -link
-interface lagg0" route_default="-net 0.0.0.0/0 -interface lagg0
203.0.113.1" static_routes="defaultgw default"
It works, but the routing table went from
# netstat -rn Routing tables Internet: Destination Gateway Flags Netif
Expire default 203.0.113.1 UGS lagg0 198.51.100.1 link#10 UH lo0
203.0.113.1 link#10 UHS lagg0 127.0.0.1 link#3 UHS lo0
to
Internet: Destination Gateway Flags Netif Expire default link#10 US
lagg0 198.51.100.1 link#10 UH lo0 203.0.113.1 link#10 UHS lagg0
127.0.0.1 link#3 UHS lo0
I don't know if it's good or not.
On 8/28/24 17:40, Freddie Cash wrote:
> On Wed, Aug 28, 2024 at 1:21 AM yann.masson@thehomecave.fr
> <yann.masson@thehomecave.fr> wrote:
>
> After configuring interfaces and routes, and triggering a 'service
> netif restart && service routing restart' is there a way to wait
> for the 'carrier up' of the interface before route
> reconfiguration? My use case is a server with 2 Mellanox and a
> Lagg. The 2 mce interfaces are UP in milliseconds but the lagg
> interface takes a few seconds to be UP, and the routing service
> says 'Network unreachable'. The subnet is a /32 and the gateway
> need a static route like: # /etc/rc.conf.d/netif
> cloned_interfaces="lagg0" ifconfig_mce0="up" ifconfig_mce1="up"
> ifconfig_lagg0="laggproto lacp laggport mce0 laggport mce1
> 198.51.100.1 netmask 255.255.255.255 mtu 1500" #
> /etc/rc.conf.d/routing route_defaultgw="-host 203.0.113.1 -link
> -interface lagg0" defaultrouter="203.0.113.1"
> static_routes="defaultgw" If I run 'service netif restart && sleep
> 5 && service routing restart', everything is ok. I didn't find any
> options for that, and was thinking about a patch in the routing
> script. Thanks
>
> Read through the comments in /etc/rc.d/netwait as that should do what
> you're looking for (wait until the interface is active or wait until
> you get a ping response from an IP before continuing with network
> configuration).
>
> --
> Freddie Cash
> fjwcash@gmail.com
--------------0qB0u0yPc0p76cb4o3xmB0uH
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>/etc/rc.d/netwait dependencies are<br>
# PROVIDE: netwait<br>
# REQUIRE: devd ipfw pf routing<br>
<br>
[truncated] rcorder -p /etc/rc.d/*<br>
/etc/rc.d/netif<br>
/etc/rc.d/routing<br>
/etc/rc.d/netwait</p>
<p>I've tested netwait. It doesn't work<br>
</p>
<p><br>
If i configure routing like that:<br>
<span
style="color:rgb(209,210,211);font-family:Monaco,Menlo,Consolas,"Courier New",monospace;font-size:12px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:left;text-indent:0px;text-transform:none;word-spacing:0px;white-space:pre-wrap;background-color:rgba(232,232,232,0.04);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline"># /etc/rc.conf.d/routing
route_defaultgw="-host 203.0.113.1 -link -interface lagg0"
route_default="-net 0.0.0.0/0 -interface lagg0 203.0.113.1"
static_routes="defaultgw default"</span></p>
<div class="moz-cite-prefix">It works, but the routing table went
from</div>
<div class="moz-cite-prefix"><span
style="color: rgb(209, 210, 211); font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-size: 12px; font-style: normal; font-variant-ligatures: none; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgba(232, 232, 232, 0.04); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;"># netstat -rn
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 203.0.113.1 UGS lagg0
198.51.100.1 link#10 UH lo0
203.0.113.1 link#10 UHS lagg0
127.0.0.1 link#3 UHS lo0</span></div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">to</div>
<div class="moz-cite-prefix"><span
style="color: rgb(209, 210, 211); font-family: Monaco, Menlo, Consolas, "Courier New", monospace; font-size: 12px; font-style: normal; font-variant-ligatures: none; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgba(232, 232, 232, 0.04); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;">Internet:
Destination Gateway Flags Netif Expire
default link#10 US lagg0
198.51.100.1 link#10 UH lo0
203.0.113.1 link#10 UHS lagg0
127.0.0.1 link#3 UHS lo0</span></div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">I don't know if it's good or not.<br>
<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 8/28/24 17:40, Freddie Cash wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAOjFWZ4onB9SGbYNdcxLVdSptZ4Hc=d6JPFw30zwY0=L4FjqfQ@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div dir="ltr">On Wed, Aug 28, 2024 at 1:21 AM <a
href="mailto:yann.masson@thehomecave.fr"
moz-do-not-send="true" class="moz-txt-link-freetext">yann.masson@thehomecave.fr</a>
<<a href="mailto:yann.masson@thehomecave.fr"
moz-do-not-send="true" class="moz-txt-link-freetext">yann.masson@thehomecave.fr</a>>
wrote:<br>
</div>
<div class="gmail_quote">
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p><span
style="color:rgb(209,210,211);font-family:Monaco,Menlo,Consolas,"Courier New",monospace;font-size:12px;font-style:normal;font-variant-ligatures:none;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:left;text-indent:0px;text-transform:none;word-spacing:0px;white-space:pre-wrap;background-color:rgba(232,232,232,0.04);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">After configuring interfaces and routes, and triggering a 'service netif restart && service routing restart'
is there a way to wait for the 'carrier up' of the interface before route reconfiguration?
My use case is a server with 2 Mellanox and a Lagg. The 2 mce interfaces are UP in milliseconds but
the lagg interface takes a few seconds to be UP, and the routing service says 'Network unreachable'.
The subnet is a /32 and the gateway need a static route like:
# /etc/rc.conf.d/netif
cloned_interfaces="lagg0"
ifconfig_mce0="up"
ifconfig_mce1="up"
ifconfig_lagg0="laggproto lacp laggport mce0 laggport mce1 198.51.100.1 netmask 255.255.255.255 mtu 1500"
# /etc/rc.conf.d/routing
route_defaultgw="-host 203.0.113.1 -link -interface lagg0"
defaultrouter="203.0.113.1"
static_routes="defaultgw"
If I run 'service netif restart && sleep 5 && service routing restart', everything is ok.
I didn't find any options for that, and was thinking about a patch in the routing script.
Thanks</span></p>
</div>
</blockquote>
</div>
Read through the comments in /etc/rc.d/netwait as that should do
what you're looking for (wait until the interface is active or
wait until you get a ping response from an IP before continuing
with network configuration).<br clear="all">
<div><br>
</div>
<span class="gmail_signature_prefix">-- </span><br>
<div dir="ltr" class="gmail_signature">Freddie Cash<br>
<a href="mailto:fjwcash@gmail.com" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">fjwcash@gmail.com</a></div>
</div>
</blockquote>
</body>
</html>
--------------0qB0u0yPc0p76cb4o3xmB0uH--
From nobody Wed Aug 28 18:32:52 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvChQ5DNqz5MWMs
for <net@mlmmj.nyi.freebsd.org>; Wed, 28 Aug 2024 18:32:54 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvChQ4CfWz4kCC
for <net@FreeBSD.org>; Wed, 28 Aug 2024 18:32:54 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724869974; a=rsa-sha256; cv=none;
b=aLfP+VZZBehuG+a9LyXDsQQYGogvMlVQO0x13qQ9s+RCOzXm3BgJ0aSkCRStlRdL1Y6cEm
JCkih07GCwNCMOpSYe92qVeK+Q7uDmPm7Jebkll9MGg8NdlU9vlOkLwid8W2exS14IuFo2
x8AUPKKaRLkwfW5bVq0yU6NpOFidIvXLoU+HnxCZxDWYnlCUwCrevMDmUZLkql9JsPDdG0
5NtpBCoOg1MYRCh2k54dkNutwCWNQ2OkLAE30thH9rSHpSlwVK6lWWBgpb1+YFRwYOK8zx
yYxlK4cRYiejcJ6CEh4laBMxYFO1nx+P528AQsEav3otSUD8sbO7bbf+qPiq6g==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724869974;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=w6PhtYQAwXmBNftdSAydx8lKgHmMycdFYXfl6JwAFSI=;
b=WRuGiQxbZrJeMlQFU3kACj774K8+NzARddcr6sTLe20/qvJenqOLpQgNVoeHflkrVjgz5c
ka8r2/FarE82YgF8xhU7qkTVeOE0NP8JXkFmYnJTHE3QL0Wjz9OHVLx40r8p0oZbaeCrsC
m9hFmc+k4bsvOBvvWUzc7l8mkrUbCM6kRmBWMEcLsNIm7oEdiRwzqj5lC4+fB9wO64GT31
yldNV5yVrym+qo0eG68Or8SmR8F3oC4g4o/nt0OxKGUCaCEj4/ledE3Lx6+zCe2+MIvGlP
VBpJydZQZP8WPZugQ4l5ctxXqPZ1vImfgRwhgMAZEVMX4OgE1G+8M5U3X5Tmzg==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WvChQ3pzJzlXs
for <net@FreeBSD.org>; Wed, 28 Aug 2024 18:32:54 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47SIWsMp016781
for <net@FreeBSD.org>; Wed, 28 Aug 2024 18:32:54 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47SIWsUI016780
for net@FreeBSD.org; Wed, 28 Aug 2024 18:32:54 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280701] FreeBSD-SA-24:05 fix breaks ICMP/ICMP6 states handling
in pf firewall (ping, traceroute)
Date: Wed, 28 Aug 2024 18:32:52 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: doktornotor@mailinator.com
X-Bugzilla-Status: Open
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280701-7501-mtWqqEZrmI@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280701
--- Comment #60 from doktornotor <doktornotor@mailinator.com> ---
(In reply to Natalino Picone from comment #59)
Do you mean the patch posted in comment #58? You can apply that patch to
whichever branch you wish, however it will not fix the regressions, as note=
d in
the same comment.=20
For regression-free experience, the solution is reverting to the state befo=
re
the FreeBSD-SA-24:05 patch.
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Thu Aug 29 10:34:53 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wvd2T4YVHz5MjFd
for <net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 10:34:57 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wvd2S4Z7vz4MSp
for <net@FreeBSD.org>; Thu, 29 Aug 2024 10:34:56 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724927696; a=rsa-sha256; cv=none;
b=gX7a1Kpru5NHzy/VW5DANkHxvg/AONt70VOo8x3cz50hkJkpcNr5S8/S8FYjy3QnjhvhAj
reeQM7FzlemdqeiWrG7Vq5t4hpKTmrt96/LmjYqVoYqKvIU8XtkrbSHHWDpXLTpIKBZtWV
z3GAL7LBeINBU27m3WhxiHu/QRamg4twmY1JuZ3m8ELNc1NtyGofxaYKxoskR2mfzz3wP7
eN+wIO+eppdljSXCgK/jEjbMMPaW+PAubBXwXdEmFYRDNW2Ox9DkPH6moQeld8cyy7rSlg
qORpCjyqTrIavX1GLlROXJPEpoww8YxVe4Y62+xpNHdlBniXLWak2ER2+0N6/g==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724927696;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=LM/yf7z1kdERofagrR3XaVd/KirnnhDS7jN9mwixvio=;
b=UCk655q2MMT0jR9RfvSDq3h7IMCH63QMTk4AO0VVZZtGJHrGFX9UsGrm0dmsGMxtO5ADno
ap3X0i+3BUXx3PhizTfNQCB79dySE4fWdTLCshKH56/PxVHYRBUcmaXEjAVNbUFhjUrMux
Q7RFab2bbcqGdbWHhoYT/opAX0l/83KFr4GE+LgUwvRmAdCBqcS2ksK5Q7r+FfWhul92iS
D3cAMznaLs01tX7T8i4gbackOTBDnVyQVEty8bfRzrX30bs9lXo5dV9xDLU0mIQKKmU2ec
jGG9JPyrh4/jjSPDHUCEN16eDBMYjemtTunTpMeguJ4zuLJV0XUTSH1+bFKf5Q==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wvd2S4B1XzDqT
for <net@FreeBSD.org>; Thu, 29 Aug 2024 10:34:56 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47TAYuCI054543
for <net@FreeBSD.org>; Thu, 29 Aug 2024 10:34:56 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47TAYuNT054542
for net@FreeBSD.org; Thu, 29 Aug 2024 10:34:56 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280701] FreeBSD-SA-24:05 fix breaks ICMP/ICMP6 states handling
in pf firewall (ping, traceroute)
Date: Thu, 29 Aug 2024 10:34:53 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: natalino.picone@nozominetworks.com
X-Bugzilla-Status: Open
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280701-7501-w4mFfepV5c@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280701
--- Comment #61 from Natalino Picone <natalino.picone@nozominetworks.com> -=
--
(In reply to doktornotor from comment #60)
Sorry for the missing details. This is a very long thread, and it's unclear
whether an official FreeBSD patch is now in the base or not to fix the issu=
es
caused by FreeBSD-SA-24:05.
I'm focused on the releng/13.3 branch.
FreeBSD-SA-24:05 was released at the beginning of August, so it's almost one
month since a security patch (which usually should not be ignored) broke the
standard FreeBSD base.
Thanks
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Thu Aug 29 11:51:06 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvfkL3PN6z5Mpsf
for <net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 11:51:06 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvfkL1sVYz4Tb8
for <net@FreeBSD.org>; Thu, 29 Aug 2024 11:51:06 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724932266; a=rsa-sha256; cv=none;
b=oZ54NvqfbQbetWRCnWvuyLgYJSy3KZW1pCG51UqfXljHdIj257KuVzUfAjir5oRhIMAtO1
lFeODy2bxveBS0vvPFeW1zUaFQT15cJpj2u3c9O/oOFsPIFTos360C7dd0Ngw651cXNe6M
Yg34/HpUV/segnp8Wu10KTZ59pob+iXT6NnJMGdxaTVHTsuMowwkLloZwJ5eRUfuclwMCG
J+Gu2JPRLrz1i4NrhXkV+bIQNkx1mrPCcToIswGh0e3dWeBZvXq81uMUb93M8bP8uOEUs1
LFODp7/1J9LBB2WDwRdUTSkknqh8YCha9TOvBLflk5FYKCjw7/FprlSKO74nkA==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724932266;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=TH+vfbI9w6lzJNdxk1Ojopuid1/8aHKJzBpz4OmoTjs=;
b=B4LQKvMuLYEDOijvrq82MHf6Bz9zhsrHkKe301Kx4liE7HHmv39tjPmYc4jzRtEnV1Y3FU
PPCemjgwiFYPXC9hfXy+VVDJaIfDPwZ/GAi3sUxJ3z1xILA0pJzWBNya4y66efZuLA87pE
/3NYDTnbSMTwId7ynpBHQAGliiKu1hiHZXCGkugkO0B7FOrPOSfQI6ksqZGpL/pLaHule9
/329Al9DkNGZq9RaFAlkIT1QoUwC0lZ2qEdu3qsLvnt+PXOn9OfQpArN/EHrETXkGca4TR
j+JHT3GtYlwGqMowJfBX7YmjWaZPT6KR3qNiiGLRcU2+sM4WmIXmsVgDj3tX1A==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WvfkL1TrkzG5y
for <net@FreeBSD.org>; Thu, 29 Aug 2024 11:51:06 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47TBp6xU056381
for <net@FreeBSD.org>; Thu, 29 Aug 2024 11:51:06 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47TBp6ne056380
for net@FreeBSD.org; Thu, 29 Aug 2024 11:51:06 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 278306] service netif start doesn't bring up the wireless
interface if /etc/wpa_supplicant.conf is missing
Date: Thu, 29 Aug 2024 11:51:06 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: wireless
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: bz@FreeBSD.org
X-Bugzilla-Status: In Progress
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: rc@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-278306-7501-KYrBoYvvfp@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-278306-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-278306-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D278306
Bjoern A. Zeeb <bz@FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |net@FreeBSD.org
--=20
You are receiving this mail because:
You are on the CC list for the bug.=
From nobody Thu Aug 29 15:24:32 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvlSd407vz5PcH4
for <net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 15:24:33 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvlSc1cBXz4rWW
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:24:32 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724945072; a=rsa-sha256; cv=none;
b=OmHh9ZEIMb4A0jyNTOIAF7oinIbFj+B0lemxhmv50R7HydqPPycKdkF34p7RUO6v0V1oPH
nB4XyTiXFQQoVsY0nM4LxYSKOMFyl27xDx2CP8sl6g8tAb3Nzqz9bU+cbiVgG6via44RRt
CaB1g9keusD/GQnWnYzOeb98MvlyDRJvVczbrFOKkhspn+5wUaKYUsfU26zOxLNFXiKkhH
NgfXup08kIz5yrEq291P6W9QW1nhC/UkGVkpaFgiInOTWR7ejMFV4uNgNhK9Jf9Wfkf0Gx
8O4TwiZSsXQOBLtmZXWLZmuyabVQn39Rq3pPoHJ6OmmJ45uk7H6Z9HKido0BCA==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724945072;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=jcSh/SEhwgEf3d+FF7yJwgYFlZHkioYFS7rCUavlaV4=;
b=uL6/4A+t4Szoec/2tLhG4egtOaX69xHbv0YNrSyzNLQMtyCHAtwkkyZBHC25JKNinkTWvT
pYolxg10G10lRoUm53NMzVJbUW+QiC79NC6ANJbqgb61o+ieiqlKZ3+bmOwIl4P6y2YLIg
ixq9OsF8tfrlyckWn2hZVY6RaDykskgldPuRktS4lMqEWBG3o2TiTT05Ecl0NjL+0Fn+zJ
bmyHK/JifPblzvs/2pZmIaazfroMasgtfzDuOAhDjWJN+ER8oachogpvJ0tiC/k+pCVRe8
nJuWcfPi+rFZ3p1I1YfnsDxwY4l4RGaqichG3U5wU76EOUkUNRqRzZdGjX42WQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WvlSc1CtyzNCN
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:24:32 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47TFOWOK053373
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:24:32 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47TFOWeR053371
for net@FreeBSD.org; Thu, 29 Aug 2024 15:24:32 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 278306] service netif start doesn't bring up the wireless
interface if /etc/wpa_supplicant.conf is missing
Date: Thu, 29 Aug 2024 15:24:32 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: wireless
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: portmaster@bsdforge.com
X-Bugzilla-Status: In Progress
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: rc@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-278306-7501-zDTFYvfiwc@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-278306-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-278306-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D278306
--- Comment #11 from Chris Hutchinson <portmaster@bsdforge.com> ---
(In reply to Bjoern A. Zeeb from comment #10)
I think you're on the right track, Bjoern.
But as I examined this approach, I discovered what may be
hints to the problem here:
libexec/rc/netif
@ 152
# netif_common routine
# Common configuration subroutine for network interfaces. This
# routine takes all the preparatory steps needed for configuriing
# an interface and then calls $routine.
...
@ 175
# Don't check that the interface(s) exist. We need to run
# the down code even when the interface doesn't exist to
# kill off wpa_supplicant.
# XXXBED: is this really true or does wpa_supplicant die?
# if so, we should get rid of the devd entry
While I could fully unwind the routine(s) to confirm whether
this, or your approach is correct. I don't have time slices available ATM.
IOW I agree someone from rc@ or net@ is the best direction. Maybe a PHAB
review would be even better?
--=20
You are receiving this mail because:
You are on the CC list for the bug.=
From nobody Thu Aug 29 15:26:13 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvlVb1w9Bz5PcrN
for <net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 15:26:15 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvlVb014xz4t8m
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:26:15 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724945175; a=rsa-sha256; cv=none;
b=rLMyhgz7l3d5/mk+Jyw82c6csamWDFnUucgr4ZhPUkyA7RZiv14W1wiVSaXxn/u9TAv2SP
Wd1GlqQRORQgDm+jE5N7VF6ZHiZT4xEjgCldq5WbqJz/IkQ5BJQQxn+6iVAL78vPtNc46m
l9fuOEYcuVVcyrXy7X3HX0HeL1zH+jZC4jIxgJOr+NsjY4oi7K+AMbH3croSyppIhf0KWp
yTy4fRQwauKDHMr33Ene4PnBZD783SxG74u56mrzAzcwwpkPlES8K28KuWAigx7vbP2OIJ
xn2o7FcswvgU7GrRoNYzkcovBWGFvmfccyrvy1bSlBFwM0Xzyz/Z3mSkixK41A==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724945175;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=jkvYik7K3Ah04gmX+hEqL+myCBWKWYL+a2nctX34x+Y=;
b=MBU2jPv71DZaVIrsKXrDXsuqvJH5ljRA55f6y0kuuDbfuvX5iMhlQCA0TvRMBuOqYcqGvh
J5xZEdCTHDF0bIIJEDmXA4j1hFjffQvDzJ4cT2YjQT9/FKD3ZZr5PArLI81cdzCRkiTIe+
CLE+arqU52LqyuNQGm9IhMGcc8p5dVXVNtigFPW+niEJINeIz9wZRTCiab+XkSoJS7f2RH
BNJcIxrrbFsc7ld3oyDlKALLCKt348pImbXrCs66GqktpFoRNoJvnt7sOec035JmGkyWDg
JBMssuucoAJBOBuaMjbQCdNsArhDub1Y1GCZJYx/5aZFyvS5BCEHO9kQA/wKGQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WvlVZ6XjSzN79
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:26:14 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47TFQE2s058701
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:26:14 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47TFQEth058700
for net@FreeBSD.org; Thu, 29 Aug 2024 15:26:14 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 279245] igc(4) I226 (and I225) TX hangups
Date: Thu, 29 Aug 2024 15:26:13 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 13.2-RELEASE
X-Bugzilla-Keywords: IntelNetworking
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: freebsdforums.lurch729@passmail.net
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-279245-7501-28pQ0nuyQz@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-279245-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-279245-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D279245
CrazyWolf13 <freebsdforums.lurch729@passmail.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |freebsdforums.lurch729@pass
| |mail.net
--- Comment #6 from CrazyWolf13 <freebsdforums.lurch729@passmail.net> ---
I just experienced the same issue, and it was a PAIN to find the real issue.
https://forum.opnsense.org/index.php?topic=3D42368
TL:DR:
Mini-PC by shuttle with Intel i228-LM 2.5GB Ports
Under heady load, sometimes every 6h I needed to reboot my opnsense box.
Network behaved really weird, devices became inaccessible, opnsense too. A
reboot usually fixed the issue but only for several hours.
Funnily enough a reboot of my switch also seemed to have fix it for the mom=
ent.
Luckily my OEM uploaded a new BIOS this month and it actually fixed my issu=
es,
no more reboots needed after the BIOS update.
https://global.shuttle.com/products/productsDownload?pn=3DDL30N%20SERIES
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Thu Aug 29 15:32:33 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wvldt0Xk0z5PdFB
for <net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 15:32:34 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wvlds6bSyz4tvC
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:32:33 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724945553; a=rsa-sha256; cv=none;
b=cNQqCdiWFFLAvGMHVtOmacHNvDyAV92EOf38pFoMfnty1rLGEk43l8OEN5lLB9c/R519EI
iKb5+s7sNOhkDwd4aFnZAde+GAyy+1nvTjLflL3Y7xqMiWe1AquCUyrRG75Bw/2EbQM7Ib
xLc/Mim/BQbIxKdiqaygSYIaDsq6ggZwjc6XYI/ZWAnU5UC0wJF3WdnmhiNGMwliUfBNbh
GPGlwwZya3tLVu3BDZtIzhrjzDwFoYv5+zapXHZnUgP4YiQ95+OLazxFkfk+HK86X/8Dou
XM7AzwcI0mXgL/Pb4qj5CPU0zqNR/se2stF03gQhZqkKh/crA4w93Q9BKPvcMw==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724945553;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=lqJqZCub9Cp4EbTwrZVYsPKgnVa9Zz81E+bIoRNujMc=;
b=lx7edVsDNfPuSLXCZjayBCbfKMS9M4uzXCedLa6LeIHxVjEzvSUyi3QeS35M0V2gdGXwUa
Cigl4FwaYzOwDI2mhySRcUXD0Mh4Rl4R9E9ZA0TU5MT4on1XmXLeI2K9nmVLoEgf7fp6P+
M32RmiM+WjZgDwYVp21RjUYJNqLM7MJum+qqyg3p2oKldSoH6m2s/kQN3ZNUIlUtIjHfRT
IcAd2tBgGTugUpPL4anotijuTH9Q5ab6XcKBvVJ2i90jRoatp/tMHompFVjv566dMoeetv
g8tZ0MRj4T5vhVeKYbSdre7fiS87yKNKghPBkBl1QsOX8jJw22JcyPNrdTyDNA==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wvlds6988zNLm
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:32:33 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47TFWXJr090659
for <net@FreeBSD.org>; Thu, 29 Aug 2024 15:32:33 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47TFWXQ2090658
for net@FreeBSD.org; Thu, 29 Aug 2024 15:32:33 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 275001] if_wg: Missing radix unlock can cause deadlock
Date: Thu, 29 Aug 2024 15:32:33 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: markj@FreeBSD.org
X-Bugzilla-Status: Closed
X-Bugzilla-Resolution: FIXED
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status resolution
Message-ID: <bug-275001-7501-a9VXym3snE@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-275001-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-275001-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275001
Mark Johnston <markj@FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|In Progress |Closed
Resolution|--- |FIXED
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Thu Aug 29 16:06:21 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvmNx2ds1z5T8Kf
for <freebsd-net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 16:06:25 +0000 (UTC)
(envelope-from bapt@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "smtp.freebsd.org", Issuer "R10" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvmNx0WRXz529c;
Thu, 29 Aug 2024 16:06:25 +0000 (UTC)
(envelope-from bapt@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
t=1724947585;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=ajBGEfAUNqJ0uOaOBqUohsA5WnWKaRNutslcbJxmxws=;
b=jrkekBcYA7M8Wk4ToQbVIIOmcgD5tSCQHqikOvTQLm0R7SZoWXRwZv1XsJNQVZS1fWxi7p
cMA3WlSXBLq1RfHY7j1c6YM81iwPncKUwMZ2B1pqJObmgTR9tlu2doNhbBrch1CzdkHBCS
EFf2EhWA7+c6QJA4ZXKw0FFy04LWrCbeIfZxlv7ywU3bJjjv/LmetlEUUv/Y0brYMKqDgF
7gqwsE4PZXRrmKnuBUUvfSWakR+xWhlqpVm7zx5923mymxFmvPXYFXii69bGrce0KZQRiY
3AD9tRQsA0NSgQ7rvmf4IE/hmUCI8wl0SW2SQXsIi0YvebLsxaPq6fl5utwZ+w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724947585; a=rsa-sha256; cv=none;
b=ZHSB8BmYNXt00kYwd80dQvedlAPV9tOYSJ+WY/Dp0UQF7pt3+OjpljUymJw6c5ADC1PedN
56ev5r7rLREOpXpL0IXxoviyDRbcPwI4iqAMTSTfHpmwjdfQjPqzM4M9rOVdgSOD3u+ELz
F6TrGrKG4tCZJ+HneOTfnBvi+lf37I/62AsIfCfSVgbf9hD9L6gD2tcpUHsUyTjgaQG2JB
ZwOK3tVe2NPvKRcy5aj3PTpOqc2qxi8jeuQgP8SzrX+CMhZea1JdASdB1/NYv+zGYHIMku
eQ3oUIiKNN6+FeEJGxIWjSdjdXZgNE065FHmM9pMXRZ9lIE8Rs4iF4ClfUgh/g==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724947585;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=ajBGEfAUNqJ0uOaOBqUohsA5WnWKaRNutslcbJxmxws=;
b=hQvSdXE2g6HoShdqIA1/icEDkN21o1m3eicdde1SYzFPaX01ScS7gTfCKfb7cDzLqVGb06
Jon4nxTxuS9+ZwbO8Rpkfm59aNtfXsClfgkTribRXJ7+KfTkRCKIJCw9xaSFBtR3SxJcYQ
nIEFXbYiDpV+cV6WKcYZUaayGbeIe4fw81McEFEi4uwd8saUYYj9Big/V1Ji/wXDgLbOMF
cyvDxGRYCbZIlIzk84RaBqbgT/10IrdKBysXRLC8kY+WQXK9ZM9Ep3FCxgzYMP2rv92DU3
i/Ogoo8aB1nFe26g/3ynJtx6QrF19PgRTl3QKB3blB7IhtxvZqeCinyMAu97Sw==
Received: from aniel.nours.eu (nours.eu [176.31.115.77])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
(Authenticated sender: bapt)
by smtp.freebsd.org (Postfix) with ESMTPSA id 4WvmNw6Xg0zPws;
Thu, 29 Aug 2024 16:06:24 +0000 (UTC)
(envelope-from bapt@freebsd.org)
Received: by aniel.nours.eu (Postfix, from userid 1001)
id B01CFFEFE5; Thu, 29 Aug 2024 18:06:21 +0200 (CEST)
Date: Thu, 29 Aug 2024 18:06:21 +0200
From: Baptiste Daroussin <bapt@freebsd.org>
To: Freddie Cash <fjwcash@gmail.com>
Cc: "yann.masson@thehomecave.fr" <yann.masson@thehomecave.fr>,
freebsd-net@freebsd.org
Subject: Re: wait link up before route configuration
Message-ID: <qzj7nbrl4eoqfcwngrnokjxgihzwhy4rqpdb6yqd5qfzepl5rb@o5djjjy33jbm>
References: <d6e0e453-4322-4d57-9fbe-4b23b80ebfe9@thehomecave.fr>
<CAOjFWZ4onB9SGbYNdcxLVdSptZ4Hc=d6JPFw30zwY0=L4FjqfQ@mail.gmail.com>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAOjFWZ4onB9SGbYNdcxLVdSptZ4Hc=d6JPFw30zwY0=L4FjqfQ@mail.gmail.com>
On Wed 28 Aug 08:40, Freddie Cash wrote:
> On Wed, Aug 28, 2024 at 1:21 AM yann.masson@thehomecave.fr <
> yann.masson@thehomecave.fr> wrote:
>
> > After configuring interfaces and routes, and triggering a 'service netif
> > restart && service routing restart' is there a way to wait for the 'carrier
> > up' of the interface before route reconfiguration? My use case is a server
> > with 2 Mellanox and a Lagg. The 2 mce interfaces are UP in milliseconds but
> > the lagg interface takes a few seconds to be UP, and the routing service
> > says 'Network unreachable'. The subnet is a /32 and the gateway need a
> > static route like: # /etc/rc.conf.d/netif cloned_interfaces="lagg0"
> > ifconfig_mce0="up" ifconfig_mce1="up" ifconfig_lagg0="laggproto lacp
> > laggport mce0 laggport mce1 198.51.100.1 netmask 255.255.255.255 mtu 1500"
> > # /etc/rc.conf.d/routing route_defaultgw="-host 203.0.113.1 -link
> > -interface lagg0" defaultrouter="203.0.113.1" static_routes="defaultgw" If
> > I run 'service netif restart && sleep 5 && service routing restart',
> > everything is ok. I didn't find any options for that, and was thinking
> > about a patch in the routing script. Thanks
> >
> Read through the comments in /etc/rc.d/netwait as that should do what
> you're looking for (wait until the interface is active or wait until you
> get a ping response from an IP before continuing with network
> configuration).
>
The problem is the route (set by routing rc script) is not reachable until
the lagg is ready/up but there is 0 mecanism in the routing script to to an
equivalent of netwait.
In my opinion we should implement in routing_netwait_if or routing_netwait_ip
to make routing wait on some iface to be ready, it can be useful for cases like
lagg, but could also be useful for cases like wireguard (when setup only via
netif).
But I am not sure we haven't missed something obvious.
Best regards,
Bapt
From nobody Thu Aug 29 16:12:51 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvmXN2VdJz5T8xr
for <net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 16:12:52 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvmXN1Vbzz53C9
for <net@FreeBSD.org>; Thu, 29 Aug 2024 16:12:52 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724947972; a=rsa-sha256; cv=none;
b=G1QLPMirhIzur8UML8hexOGT6mRNfeRgu6d6adPRn60MxmgmRXwg3vBodJEfB7tZoDNYbJ
5CbPXL/oOxwJ+zLLiEFydB4ahsQdz0JeSq6mBEoMJHJJ1419hECYSjJel7o+9boKJd/sO5
p/TavcI7xdgyPJ8QZ31TBcsfNVdaXAlE/1puhlt1DWZSDll4yIf1qSCq7JrLXNgqlzub5F
Ji+jzU/abE+rS8jr6vE5YzjSoec7v+Yp3MlOqbH7RrzNMvisd3KbitBYlEZOWGoVGIvYh+
FaPQmGTPJKTy8Xfcg493MyIHcpvXBtkB5Ku/j3kd2SUxa9Q/Jjq2WqqFnTZX2Q==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724947972;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=z/JvzcRvBDQ8E6z+n9cbJ4lXeM+Cd1pDLWsFNGOqLkI=;
b=knlLeqCsr6WR+Pd7Gjgm0yn1r3XFq0o7Qrdw+p7fxnXkxyRJaFKD5w6GIuGoF44De5V9ZM
ziF2IWjMPgQBXJWmK+EqWNfZmwdiQFHtkD4Yv6GKcu9ydx3wyOHFcrnIwQmikUbZSdEBgR
LApzaL1B8HFuU5/JF23uXhnZLENlgVx1NqFG6BB6/iB272y2xN2WXrQNnyTkjQpUQfcLqj
4s7OrZLFlBePXw2yhnBvUWio27Za1C7LHBmXg5UaTjykZ1ty3mflZVlsn7Y3CMofdBFyKR
dzJortQJc+H/aOt2TIflJ5NvlKpdCAh5GHqriBtm4MwW6NOtNU0sCPlWneKIbQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WvmXN15T5zPhP
for <net@FreeBSD.org>; Thu, 29 Aug 2024 16:12:52 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47TGCquf064201
for <net@FreeBSD.org>; Thu, 29 Aug 2024 16:12:52 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47TGCqxb064197
for net@FreeBSD.org; Thu, 29 Aug 2024 16:12:52 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 279245] igc(4) I226 (and I225) TX hangups
Date: Thu, 29 Aug 2024 16:12:51 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 13.2-RELEASE
X-Bugzilla-Keywords: IntelNetworking
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: freebsd_email@congenio.de
X-Bugzilla-Status: Closed
X-Bugzilla-Resolution: Not A Bug
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status resolution
Message-ID: <bug-279245-7501-qdCzeLnyUF@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-279245-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-279245-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D279245
Dr. Uwe Meyer-Gruhl <freebsd_email@congenio.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|New |Closed
Resolution|--- |Not A Bug
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Thu Aug 29 18:51:37 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wvr3p5Y29z52QW2
for <freebsd-net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 18:51:50 +0000 (UTC)
(envelope-from mike@sentex.net)
Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [IPv6:2607:f3e0:0:1::12])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smarthost1.sentex.ca", Issuer "R10" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wvr3n6J5Fz458J
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 18:51:49 +0000 (UTC)
(envelope-from mike@sentex.net)
Authentication-Results: mx1.freebsd.org;
dkim=none;
dmarc=none;
spf=pass (mx1.freebsd.org: domain of mike@sentex.net designates 2607:f3e0:0:1::12 as permitted sender) smtp.mailfrom=mike@sentex.net
Received: from pyroxene2a.sentex.ca (pyroxene19.sentex.ca [199.212.134.19])
by smarthost1.sentex.ca (8.18.1/8.18.1) with ESMTPS id 47TIpbHa042853
(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=FAIL)
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 14:51:37 -0400 (EDT)
(envelope-from mike@sentex.net)
Received: from [IPV6:2607:f3e0:0:4:8428:6097:7a81:e591] ([IPv6:2607:f3e0:0:4:8428:6097:7a81:e591])
by pyroxene2a.sentex.ca (8.18.1/8.15.2) with ESMTPS id 47TIpake011192
(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO)
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 14:51:36 -0400 (EDT)
(envelope-from mike@sentex.net)
Message-ID: <790fcb38-db6c-41ce-8222-8146be5dbe3b@sentex.net>
Date: Thu, 29 Aug 2024 14:51:37 -0400
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: FreeBSD Net <freebsd-net@freebsd.org>
From: mike tancsa <mike@sentex.net>
Subject: dropping udp fragments with ipfw
Autocrypt: addr=mike@sentex.net; keydata=
xsBNBFywzOMBCACoNFpwi5MeyEREiCeHtbm6pZJI/HnO+wXdCAWtZkS49weOoVyUj5BEXRZP
xflV2ib2hflX4nXqhenaNiia4iaZ9ft3I1ebd7GEbGnsWCvAnob5MvDZyStDAuRxPJK1ya/s
+6rOvr+eQiXYNVvfBhrCfrtR/esSkitBGxhUkBjOti8QwzD71JVF5YaOjBAs7jZUKyLGj0kW
yDg4jUndudWU7G2yc9GwpHJ9aRSUN8e/mWdIogK0v+QBHfv/dsI6zVB7YuxCC9Fx8WPwfhDH
VZC4kdYCQWKXrm7yb4TiVdBh5kgvlO9q3js1yYdfR1x8mjK2bH2RSv4bV3zkNmsDCIxjABEB
AAHNHW1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5uZXQ+wsCOBBMBCAA4FiEEmuvCXT0aY6hs
4SbWeVOEFl5WrMgFAl+pQfkCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQeVOEFl5W
rMiN6ggAk3H5vk8QnbvGbb4sinxZt/wDetgk0AOR9NRmtTnPaW+sIJEfGBOz47Xih+f7uWJS
j+uvc9Ewn2Z7n8z3ZHJlLAByLVLtcNXGoRIGJ27tevfOaNqgJHBPbFOcXCBBFTx4MYMM4iAZ
cDT5vsBTSaM36JZFtHZBKkuFEItbA/N8ZQSHKdTYMIA7A3OCLGbJBqloQ8SlW4MkTzKX4u7R
yefAYQ0h20x9IqC5Ju8IsYRFacVZconT16KS81IBceO42vXTN0VexbVF2rZIx3v/NT75r6Vw
0FlXVB1lXOHKydRA2NeleS4NEG2vWqy/9Boj0itMfNDlOhkrA/0DcCurMpnpbM7ATQRcsMzk
AQgA1Dpo/xWS66MaOJLwA28sKNMwkEk1Yjs+okOXDOu1F+0qvgE8sVmrOOPvvWr4axtKRSG1
t2QUiZ/ZkW/x/+t0nrM39EANV1VncuQZ1ceIiwTJFqGZQ8kb0+BNkwuNVFHRgXm1qzAJweEt
RdsCMohB+H7BL5LGCVG5JaU0lqFU9pFP40HxEbyzxjsZgSE8LwkI6wcu0BLv6K6cLm0EiHPO
l5G8kgRi38PS7/6s3R8QDsEtbGsYy6O82k3zSLIjuDBwA9GRaeigGppTxzAHVjf5o9KKu4O7
gC2KKVHPegbXS+GK7DU0fjzX57H5bZ6komE5eY4p3oWT/CwVPSGfPs8jOwARAQABwsB2BBgB
CAAgFiEEmuvCXT0aY6hs4SbWeVOEFl5WrMgFAl+pQfkCGwwACgkQeVOEFl5WrMiVqwf9GwU8
c6cylknZX8QwlsVudTC8xr/L17JA84wf03k3d4wxP7bqy5AYy7jboZMbgWXngAE/HPQU95NM
aukysSnknzoIpC96XZJ0okLBXVS6Y0ylZQ+HrbIhMpuQPoDweoF5F9wKrsHRoDaUK1VR706X
rwm4HUzh7Jk+auuMYfuCh0FVlFBEuiJWMLhg/5WCmcRfiuB6F59ZcUQrwLEZeNhF2XJV4KwB
Tlg7HCWO/sy1foE5noaMyACjAtAQE9p5kGYaj+DuRhPdWUTsHNuqrhikzIZd2rrcMid+ktb0
NvtvswzMO059z1YGMtGSqQ4srCArju+XHIdTFdiIYbd7+jeehg==
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.86
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.36 / 15.00];
NEURAL_HAM_LONG(-1.00)[-1.000];
NEURAL_HAM_MEDIUM(-1.00)[-1.000];
NEURAL_HAM_SHORT(-0.97)[-0.974];
R_SPF_ALLOW(-0.20)[+ip6:2607:f3e0::/32];
MIME_GOOD(-0.10)[text/plain];
RCVD_IN_DNSWL_LOW(-0.10)[199.212.134.19:received];
XM_UA_NO_VERSION(0.01)[];
TO_DN_ALL(0.00)[];
RCPT_COUNT_ONE(0.00)[1];
FREEFALL_USER(0.00)[mike];
ASN(0.00)[asn:11647, ipnet:2607:f3e0::/32, country:CA];
MIME_TRACE(0.00)[0:+];
MID_RHS_MATCH_FROM(0.00)[];
R_DKIM_NA(0.00)[];
MLMMJ_DEST(0.00)[freebsd-net@freebsd.org];
FROM_EQ_ENVFROM(0.00)[];
FROM_HAS_DN(0.00)[];
ARC_NA(0.00)[];
RCVD_COUNT_TWO(0.00)[2];
PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org];
TO_MATCH_ENVRCPT_ALL(0.00)[];
DMARC_NA(0.00)[sentex.net];
RCVD_TLS_ALL(0.00)[]
X-Rspamd-Queue-Id: 4Wvr3n6J5Fz458J
I was working on some firewall rules to drop large UDP fragment attacks
and noticed there is no easy way to drop fragments based on port ? e.g.
if someone sends a UDP packet of 1400 bytes, I can drop it with
TARGET=192.168.1.1
ipfw add 5 deny log udp from any 53 to $TARGET
But if that packet is say 2000 bytes and is fragmented, the fragment
passes through. I have to add a subsequent rule
ipfw add 10 deny log udp from any to $TARGET fragment
But this would kill all UDP fragments. If the host has some other UDP
application that needs to deal with fragmented packets, is there a way
to get around that and only drop packets with a certain port in the
first fragment ?
   ---Mike
From nobody Thu Aug 29 19:45:55 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvsGS0xSrz52VtC
for <freebsd-net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 19:46:08 +0000 (UTC)
(envelope-from olivier@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "smtp.freebsd.org", Issuer "R10" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvsGS0Qmnz49Vj
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 19:46:08 +0000 (UTC)
(envelope-from olivier@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
t=1724960768;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
in-reply-to:in-reply-to:references:references;
bh=w8fKVVhxXlsOpeA/VzMgdoRV7oag7z/v/KAG0K3RffY=;
b=ZGLKSNRvORJ93cNG3jya4Eph8PJYf/wWTR7fk+pxzhwF8WLAgqIIQkj6YZtvRjG7ruKbI2
8Tb+Uz6h+GLfZM9Gs+aqtr9thJS+BbM8PCnqN4IEE5tHSTV3wVPGXFK/CixL1coF/EwFvu
a3jULs26G/QTBkS6V89iu0f3Wd/sQkv6Z++jstCQynEXnH45ea9uvjESvgJ0tcXHPnHWqh
1iSMfaSjJXFLtXxaobKR/japkLG9qTF5CBi+aL2oiM8uhnhyi/838Jkm88mo1mcXnnddir
QTiJMJRJt/YJ7mzXONRrH+8bp+6BNcFkuxtMcHlvBpF8e8H3HAkx/EgG1MOWTw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724960768; a=rsa-sha256; cv=none;
b=ScvsGYmWSAFnWNgm4rSreWPXfHWnNhW/7gh28I/Mxr2v8kq1C6Wvj2xmipqNpgspUzhfNd
+CYm6FJ2aQ9UgRaEkgvONnOeByit7rkU30tUQdyAeSZuf+WQWxgTLgaJ2d0xzMYOrQDayH
pdj+lDMydcToF8B9sLdKe6h6g48UaxqxuIuiOFeWwbmXNCUMF5XxbrSiXYXe0OCOr6o1yZ
fs8KXUbTuDYdiUy1h0MTLLYdRCEzWw+4f2U/1RVf/kQRKLhYIYijTfnnmLUne6VV6Zy+qV
1Pzlfkt6ZXu6JhDWyy5+VLVZy2sluNWL8PC+/sjNGXYvyFCd+IWctIvQAbi8MA==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724960768;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
in-reply-to:in-reply-to:references:references;
bh=w8fKVVhxXlsOpeA/VzMgdoRV7oag7z/v/KAG0K3RffY=;
b=WZdiY34FCMQsryYYz6HBx6Brz6iXWgROmGLYVYbx8QKzHM5FM4Zgty1gmbuKVOcZ6QRfLp
tSqZNjMX0djedznSIviQizs8+AfUN3NVJHEp6ZTvjMq2+EVpvx6gfx2adZFtcVd0T5qlg6
IizF+UBDc+6XnwEUjpMmFpDvoSA7wItVWXHrvjKOPbjdGmWPoVgtV1QKXmzx3hlni3K8qF
p+icFtbo2TsFN5aMSmxnCKx7ycoUBVtnNhTs4C1xNPxJPgVKR3s/qi5G5c98z4glAoyMU9
XW5zaXCeJVVI2hlwViQYVm1Ppw4opYxHsAs0K7r/hlYET8MO57l8J4+BY/fckA==
Received: from mail-qv1-f49.google.com (mail-qv1-f49.google.com [209.85.219.49])
(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smtp.gmail.com", Issuer "WR4" (verified OK))
(Authenticated sender: olivier/mail)
by smtp.freebsd.org (Postfix) with ESMTPSA id 4WvsGR71CHzTQQ
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 19:46:07 +0000 (UTC)
(envelope-from olivier@freebsd.org)
Received: by mail-qv1-f49.google.com with SMTP id 6a1803df08f44-6bd6f2c9d52so5714876d6.3
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 12:46:07 -0700 (PDT)
X-Gm-Message-State: AOJu0YzokDR10kgCo/MbEpt/Bl1gJzJUIRm0FOPPsMfbi7ysIgPSpzZ6
WNhNwmr6iipNzIS+gml79PgLabJS/u/l/+OSTdbOPaoJ2L6NT2Q1ZqN5cVYsdYjGG5pn2CmSWgE
gqOyM2JqYMgWCxbw/ajtnGyEdSHo=
X-Google-Smtp-Source: AGHT+IGAcm/m8cwTiFiA1WpJhAakBtDv//YLFur4s9JdK9NEG3JESz+8cOnwYbW27VXwEpdam225p6DZDzh2Y9wfGjs=
X-Received: by 2002:a05:6214:5d8d:b0:6bf:80e5:debd with SMTP id
6a1803df08f44-6c33e62d2b6mr44036726d6.29.1724960767552; Thu, 29 Aug 2024
12:46:07 -0700 (PDT)
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
References: <790fcb38-db6c-41ce-8222-8146be5dbe3b@sentex.net>
In-Reply-To: <790fcb38-db6c-41ce-8222-8146be5dbe3b@sentex.net>
From: =?UTF-8?Q?Olivier_Cochard=2DLabb=C3=A9?= <olivier@freebsd.org>
Date: Thu, 29 Aug 2024 21:45:55 +0200
X-Gmail-Original-Message-ID: <CA+q+Tcpj7OY0HpUuw7uDGzLQW_GUcXoNkAg2ACDJ65dK7ZDUjg@mail.gmail.com>
Message-ID: <CA+q+Tcpj7OY0HpUuw7uDGzLQW_GUcXoNkAg2ACDJ65dK7ZDUjg@mail.gmail.com>
Subject: Re: dropping udp fragments with ipfw
To: mike tancsa <mike@sentex.net>
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Content-Type: multipart/alternative; boundary="000000000000cd3eba0620d7b9e8"
--000000000000cd3eba0620d7b9e8
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Thu, Aug 29, 2024 at 8:52=E2=80=AFPM mike tancsa <mike@sentex.net> wrote=
:
> But this would kill all UDP fragments. If the host has some other UDP
> application that needs to deal with fragmented packets, is there a way
> to get around that and only drop packets with a certain port in the
> first fragment ?
>
>
When a packet is fragmented, only the IP header (not the UDP header that
includes the port number) is copied for all subsequent fragmented packets.
To fix this behavior, you can instruct the firewall to reassemble the
packet before performing UDP/TCP port filtering.
Refer to the ipfw(4) man page on the "reass" keyword, which provides the
following example:
ipfw add reass all from any to any in
I hope this helps!
--000000000000cd3eba0620d7b9e8
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div dir=3D"ltr"><div class=3D"gmail_default" style=3D"fon=
t-family:"courier new",monospace"><br></div></div><div class=3D"g=
mail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu, Aug 29, 2024 at 8=
:52=E2=80=AFPM mike tancsa <<a href=3D"mailto:mike@sentex.net">mike@sent=
ex.net</a>> wrote:</div><blockquote class=3D"gmail_quote" style=3D"margi=
n:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex=
">
But this would kill all UDP fragments.=C2=A0 If the host has some other UDP=
<br>
application that needs to deal with fragmented packets, is there a way <br>
to get around that and only drop packets with a certain port in the <br>
first fragment ?<br><br></blockquote><br>When a packet is fragmented, only =
the IP header (not the UDP header that includes the port number) is copied =
for all subsequent fragmented packets.<br>To fix this behavior, you can ins=
truct the firewall to reassemble the packet before performing UDP/TCP port =
filtering.<br>Refer to the ipfw(4) man page on the "reass" keywor=
d, which provides the following example:<br>ipfw add reass all from any to =
any in<br><br><div>I hope this helps!=C2=A0</div></div></div>
--000000000000cd3eba0620d7b9e8--
From nobody Thu Aug 29 19:53:36 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvsR91zNYz52WHg
for <freebsd-net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 19:53:41 +0000 (UTC)
(envelope-from mike@sentex.net)
Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [IPv6:2607:f3e0:0:1::12])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smarthost1.sentex.ca", Issuer "R10" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvsR84qtdz4DQv;
Thu, 29 Aug 2024 19:53:40 +0000 (UTC)
(envelope-from mike@sentex.net)
Authentication-Results: mx1.freebsd.org;
none
Received: from pyroxene2a.sentex.ca (pyroxene19.sentex.ca [199.212.134.19])
by smarthost1.sentex.ca (8.18.1/8.18.1) with ESMTPS id 47TJrbF5068646
(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=FAIL);
Thu, 29 Aug 2024 15:53:37 -0400 (EDT)
(envelope-from mike@sentex.net)
Received: from [IPV6:2607:f3e0:0:4:2cb6:5364:1034:9781] ([IPv6:2607:f3e0:0:4:2cb6:5364:1034:9781])
by pyroxene2a.sentex.ca (8.18.1/8.15.2) with ESMTPS id 47TJrZpE030637
(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO);
Thu, 29 Aug 2024 15:53:36 -0400 (EDT)
(envelope-from mike@sentex.net)
Content-Type: multipart/alternative;
boundary="------------K040u0YVLnYsANkqqx04x1zg"
Message-ID: <7bcc26a1-4dcc-43bd-bfdb-48f732f646d0@sentex.net>
Date: Thu, 29 Aug 2024 15:53:36 -0400
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: dropping udp fragments with ipfw
To: =?UTF-8?Q?Olivier_Cochard-Labb=C3=A9?= <olivier@freebsd.org>
Cc: FreeBSD Net <freebsd-net@freebsd.org>
References: <790fcb38-db6c-41ce-8222-8146be5dbe3b@sentex.net>
<CA+q+Tcpj7OY0HpUuw7uDGzLQW_GUcXoNkAg2ACDJ65dK7ZDUjg@mail.gmail.com>
Content-Language: en-US
From: mike tancsa <mike@sentex.net>
Autocrypt: addr=mike@sentex.net; keydata=
xsBNBFywzOMBCACoNFpwi5MeyEREiCeHtbm6pZJI/HnO+wXdCAWtZkS49weOoVyUj5BEXRZP
xflV2ib2hflX4nXqhenaNiia4iaZ9ft3I1ebd7GEbGnsWCvAnob5MvDZyStDAuRxPJK1ya/s
+6rOvr+eQiXYNVvfBhrCfrtR/esSkitBGxhUkBjOti8QwzD71JVF5YaOjBAs7jZUKyLGj0kW
yDg4jUndudWU7G2yc9GwpHJ9aRSUN8e/mWdIogK0v+QBHfv/dsI6zVB7YuxCC9Fx8WPwfhDH
VZC4kdYCQWKXrm7yb4TiVdBh5kgvlO9q3js1yYdfR1x8mjK2bH2RSv4bV3zkNmsDCIxjABEB
AAHNHW1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5uZXQ+wsCOBBMBCAA4FiEEmuvCXT0aY6hs
4SbWeVOEFl5WrMgFAl+pQfkCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQeVOEFl5W
rMiN6ggAk3H5vk8QnbvGbb4sinxZt/wDetgk0AOR9NRmtTnPaW+sIJEfGBOz47Xih+f7uWJS
j+uvc9Ewn2Z7n8z3ZHJlLAByLVLtcNXGoRIGJ27tevfOaNqgJHBPbFOcXCBBFTx4MYMM4iAZ
cDT5vsBTSaM36JZFtHZBKkuFEItbA/N8ZQSHKdTYMIA7A3OCLGbJBqloQ8SlW4MkTzKX4u7R
yefAYQ0h20x9IqC5Ju8IsYRFacVZconT16KS81IBceO42vXTN0VexbVF2rZIx3v/NT75r6Vw
0FlXVB1lXOHKydRA2NeleS4NEG2vWqy/9Boj0itMfNDlOhkrA/0DcCurMpnpbM7ATQRcsMzk
AQgA1Dpo/xWS66MaOJLwA28sKNMwkEk1Yjs+okOXDOu1F+0qvgE8sVmrOOPvvWr4axtKRSG1
t2QUiZ/ZkW/x/+t0nrM39EANV1VncuQZ1ceIiwTJFqGZQ8kb0+BNkwuNVFHRgXm1qzAJweEt
RdsCMohB+H7BL5LGCVG5JaU0lqFU9pFP40HxEbyzxjsZgSE8LwkI6wcu0BLv6K6cLm0EiHPO
l5G8kgRi38PS7/6s3R8QDsEtbGsYy6O82k3zSLIjuDBwA9GRaeigGppTxzAHVjf5o9KKu4O7
gC2KKVHPegbXS+GK7DU0fjzX57H5bZ6komE5eY4p3oWT/CwVPSGfPs8jOwARAQABwsB2BBgB
CAAgFiEEmuvCXT0aY6hs4SbWeVOEFl5WrMgFAl+pQfkCGwwACgkQeVOEFl5WrMiVqwf9GwU8
c6cylknZX8QwlsVudTC8xr/L17JA84wf03k3d4wxP7bqy5AYy7jboZMbgWXngAE/HPQU95NM
aukysSnknzoIpC96XZJ0okLBXVS6Y0ylZQ+HrbIhMpuQPoDweoF5F9wKrsHRoDaUK1VR706X
rwm4HUzh7Jk+auuMYfuCh0FVlFBEuiJWMLhg/5WCmcRfiuB6F59ZcUQrwLEZeNhF2XJV4KwB
Tlg7HCWO/sy1foE5noaMyACjAtAQE9p5kGYaj+DuRhPdWUTsHNuqrhikzIZd2rrcMid+ktb0
NvtvswzMO059z1YGMtGSqQ4srCArju+XHIdTFdiIYbd7+jeehg==
In-Reply-To: <CA+q+Tcpj7OY0HpUuw7uDGzLQW_GUcXoNkAg2ACDJ65dK7ZDUjg@mail.gmail.com>
X-Scanned-By: MIMEDefang 2.86
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
module=replies;
Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
REPLY(-4.00)[];
ASN(0.00)[asn:11647, ipnet:2607:f3e0::/32, country:CA]
X-Rspamd-Queue-Id: 4WvsR84qtdz4DQv
This is a multi-part message in MIME format.
--------------K040u0YVLnYsANkqqx04x1zg
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
On 8/29/2024 3:45 PM, Olivier Cochard-Labbé wrote:
>
> On Thu, Aug 29, 2024 at 8:52 PM mike tancsa <mike@sentex.net> wrote:
>
> But this would kill all UDP fragments. If the host has some other
> UDP
> application that needs to deal with fragmented packets, is there a
> way
> to get around that and only drop packets with a certain port in the
> first fragment ?
>
>
> When a packet is fragmented, only the IP header (not the UDP header
> that includes the port number) is copied for all subsequent fragmented
> packets.
> To fix this behavior, you can instruct the firewall to reassemble the
> packet before performing UDP/TCP port filtering.
> Refer to the ipfw(4) man page on the "reass" keyword, which provides
> the following example:
> ipfw add reass all from any to any in
>
> I hope this helps!
Thanks very much, it does! Under DDoS attack, how "expensive" would
this be I noticed there are some default queue limits that probably
would be exhausted fairly quickly. I might look instead for this use
case to use the chelsio NIC rules (via cxgbetool) and just drop with
something like this
cxgbetool t5nex0 filter 10 sip 0.0.0.0/0 sport 53 dip 192.168.1.1/32
proto 17Â action drop
cxgbetool t5nex0 filter 11 sip 0.0.0.0/0 dip 192.168.1.1/32 proto 17
frag 1 action drop
to protect the customer downstream and then get rid of rule 11 once the
pps rate drops back to normal.
   ---Mike
--------------K040u0YVLnYsANkqqx04x1zg
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">On 8/29/2024 3:45 PM, Olivier
Cochard-Labbé wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+q+Tcpj7OY0HpUuw7uDGzLQW_GUcXoNkAg2ACDJ65dK7ZDUjg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div dir="ltr">
<div class="gmail_default"
style="font-family:"courier new",monospace"><br>
</div>
</div>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Aug 29, 2024 at
8:52 PM mike tancsa <<a href="mailto:mike@sentex.net"
moz-do-not-send="true" class="moz-txt-link-freetext">mike@sentex.net</a>>
wrote:</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
But this would kill all UDP fragments. If the host has some
other UDP <br>
application that needs to deal with fragmented packets, is
there a way <br>
to get around that and only drop packets with a certain port
in the <br>
first fragment ?<br>
<br>
</blockquote>
<br>
When a packet is fragmented, only the IP header (not the UDP
header that includes the port number) is copied for all
subsequent fragmented packets.<br>
To fix this behavior, you can instruct the firewall to
reassemble the packet before performing UDP/TCP port
filtering.<br>
Refer to the ipfw(4) man page on the "reass" keyword, which
provides the following example:<br>
ipfw add reass all from any to any in<br>
<br>
<div>I hope this helps! <br>
</div>
</div>
</div>
</blockquote>
<p><br>
</p>
<p>Thanks very much, it does! Under DDoS attack, how "expensive"
would this be I noticed there are some default queue limits that
probably would be exhausted fairly quickly. I might look instead
for this use case to use the chelsio NIC rules (via cxgbetool) and
just drop with something like this <br>
</p>
<p>cxgbetool t5nex0 filter 10 sip 0.0.0.0/0 sport 53 dip
192.168.1.1/32 proto 17Â action drop<br>
cxgbetool t5nex0 filter 11 sip 0.0.0.0/0 dip 192.168.1.1/32 proto
17 frag 1 action drop</p>
<p>to protect the customer downstream and then get rid of rule 11
once the pps rate drops back to normal.<br>
</p>
<p>Â Â Â ---Mike<br>
</p>
</body>
</html>
--------------K040u0YVLnYsANkqqx04x1zg--
From nobody Thu Aug 29 19:59:12 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvsYj5TYWz52X2H
for <freebsd-net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 19:59:21 +0000 (UTC)
(envelope-from SRS0=jWsS=P4=klop.ws=ronald-lists@realworks.nl)
Received: from smtp-relay-int.realworks.nl (smtp-relay-int.realworks.nl [194.109.157.24])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvsYj33M6z4FTZ
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 19:59:21 +0000 (UTC)
(envelope-from SRS0=jWsS=P4=klop.ws=ronald-lists@realworks.nl)
Authentication-Results: mx1.freebsd.org;
none
Date: Thu, 29 Aug 2024 21:59:12 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=klop.ws; s=rw2;
t=1724961554;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:content-type:content-type:
in-reply-to:in-reply-to:references:references;
bh=EniEv/KpCvFOI96WGrVv+G3lZrlN1S1UYvPdMZ0RDjg=;
b=Rx+c5Hq9iJAoN/Sivh1/zjZKCllSWqX69XtYSckXby+y4rOZR+mZV1cbuaDCg/4kq2f/wk
3v8dEgwICFTNGMal20wQzeVaG5bmWrhNXWhnYee/UDHokmPSTszFVrlOIeiZ78Ibj7R6hP
YlPyyyUtzwYITZ7DeijxG2ZtyhXCRrShuKkipOaYp0+FtiZqJodpeRSmuTv1ah94xgPaqk
K6hA1+VfgQC9qCszb6h4XoLii81Lpfey1L5y5Rxsh6cAHyODyZ+4joye9RfA8Ei/ptcTLO
jD0m6QZW/VXwZwOSfo7tHmkpmkJZG84/gi08aymDcwaSN1+7MF5nBT+E2rmYnw==
From: Ronald Klop <ronald-lists@klop.ws>
To: mike tancsa <mike@sentex.net>
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Message-ID: <844983132.8139.1724961552115@localhost>
In-Reply-To: <790fcb38-db6c-41ce-8222-8146be5dbe3b@sentex.net>
References: <790fcb38-db6c-41ce-8222-8146be5dbe3b@sentex.net>
Subject: Re: dropping udp fragments with ipfw
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_8138_2135212535.1724961552047"
X-Mailer: Realworks (718.41)
Importance: Normal
X-Priority: 3 (Normal)
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
module=replies;
Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
REPLY(-4.00)[];
ASN(0.00)[asn:3265, ipnet:194.109.0.0/16, country:NL]
X-Rspamd-Queue-Id: 4WvsYj33M6z4FTZ
------=_Part_8138_2135212535.1724961552047
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Van: mike tancsa <mike@sentex.net>
Datum: donderdag, 29 augustus 2024 20:51
Aan: FreeBSD Net <freebsd-net@freebsd.org>
Onderwerp: dropping udp fragments with ipfw
>
> I was working on some firewall rules to drop large UDP fragment attacks and noticed there is no easy way to drop fragments based on port ? e.g. if someone sends a UDP packet of 1400 bytes, I can drop it with
>
> TARGET=192.168.1.1
>
> ipfw add 5 deny log udp from any 53 to $TARGET
>
> But if that packet is say 2000 bytes and is fragmented, the fragment passes through. I have to add a subsequent rule
>
> ipfw add 10 deny log udp from any to $TARGET fragment
>
> But this would kill all UDP fragments. If the host has some other UDP application that needs to deal with fragmented packets, is there a way to get around that and only drop packets with a certain port in the first fragment ?
>
> ---Mike
>
>
>
>
>
Fragmentation happens on IP level. As far as I know ipfw does not keep state of fragments.
You can use "reass" to let the firewall reassemble the fragmented IP packet and only forward it when it is complete. The manual page of ipfw describes this.
Another option I can think of, but which I didn't try is setting up dummynet rate limiting and directing the fragments through it.
Regards,
Ronald.
------=_Part_8138_2135212535.1724961552047
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<html><head></head><body><br>
<p><strong>Van:</strong> mike tancsa <mike@sentex.net><br>
<strong>Datum:</strong> donderdag, 29 augustus 2024 20:51<br>
<strong>Aan:</strong> FreeBSD Net <freebsd-net@freebsd.org><br>
<strong>Onderwerp:</strong> dropping udp fragments with ipfw</p>
<blockquote style="padding-right: 0px; padding-left: 5px; margin-left: 5px; border-left: #000000 2px solid; margin-right: 0px">
<div class="MessageRFC822Viewer" id="P">
<div class="TextPlainViewer" id="P.P">I was working on some firewall rules to drop large UDP fragment attacks and noticed there is no easy way to drop fragments based on port ? e.g. if someone sends a UDP packet of 1400 bytes, I can drop it with<br>
<br>
TARGET=192.168.1.1<br>
<br>
ipfw add 5 deny log udp from any 53 to $TARGET<br>
<br>
But if that packet is say 2000 bytes and is fragmented, the fragment passes through. I have to add a subsequent rule<br>
<br>
ipfw add 10 deny log udp from any to $TARGET fragment<br>
<br>
But this would kill all UDP fragments. If the host has some other UDP application that needs to deal with fragmented packets, is there a way to get around that and only drop packets with a certain port in the first fragment ?<br>
<br>
---Mike<br>
<br>
</div>
<hr></div>
</blockquote>
<br>
<br>
Fragmentation happens on IP level. As far as I know ipfw does not keep state of fragments.<br>
You can use "reass" to let the firewall reassemble the fragmented IP packet and only forward it when it is complete. The manual page of ipfw describes this.<br>
Another option I can think of, but which I didn't try is setting up dummynet rate limiting and directing the fragments through it.<br>
<br>
Regards,<br>
Ronald.<br>
</body></html>
------=_Part_8138_2135212535.1724961552047--
From nobody Thu Aug 29 21:43:54 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvvtQ3TqFz5MTM4
for <freebsd-net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 21:43:58 +0000 (UTC)
(envelope-from markjdb@gmail.com)
Received: from mail-yw1-x1135.google.com (mail-yw1-x1135.google.com [IPv6:2607:f8b0:4864:20::1135])
(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "smtp.gmail.com", Issuer "WR4" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvvtP66DLz4WLV
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 21:43:57 +0000 (UTC)
(envelope-from markjdb@gmail.com)
Authentication-Results: mx1.freebsd.org;
dkim=pass header.d=gmail.com header.s=20230601 header.b=BF4314Sv;
dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=freebsd.org (policy=none);
spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::1135 as permitted sender) smtp.mailfrom=markjdb@gmail.com
Received: by mail-yw1-x1135.google.com with SMTP id 00721157ae682-6b8f13f28fbso10333047b3.1
for <freebsd-net@freebsd.org>; Thu, 29 Aug 2024 14:43:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1724967837; x=1725572637; darn=freebsd.org;
h=content-disposition:mime-version:message-id:subject:to:from:date
:sender:from:to:cc:subject:date:message-id:reply-to;
bh=s/YUvzXoGaVC/T95vTvrj8oxpeRVNINkcvWHm4p17+A=;
b=BF4314SvvN4vLmA/betTvl8bz7VNsQ3lp/01YP1eqRRkeAYu6byxuciWtplRNSkxlr
kvqso0IDGrf+X5tZtTSrkjOwTFzLH+oLZSr25F0tSHEv+/b1tccA4zZPvsgWDz8PPRV/
gdOodivRgcwtbkrvgw9wTpDd0oA0lVeCII+HHnjWdZrTNsybgkXuZyLcwkn6vCtUG2LL
/PxfHC0p57lOLbC2bVaHRf1Qc9D2DPjlqNFI9+/0wse78oYHV9s1tSoSaiw0aFbPh8DB
fUCbA+RvZK9IFdbZNKQ1SUcX+jusNe/n6bkmXDGd1mzcVf3QCdE8vyGNGhhOpRL3lQub
2aqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1724967837; x=1725572637;
h=content-disposition:mime-version:message-id:subject:to:from:date
:sender:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=s/YUvzXoGaVC/T95vTvrj8oxpeRVNINkcvWHm4p17+A=;
b=aI3iP1cVa0p53wVJv2Gult7HMjNtW7bNy8U9y1DwmuhMD9IrAXUzyoB6ENRgxRCSd6
mKiC+X+8Yuw/Vbn0QmvyV0fl/h6040eaVK5ywbpfNgzF3Bq80zQcEgCNlIqC0vkVJu5d
xZ6/a922lBgk7C/dCZYMVAHYSDuadYQOVpL+JkIK9Ai0Iqw7wr2kKzMG9xB/Fd+4S17w
D7OO87Exa9bokjgefSkKE38Rxhs8BLeYytRqrB+xTTkIjnfwiu570T/j98yuGmbQbTcM
GZCdXz/9YnVWWSbhO7z0X7m8HbZI9SlN6DuiiXSr4HXK1puVZ5fJCXY6iciC6w09yugg
Az2A==
X-Gm-Message-State: AOJu0Yya79KdOeI9xEN415SzPUvmN4VayoVkKegwI40DyYkr17VNpVTj
zqDIP+1MOWkVdTSY+SXyqstygomkueFEWcH/hjiL1fywZs6AxhaPXKeIMw==
X-Google-Smtp-Source: AGHT+IFFbn6N14IjVTZ88mFHpaON6LkIqjG6cN1b/md99+iOEFaov0hp727cQiiReYOtt+fQVDUV+A==
X-Received: by 2002:a05:690c:60c7:b0:6af:eb0b:6544 with SMTP id 00721157ae682-6d277778e0emr48106157b3.35.1724967836993;
Thu, 29 Aug 2024 14:43:56 -0700 (PDT)
Received: from nuc (192-0-220-237.cpe.teksavvy.com. [192.0.220.237])
by smtp.gmail.com with ESMTPSA id af79cd13be357-7a806d5e1e1sm87747885a.103.2024.08.29.14.43.56
for <freebsd-net@freebsd.org>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 29 Aug 2024 14:43:56 -0700 (PDT)
Date: Thu, 29 Aug 2024 17:43:54 -0400
From: Mark Johnston <markj@freebsd.org>
To: freebsd-net@freebsd.org
Subject: SO_SPLICE implementation
Message-ID: <ZtDrmjCJCEkrAKev@nuc>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spamd-Bar: --
X-Spamd-Result: default: False [-2.58 / 15.00];
NEURAL_HAM_MEDIUM(-1.00)[-1.000];
NEURAL_HAM_LONG(-1.00)[-1.000];
NEURAL_HAM_SHORT(-0.98)[-0.978];
MID_RHS_NOT_FQDN(0.50)[];
FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com];
R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601];
DMARC_POLICY_SOFTFAIL(0.10)[freebsd.org : SPF not aligned (relaxed), DKIM not aligned (relaxed),none];
MIME_GOOD(-0.10)[text/plain];
RCVD_TLS_LAST(0.00)[];
FROM_HAS_DN(0.00)[];
RCPT_COUNT_ONE(0.00)[1];
ARC_NA(0.00)[];
FREEMAIL_ENVFROM(0.00)[gmail.com];
MIME_TRACE(0.00)[0:+];
TO_MATCH_ENVRCPT_ALL(0.00)[];
MISSING_XM_UA(0.00)[];
DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
TO_DN_NONE(0.00)[];
RCVD_COUNT_TWO(0.00)[2];
FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com];
DKIM_TRACE(0.00)[gmail.com:+];
PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org];
TO_DOM_EQ_FROM_DOM(0.00)[];
MLMMJ_DEST(0.00)[freebsd-net@freebsd.org];
ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
RCVD_VIA_SMTP_AUTH(0.00)[];
RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1135:from]
X-Rspamd-Queue-Id: 4WvvtP66DLz4WLV
Hello,
Drew Gallatin and I have been working on an implementation of SO_SPLICE,
an interface which allows TCP connections to be spliced together. This
is intended for use in proxy applications to reduce the overhead of
copying data between connections.
At the moment the interface isn't widely used, though I'll make sure
that net/relayd can take advantage of it (which it already does on
OpenBSD). If there are existing applications that might take advantage
of it, especially in the FreeBSD base system, I'd be interested to hear
suggestions.
The code review is here if anyone's interested in looking at the
implementation: https://reviews.freebsd.org/D46411
From nobody Thu Aug 29 22:45:06 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WvxDy3dLzz5MYXL
for <net@mlmmj.nyi.freebsd.org>; Thu, 29 Aug 2024 22:45:06 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WvxDy04CCz4ZvQ
for <net@FreeBSD.org>; Thu, 29 Aug 2024 22:45:06 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724971506; a=rsa-sha256; cv=none;
b=gRFGgv+OFhCse1EphyzXA6HtgR++5KKHLl3LPLr8qYEAjmSRcVkavzUjrXbgVPxVsCR9tX
lLHISbKP/gDKc3wl5svolqJ/+twaUUJRI/TnHrT7i2FpNusLgjppkUl6A57N+/vzVgHTFb
MkJHtf5AqsByjFabvpxeOCK5gLGGOLmGFwgSwTE/uiR0/4vSHeweZ+bGJh0JqlQ0qvHPKH
s764Bz4J7ylz+lHHj6sBgORYxxkXmfMXPrZGodfBGZDryLbymOEfm+DVVYVyl/vM6Yo6qh
dLJv4PewBmCsxlJi8AvH9kt40us8fqAoL8PukCUidqWESJPMfJcgaooGmiS1zg==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1724971506;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=vhzDOrxUZ65LGSNp8S07JKbMsKB3OC9l5qxuuMDlD1o=;
b=p6VeDe2hjXsGCwG+B3XT8zFifEZ5TJUvriPYlWh9kpO8Nxef2hQF9BDsurygU9d1x/ikAT
rVSAfjDRgmYZD4DlD6M22rIh7niab4FjxOg6utjxBdsY2X4BWztSnO5iINKiL8mtBDWmVs
8S2mFmMFgiMxU2aU4y3pFMyx5kkOvvYRsYp9oeG/hfaySoTJiEYAQvFwMXm3/uprqqRktn
WovVDhjPaF04VmZdtagAIlYG0rOZjNDrM7QNDslwDAXy2vXu9GuRfEuZ6kHETFinWd3GFS
LucxdbN8e7SQQFeMUvlUeGTLQoUbgTtQpxl8+7miHjfoRrHgBvyPScjTEky9rA==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WvxDx6gPMzcYd
for <net@FreeBSD.org>; Thu, 29 Aug 2024 22:45:05 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47TMj5TD055321
for <net@FreeBSD.org>; Thu, 29 Aug 2024 22:45:05 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47TMj5iD055320
for net@FreeBSD.org; Thu, 29 Aug 2024 22:45:05 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 281125] ixl: fix multicast filters handling regression
Date: Thu, 29 Aug 2024 22:45:06 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.0-RELEASE
X-Bugzilla-Keywords: IntelNetworking, regression
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: linimon@FreeBSD.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: assigned_to
Message-ID: <bug-281125-7501-Ct7BPGLiXo@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-281125-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-281125-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D281125
Mark Linimon <linimon@FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|bugs@FreeBSD.org |net@FreeBSD.org
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Fri Aug 30 09:11:41 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwC7x5bhyz52RHF
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 09:11:41 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwC7x4SRXz4W4l
for <net@FreeBSD.org>; Fri, 30 Aug 2024 09:11:41 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725009101; a=rsa-sha256; cv=none;
b=c+XG68QRDjheNheWc0eEunqYH1Yio36aFFeuYCzrmINmlgKPmVTXfkwRdML6LosWiCgka2
nt1IEtR4cECCYRa9wYcTwxIMWjK0RtDX3TLa5JxJHDijsi/PsRg96djJ5V7xaYNTEaDiQj
iVebyiyKBxyIyiuuhHspPxVmQ9uvVQAUH2v2OOSgytbM4yahu+WtweU8ubP+Vi7QjCZP7r
pu1x+DYcuoHYCESJv53/9fectgKkeI4x32LO9h591KO2bTzmDCW7BUXcWziCwZDACi7pXB
UF6tELqXR2pOHfkpVYliqaKi1oY1r7CaITaOacCWszDGmLhYq6MARZug4lm41Q==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725009101;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=ylPhfuOk88vOH3b/9Z/Pc3pmg8jKUfkdsq+d3o2y06M=;
b=ONDlPdIA8pbXlun36d6EZXULaQ0x1M8o+yivNOjjsGrPk4hUjRFsl1qfbE8ogoxNDts0PO
tuUOGiIBXruuJ2YO/ArOINDFhDHJD2VahqxPRQRtRbopsneHMltsem8g4B01K//A8hRv/I
YUiEa76ahAfZDX1V1UrkhS67YjBQrbnqowHzn/FpAGPfhi7wenQjJA6b+tgAWcjtGQmmiY
Ozr1apenO66zyjop9jhRQert9JREjwwh85WM4cDggn/gIS7kZSNubWhOoL/vmNonwpnCoE
1IJyVFQxGKogKd70goWK+nZTBPNJLMRl4WIAHxfChIWau8jqg6fwmv46nK9LuQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwC7x43knzvyH
for <net@FreeBSD.org>; Fri, 30 Aug 2024 09:11:41 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47U9BfQf085190
for <net@FreeBSD.org>; Fri, 30 Aug 2024 09:11:41 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47U9Bf5Y085189
for net@FreeBSD.org; Fri, 30 Aug 2024 09:11:41 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280036] Data corruption over if_ovpn (OpenVPN DCO) observed
Date: Fri, 30 Aug 2024 09:11:41 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: zlei@FreeBSD.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280036-7501-kzZziyC5PK@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280036
--- Comment #4 from Zhenlei Huang <zlei@FreeBSD.org> ---
(In reply to ss3bsd from comment #3)
I guess a small file ( 1M bytes ) is enough to reproduce. Maybe require
multiple rounds though.
> # md5sum randomfile*
This is good to check the corruption, but less useful to figure out how many
bytes got corrupted.
May you please also share the binary diff ? You can do that by:
```
# diff <( hexdump -x randomfile ) <( hexdump -x randomfile.return )
```
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Fri Aug 30 14:37:58 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwLNS3tDyz5MgsM
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 14:38:00 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwLNS2q1Mz40WR
for <net@FreeBSD.org>; Fri, 30 Aug 2024 14:38:00 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725028680; a=rsa-sha256; cv=none;
b=MIozKUHPrVndgO6SQe2LYAHwXuGSFQ+qtRj+NeAn/XLG7YN7yJZrbGZ1v2JrnurYhQRF/+
plIq/fFosnYN7r5At2Iwy8BDR7ghNPC5JvX/AbZfg+bA+Cg06EaJxW6M0YnZ9pttEq2T59
YVaiuEf+5vyXl+tqAYAWyb+eIG84hAlEeY94/sg6EC13wzXRS/wwkoRR1HlTB2Dpaq3TeB
ZZph1fYu6CjeAZGj+WUYguxYm4BimgUyvKTOw6fE6eCtrQX1ccWkqhvpzAb9I7If03GUGu
u1/gq8jDztL8x0ihPgmy2h/8nPFuYkgot/Rl33pYbs6kX0LnX/UuDlyHUJSt3g==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725028680;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=RHpsFsFbiVd7u00NDRJvTQ3dkkbMS7u8c/nwiULW8fc=;
b=x5KZj4UBw/iCxblFukQt0c7JDYUey2I38nACjx38k5VDIX8ilGOf38R6Sun6xfEYFYEyBG
puJ5YNUrOTbtntp0HWfCGsSjMS7J4CEyIlEoJll5SS6ojK75CZHW51L3PwRq6E7wQXjZod
FDxLehfdWIGnm9r+eT8FkpCLZhbyIrsjGWmmGgMJjDX9KSolNYRsz4Ap0mu2SSYZtROL/O
/Ue7MxCbYweymoVbHHXZDQUtejTE20rZdq05XA3S6EkEqLX77jx/CbS+FI3PNIBShntvP3
sU/YjG71AQinqzaYwz03vsVorfVR3ZJCaLsgQ8JplRCAjTo4cDML34l7EOCR5w==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwLNS2Jv5z14QJ
for <net@FreeBSD.org>; Fri, 30 Aug 2024 14:38:00 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47UEc0AA023968
for <net@FreeBSD.org>; Fri, 30 Aug 2024 14:38:00 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47UEc0sF023967
for net@FreeBSD.org; Fri, 30 Aug 2024 14:38:00 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 233683] IPv6 ND neighbor solicitation messages fail to arrive
Date: Fri, 30 Aug 2024 14:37:58 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 12.0-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: markj@FreeBSD.org
X-Bugzilla-Status: In Progress
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status cc
Message-ID: <bug-233683-7501-5yLn2ieGOX@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-233683-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-233683-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D233683
Mark Johnston <markj@FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|New |In Progress
CC| |markj@FreeBSD.org
--- Comment #23 from Mark Johnston <markj@FreeBSD.org> ---
Is there anything left to do for this bug?
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Fri Aug 30 14:46:16 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwLZ06c48z5Mhvn
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 14:46:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwLZ048byz41RG
for <net@FreeBSD.org>; Fri, 30 Aug 2024 14:46:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725029176; a=rsa-sha256; cv=none;
b=MUz1KKfR+LMfffdd3SRuJWZtZiDJBzWigPhk6nDEb2c204jXVl6IgiOQhqGvI4H5fhQgY5
r0/Dtf4zkMsvLYlFweruIsK3r6NMnm7dplKZ4TK+NTUOgtG3QRlnVVvF90nj9CyLKu6KW3
t3Mwj+0ZpjQb46/p82FzMWdH/+/o+MPxaCgWx+IsBd8D0A4L0Ea5iOEGCpMEr8JDf6InYz
hNPkvWLisGbydXmTxc2PGNnt1H14ob90Tu6DdjD8YNCcQ/DAxYyAtFo47nVgMimP7zcuQF
XaKJrXTLzSsQyvDdkxa7w3O5EDB4exnTJWOZOGIUpbsRGjPGUOd/qbvqow8eQw==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725029176;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=OpwU997ZjIGs6O+ayXJy6S2cnOIqiI6wxTy6ygZ1ds0=;
b=cMC7wvtRuEoH/1cCb1WSKWP81X6nO2PC3hAv38+yz3ncAaWQYVZxiK+9XRKnoReIL6HA2U
T6NaA4UpjlWSN6Rz4e4zZ2GoWrmQMa8kJKG41wUMHPNRK9uRRhhYY7jbU5BwKr0G+6g/Sy
TMYBjxTQdmxyTL4x7M7u4ZJrIBmtQmxy7DuiMm633WbrcESREu4eGxAYX5moATfLel9rr1
G0K57+lXIhrjTEVaf6vrIHuTII6yBfu6g1xrDXFbZRHUDv/HpEZbdinE+XwE+iHG4UkJkf
kpPeUo5I/MlRk41/+RyH8wmsyetMI94T69h/+NMvfF3XseeDE/VDPcty8axGtA==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwLZ03mV6z14x9
for <net@FreeBSD.org>; Fri, 30 Aug 2024 14:46:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47UEkGp8059619
for <net@FreeBSD.org>; Fri, 30 Aug 2024 14:46:16 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47UEkGfl059618
for net@FreeBSD.org; Fri, 30 Aug 2024 14:46:16 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 233683] IPv6 ND neighbor solicitation messages fail to arrive
Date: Fri, 30 Aug 2024 14:46:16 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 12.0-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: kp@freebsd.org
X-Bugzilla-Status: In Progress
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-233683-7501-ISxwJDoHte@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-233683-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-233683-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D233683
--- Comment #24 from Kristof Provost <kp@freebsd.org> ---
(In reply to Mark Johnston from comment #23)
Not as far as I know.
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Fri Aug 30 21:12:30 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwW7g2YVRz5MTdX
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 21:12:31 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwW7g1Pbzz4hdM
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:12:31 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725052351; a=rsa-sha256; cv=none;
b=doRnTu3mVl7sq5Dq0SYTKqpkyo44Owk309QuCmto0a7CfyuNKxwmmtQJk9/u/7e1fHLxdf
KyDgKkZShoV61dxKj4ctNMPwYHf7lBtTcpGgfKSQZF64F7fS8bDIXfj2Dc3covztGA2lTo
34B/6EFSB4yfJWEkcDw7tDbnpguTTIMIm0mJhLKI+IZaTvLRrw8F/dkBz1s5hZ9YM2vivO
lVhp5mavQ+MLOuE8+s083trIfxnN1FidOWcjP2iJYbm7aSkhGzVFNAqAhAoNeLK4JRiXYY
YeRaQnMjb210gt8brRnujovDHweYUC2+m3Fc/Fs77GnQNmaXozaDo3GEUJVpyQ==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725052351;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=jOCDpKvzcDg/TKU1nQxDSlOPXjVdl9qeiDM1tZMLuaE=;
b=J03Hj/LlmO456O2d7AseLx2nCgkLkhZGyZNWZIw9UPOYIfQgOtlS7JO+s1BQw6Ds8jNeSj
LUFeF+/scb6WJjVIrmneZUGFT/Qv+3REuTO+Vp9DN0o3RNTPoO3PM7mPehYG3KSF+ngjds
kbUd4vAf1P/LMfdVf5vCLgf71FW87pqn1qle8LikP4oVUe51g7yS3RbAaH03NwGTwBPoMF
sgEOdUSeGkNSaCoX/m1EXrSU0lfjoBfl7MU8Fm+5gmbeKs5nF6eIbEy4Xrei73LNgAHHWV
hXREX3Uo6JeizCTgCU3Fe0Db0pNZI/4eY5la9tQg5Lnn1HmFkkpjc84IHj0FDw==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwW7g11LqzGh2
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:12:31 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47ULCVZN013778
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:12:31 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47ULCV8j013777
for net@FreeBSD.org; Fri, 30 Aug 2024 21:12:31 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 276838] ovpn(4) - problems with large TCP segments over IPv6
tunnel when DCO module is used at both ends
Date: Fri, 30 Aug 2024 21:12:30 +0000
X-Bugzilla-Reason: AssignedTo CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.0-STABLE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: see_also
Message-ID: <bug-276838-7501-rAF3gdwWTx@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-276838-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-276838-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276838
Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://bugs.freebsd.org/bu
| |gzilla/show_bug.cgi?id=3D2=
800
| |36
--- Comment #6 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> ---
In bug 280036 the reporter complains about apparent data corruption which I=
can
easily reproduce.=20
Clearly, the FreeBSD implementation of OpenVPN --mssfix is broken in case
ovpn(4) is deployed at both ends. Setting "tun-mtu 1400" on the OpenVPN ser=
ver
works as a workaround.
--=20
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.=
From nobody Fri Aug 30 21:14:45 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwWBH4nHZz5MV56
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 21:14:47 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwWBH3SDyz4jHV
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:14:47 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725052487; a=rsa-sha256; cv=none;
b=uYII4B6qjQqnA/jFYhZgaxP+Gx0ZxrzxsM4Gj3McdXsa5aMNdey0mkKsCEBDU2BSSfjUqG
CMqt6mDpQLkoQHsVRsH4dX1zLsSAxdjyZoTxIO2+cFVonvXb1x0fuMM+hDIjbJ7NWYgE9Q
xO+ws3BG4IE3m9pWS2a1XE19OGUASxocWqZavRoyBVBcJ8JCBGcfWLlmGKBxjdI3lYaHfX
IpReCrnNgrrREKWrbCE4BaIeHTEVD5bXnuQnc5LM3l0dyyCC9nwX9t/7Pqp8hTts0HdffU
6qAdheq5OQhTCf7FmsGm5UpYW2M5qZ1chvAdC/UoelbCVyAGAC3o7Lzx6jFMcg==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725052487;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=W9AOHp2ByjayeQJexogBFcBTb+EXNyfYgumdPI9uQR0=;
b=k4EjN1Ba0ZEOiY+F+Ugz3wEfJ4W61/yDw6oBU0GEN4pOawWRDqsdP97iILVvL7IxrD2waa
hZ/2uCGpyQ4ERHVkj7SRFP1juRqP6AWcGqGeoj09bmiHR4joszFj1xWhLVGmEk8J2xr5g1
115PYkYAP4YFWTcIRCOZdKi0lXvrW2bjKjcKtpNp8PxS/tbUTz47x/Gsa5rQ7ixt7Gn8ol
yipv0gH9SvABOkExDKyNgUGZf4zHXvlGGjpUCBrMLdZaYu8QooAtdI2Fk9Avt6hsUwndAl
mgmd5c/1r/ckmZCwOJ9/caTgesH9Yn165RG5K+bWLBdrHJ8xK4G+DcHCHOW7xA==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwWBH3024zGh9
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:14:47 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47ULElkS021471
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:14:47 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47ULElT8021469
for net@FreeBSD.org; Fri, 30 Aug 2024 21:14:47 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280036] Data corruption over if_ovpn (OpenVPN DCO) observed
Date: Fri, 30 Aug 2024 21:14:45 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-280036-7501-ukaNg6ujTX@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280036
Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |zarychtam@plan-b.pwste.edu.
| |pl
--- Comment #5 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> ---
Setting "tun-mtu 1400" on the OpenVPN access server should work as a
workaround. Please see bug 276838 for more details.
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Fri Aug 30 21:19:38 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwWHv340Qz5MVHH
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 21:19:39 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwWHv223Bz4jyB
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:19:39 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725052779; a=rsa-sha256; cv=none;
b=hWDs7JiYzoLFLmkjIeNSYueAfa+KgmNhxRJ6XUALtzAbGi7nn5ispG9xxmwr8/a68Yfr3m
OSC26MocQwcVl3XAjkB5jf+gsVj3gVBaIYo1qwazO997nkVSc+fu6Qr1yprgAWi++5IUpq
CRSNuDdEk5v4fBnP1k7vBhS2vAQ9Cbzs4bSkG9vK5p5UrJa0I4089NliP7kb9hf0FQ0fWh
da8HUech6q1IgsYqNijcbcUULKwkDgsqlID9ibED+E8356bQ8GPpsywKKSebAn+1xcdhz7
KjXjnfxpFBB5ks8K+tx9S1bGQIXhbGzeBr/aoIXsVR7T2eCCsYt21jCXQcytqQ==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725052779;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=I6uNuq9QOG01wUwJ/CDjUpR7C5moUxg1WMYmky84j2g=;
b=u52C+yr4XFiea/d1jStnExsOmcXzstr2VbIaEH/OWvw44hoXBECKLpFtLqBNROa6nEk3ev
WjCWtmAUB3F5jgcsepRdMlwuzj+VbySv58u1Fo6KT4vd1hIN/gjWnfw97PZyAyVhpHXEGF
qN/Gr3UtifEdz3nu/r77oQqN1tXFDpo1lyKKOnKq3Avma7DUwQMrWNo4HX+kt/+TNyEqAo
YTlZ/HUciyUuR0l5sCRFIDJNMFwRVAMQn54azcsQUUyjLhWneSyk78ajadqjRpqfztHNRq
bko+nF/TP+8YgAUGpPiZWTatwTmLiz6smvukFIDJLnnA+bOyAhm5kskyZ4jq5Q==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwWHv1f8VzGhC
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:19:39 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47ULJdZ8038351
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:19:39 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47ULJdJn038350
for net@FreeBSD.org; Fri, 30 Aug 2024 21:19:39 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280036] Data corruption over if_ovpn (OpenVPN DCO) observed
Date: Fri, 30 Aug 2024 21:19:38 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280036-7501-pFLh7FkgVf@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280036
--- Comment #6 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> ---
FWIW: there is another mild flaw with the FreeBSD implementation of DCO: the
ovpn(4) module doesn't support "multihome" option (more details in bug 2736=
64).
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Fri Aug 30 21:41:59 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwWnh01RPz5MXH6
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 21:42:00 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwWng3Tdjz4ltZ
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:41:59 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725054119; a=rsa-sha256; cv=none;
b=My3/eUjDWsC4kyxh+ahmJnEV3NAUfsfhzflZT0Sz/cBJYZjVZPCjoomc8xxH9YomczxDzu
QWC4TQhu04MDGhFwSpZCsfeW3WBwRj+6ghccym09ZSc4uUlY3QDi4rbbZd7LYN+kPzadgf
xB0BqtRkjdpJTB8wlF4hJEXncTllv1CA1we3oJYMOGcMX6MqVLvPFOeSPpvRGuZOiJdz6d
FAd538w3hUL6CbUyN1r0/DBD1HK9Q79tDaN4FvEur62D9IPv2SS8qgGM56BwOitqfRa20k
95bbwiYVwF4NixBbZ8YjcG/QMP2NmKscnGXEL7bziWsHirVsXEVbyF4EabEJLQ==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725054119;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=vq5K8F4Mgxjuc+X8/w12Q+4jBS2bLUZVutrFYeGmCjQ=;
b=r86r+vm8TP9+IQ4E8Hxg7YCEaIfryRUk/PM6mvZR8Hi0LNcjeXqAH0icbkba7IqjUVOta8
Keg8a1yWRUkLzMubw7MFXkBm/vrf2zf2+8ym12+2pEG5WhQLTogOOZPOaVWLFXo7aLpbwi
l0FvLVFdXlrL2+X7lr5JYVqL/zzgymf6qk4csDoPSro23GotKLh9eyHA1pkWxqSDps7Heg
fi9CG0pGA6iP7luqYU0jea+Y4qTFgy4PVTZ25ApUtEA/+2sdSP3D7ZmdWrNcBPbA95fZzH
ytze7C3vKhOKbbjYhllgFd4cMojZHCyGBX4Qc/by4L96vcnbigrx0796PKmG3Q==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwWng350PzHKf
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:41:59 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47ULfxKl042769
for <net@FreeBSD.org>; Fri, 30 Aug 2024 21:41:59 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47ULfxtK042768
for net@FreeBSD.org; Fri, 30 Aug 2024 21:41:59 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 276838] ovpn(4) - problems with large TCP segments over IPv6
tunnel when DCO module is used at both ends
Date: Fri, 30 Aug 2024 21:41:59 +0000
X-Bugzilla-Reason: CC AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.0-STABLE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: see_also
Message-ID: <bug-276838-7501-80nzskKZeK@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-276838-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-276838-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276838
Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also|https://bugs.freebsd.org/bu |
|gzilla/show_bug.cgi?id=3D2800 |
|36 |
--=20
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.=
From nobody Fri Aug 30 22:00:13 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwXBm42kSz5MYHX
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 22:00:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwXBm30d2z4nf7
for <net@FreeBSD.org>; Fri, 30 Aug 2024 22:00:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725055216; a=rsa-sha256; cv=none;
b=YGey/x5U5Kw8+ZSjw1WncHZXQX90x/onqiqIorLVUUiDyjp94Daqq+8/XwwBkZ6B4RWCPk
NGUbFMh4dZ3dGlw8h/pnj6498lBynBSkXxQN3EHbExlpDynGKoa+wST592t5Tg2RnmApsi
dBjLhNQDlBBn0QWjCOjL0/H5e01zg373A60tXrBnqX5TiAd+p+r4zGsbPLVL8b/x76HtaM
cMX1n/MTgLLNymhxc6lSRfWkkdwAqjhiMK3f8zV2MnlwnRh+Ax3cElVPRWJr/3AUkiANFy
BQE8H6zFOpaaIKF6t+Pq29aSbYHqnlcn47Pv9/4Qb8UvHEAonnmXWu+1nR5hrQ==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725055216;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=q94HNFTanXXvXCP7lZdmEkKEjFU08jFEAuEz/lV13Wk=;
b=W2Soxm9qGx1nprN1Zf30ISqYZz8MqtxgqF69L76AydEbd+aO+I6m1eJ65fqMaFSJjHBN2Y
LOcHqKZlUvTC/zLeUbLDkTWdeqVbNA0e5VZQ59+pPYjpY2k4JDnl6cKlehSYAP49Jk+5tG
KOmZaZJKEBvNEQi222xMimDRxMqJmlOOL3O3CHgJxrAOaKq/kfW6AQarg12oyTxHKYJ3VW
I+0EyjlIVFU46fH4nKn14zlIoScPN3UPJ9QPGTCc/oMTKRI4c16yFTJ+ziMZNElvtYZ2Ph
2KCpGa/VWz5C29cESONgZHxBoW73DHhF4ucDlgeUTFrgAZmdUTaFJ4ochQ5TWg==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwXBm2WN2zHg2
for <net@FreeBSD.org>; Fri, 30 Aug 2024 22:00:16 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47UM0GZU017010
for <net@FreeBSD.org>; Fri, 30 Aug 2024 22:00:16 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47UM0Glk016999
for net@FreeBSD.org; Fri, 30 Aug 2024 22:00:16 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280036] Data corruption over if_ovpn (OpenVPN DCO) observed
Date: Fri, 30 Aug 2024 22:00:13 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280036-7501-FWtxR05PjU@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280036
--- Comment #7 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> ---
Please let me apologise since I hastily connected this bug with another in
comment #5 misleading the audience. These bugs seem to be unrelated to each
other.
To not hijack this PR but to give more insight into the problem let me add =
some
details:
The bug described here is reproducible, but to narrow the scope I observed =
that
only data sent directly from OpenVPN DCO accelerated FreeBSD-driven access
server to the FreeBSD client was corrupted. The corruption doesn't affect
network packets transferred (routed) via OpenVPN DCO accelerated FreeBSD ac=
cess
server.
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Fri Aug 30 22:15:00 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwXWq0glQz5MZbl
for <net@mlmmj.nyi.freebsd.org>; Fri, 30 Aug 2024 22:15:03 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwXWp3YKMz4r9p
for <net@FreeBSD.org>; Fri, 30 Aug 2024 22:15:02 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725056102; a=rsa-sha256; cv=none;
b=oUZwzXrM//ioPsPPiY/p0wH2Pjuf3HuTsNyQqxyOmgUoT3Hp5RDo7eZCo0yW7wEkSAOIHz
sYd85S3TlnsF14vhQVvRRY51RycqtqdWI7GYHHDIA6BVEhXDoTDuylIHuPMmDaxNlttQzA
Z9gB8wZjYPU1LiM1lZ61G64ouRiHCn8m4N6WTVMCe/wsFWisEOTrDHj1BLq40FxypuH7Oe
gPBEuHH010kGf6NBA+7v8wH4i3o/ki152OWv9HkqXiMHeDNXrSg3rDSf1DVLOjXT0axAZY
WqAkc+NrjxMAQWjFpIb9eHxOOYc9fqoSJkgEoJppnZtD5aj2M3rUuXoYcJnpSg==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725056102;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=5ZZwtKmsUjiZI8NBfhtqQnoKA2x1g4/oLv1Lg3UmMHQ=;
b=Sm4nKuazmHwYKoBzO+443yI9k7M6aG3A7nGWiGAtAERkBOPYqjkWWdq4FCCjWmMpnRHhQ/
rfZMuAhW2Kr2s7GJfvtiYi9XKB7Cbr666s0kaBcY+mIASqfe18USok5sw/BlBOLx4ultyB
JJq7T+Rh+zghvIRX34mj2FuenKvYViegxMYK29BnA6CUxe/AN/qwBR2by4MV8bO6pAMLcJ
aYdtJweqv8/K5Ywc5IB3aPKHrRB3fJpoUEU1HOAQZ/Ra3pnOTApKMA0mAdBNRhXfXEGanx
+EWMLbV1urqPkn0adkGICLDgguk/pcoy9flCVwlBYQKKoQswWAqfKUxAKHjEhA==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwXWp33bbzJgH
for <net@FreeBSD.org>; Fri, 30 Aug 2024 22:15:02 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47UMF2X2091096
for <net@FreeBSD.org>; Fri, 30 Aug 2024 22:15:02 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47UMF2t9091095
for net@FreeBSD.org; Fri, 30 Aug 2024 22:15:02 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 276838] ovpn(4) - problems with large TCP segments over IPv6
tunnel when DCO module is used at both ends
Date: Fri, 30 Aug 2024 22:15:00 +0000
X-Bugzilla-Reason: CC AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.0-STABLE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl
X-Bugzilla-Status: Closed
X-Bugzilla-Resolution: Not A Bug
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_status resolution
Message-ID: <bug-276838-7501-9SjbGn6q1e@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-276838-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-276838-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276838
Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|New |Closed
Resolution|--- |Not A Bug
--- Comment #7 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> ---
I was wrong in comment #6 connecting two bugs, and since, presumably, what =
was
reported here wasn't a bug, but the issue with IPv6 fragmented packets, per=
haps
it's the right time to close this PR.
--=20
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.=
From nobody Sat Aug 31 04:52:28 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwjLN2mNPz5TZfS
for <net@mlmmj.nyi.freebsd.org>; Sat, 31 Aug 2024 04:52:28 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwjLM6ZNhz4TqH
for <net@FreeBSD.org>; Sat, 31 Aug 2024 04:52:27 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725079947; a=rsa-sha256; cv=none;
b=J5VEICdR8HgeQh0uQjDl5CAdcMLZartiU3xJatZth3kcVmQEXKJ8Spj5LAKg6rgAHlA33n
BDRbClQ8iXpDSOHhxlw2rxETy5teIrB/yu3nb95Nnw4jxC2jj4kaWbzyl1Mzv7kGDcW0/M
6IZIVn2kZPXp211urpiyp7r3phKSa6XdDhVFVPGfs+LmUHCxCa9OD7QxfW8uvGzA+okMwa
ZX0vd1D5jRanA3wzudeSv3GAwpeXMs5gycGRpp2EuabBYODlS+fonM8Qa+YmHa/KhABxWq
vADpsxKhLIiT8IhEJJ27WC0ANfwLc/jJYhEERwCyd7mczGGZrFNy2oaLu5GT3g==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725079947;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=jKRwGJWQqjVx6obJ6feiXW62Dwtg4pYCmZ8X2luWdIo=;
b=RIhDrV/t8VWQd3Db/IoFmGGN72lqWFa5tLO/y08IRc2uqqwP7QXvrWsyPlRZYgyi/eV4xu
cKCgiqyR4xH+H3ZnnjHnl9exgBW1pcYQP31QtKWhIfYY0pSgUvZkmelfkUHr5JcI6ebmWG
4i5HYiIl1wiSUyaDDqn7r14NYeIRthwDsAXaw/8ZVx9lFZbcQBtJSD8i8WDWHfJN/Rbjqt
F4wQ4Ae2jUhSEh1NTmVvgRbil2Jfzp+cVPjrSsE6fec84MusHsmDyjo36nmxzu2N+3HAwj
5DJDO9IuKpIJQgPFi79PhDS/eZw4/usll9agG1OZ6kdwi8KepZOSiG7/VLEWLA==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwjLM5v0CzXF5
for <net@FreeBSD.org>; Sat, 31 Aug 2024 04:52:27 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47V4qRlF038578
for <net@FreeBSD.org>; Sat, 31 Aug 2024 04:52:27 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47V4qRmR038576
for net@FreeBSD.org; Sat, 31 Aug 2024 04:52:27 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280036] Data corruption over if_ovpn (OpenVPN DCO) observed
Date: Sat, 31 Aug 2024 04:52:28 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: 3226388001@jcom.home.ne.jp
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280036-7501-mzTiQibArv@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280036
--- Comment #8 from ss3bsd <3226388001@jcom.home.ne.jp> ---
(In reply to Zhenlei Huang from comment #4)
I guess the file is entirely corrupted.
---
# md5sum randomfile*
4d1b051f8bdea93ddca5d8831a0a829c randomfile
4d1b051f8bdea93ddca5d8831a0a829c randomfile.returned1
dd8e4c1a9839976c9e812456ecf71b3a randomfile.returned2
de2d31f956a53a0a86e64058886eb1e9 randomfile.returned3
9432cd3c1ec5540e5251f657e18b93a8 randomfile.returned4
# hexdump -x randomfile > randomfile.hex
# hexdump -x randomfile.returned2 > randomfile.returned2.hex
# head randomfile.hex
0000000 0595 a291 c861 c7ee c67a 59ab 73ca 66e3
0000010 29ca 9d14 d874 fe71 2fe2 76ae 93b0 cb1a
0000020 df5b a72f 2256 1e88 337d d9a8 4a12 0923
0000030 5a72 56f6 64f8 647a 7a2c a33b 5f0b 87ec
0000040 e86e fe3e 62a3 e1f4 992a 3fc1 7535 c273
0000050 40f1 ce42 6895 cf20 e272 74b5 485a 8f9b
0000060 584e 3431 78bd f48c efd4 cfc8 cd19 8ca7
0000070 cf09 78b2 a189 3d08 4c4e 3acb 057d 3a20
0000080 06d9 2c22 a667 8b38 0aaa 7176 c86f 71b3
0000090 9dd8 6128 4a08 2475 674d f801 daf7 4fe9
# head randomfile.returned2.hex
0000000 9ae9 866b 3498 82ee aef9 abeb af8a 6ae4
0000010 ce04 3671 301d af4e fab0 f01d 890a a143
0000020 8635 7c19 982f 0dcf 34e3 c09e 9992 54ad
0000030 1a97 2a3b 78c4 b3a9 3230 3a67 3649 5f97
0000040 5944 7980 adde 5f02 1e35 73f0 4b7d 32ee
0000050 bd6d 514a 4065 9817 fe0d 6d74 7736 626e
0000060 ef27 d331 7f8b 2ebb 5568 9b92 7264 7846
0000070 606a 0132 d1c9 1a3e 230e 4061 3897 c873
0000080 78ea e2f7 6f54 38c2 ceb9 413d 557f 20ea
0000090 3ac1 3367 7f3b 01bf fc96 75bb 549a 5b3e
# diff randomfile.hex randomfile.returned2.hex > randomfile.hex.diff
# wc *.hex*
262145 2359297 18874376 randomfile.hex
524290 5242882 38797334 randomfile.hex.diff
262145 2359297 18874376 randomfile.returned2.hex
1048580 9961476 76546086 total
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Sat Aug 31 05:19:29 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WwjxZ2Pgkz5TcYw
for <net@mlmmj.nyi.freebsd.org>; Sat, 31 Aug 2024 05:19:30 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WwjxY4xCFz4XCk
for <net@FreeBSD.org>; Sat, 31 Aug 2024 05:19:29 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725081569; a=rsa-sha256; cv=none;
b=rfpuWuiqO8CbW/973u0XY9kA7xmGf2NaF/J6kjui+QOdZTOXoEDJIaKgRd5rscTE5Djna+
HsJ4YFNInU858oT5jrE/g0QUuSVQw/QfeJtCNDSMC2Zbp0B1R8oMmpANfZZOoFiZ9ga0OD
u8JfFcfMw+POAFIBwRq8XCaqheDRFV+X2ieSDTgT1wXKLSvRf7WYaYpIp8pTtrOXpm8v/w
06LQ2YmqavuZ13eMeSiBg2fvs58ak8hAj5BTPiTCzrL0In9GAPyW7XWyubTmg4yIVpOb+c
gMSsWjgYcJFbIWz3z4r4WJjmX4ZQS3PaXHw7t+LmF/rVvx3in9QrfULjuocQnw==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725081569;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=YaOH6WicXJqBSzDy/e7GtHI3SIdK1nQLgwRaM9roUw8=;
b=shInWEBj9Wk2IGTlKFdGlRtcKRmu/2YZT+4DFtfVLomUN58g7QQKdTEeRYh8RFFqRTNcol
CSb3kBYAvIpo1UvtQflTleodkD/ItutLedTEDfrG9WKWox8RCpJ2cy+YP0SuDckdJGkvuj
dMRSleo2Lse+atqGcUdWa2qDq145SIt80O190WMJ0Xbs0foFrppbNiQAGUhR2WN3ARxs9D
gRvlYM7XVAU6LvbRmbuKCHNUDLpEwx1xV0DpmOBBdKYmvQbBfmyVryfcpHri94+4tvD3pS
nkbgVekm/VR5JC63VREImTusb2bC2+srWlIFraznRiAJzlfaaj98C/rYpqBA1w==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WwjxY47pBzXvx
for <net@FreeBSD.org>; Sat, 31 Aug 2024 05:19:29 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47V5JTdK061648
for <net@FreeBSD.org>; Sat, 31 Aug 2024 05:19:29 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47V5JTkS061637
for net@FreeBSD.org; Sat, 31 Aug 2024 05:19:29 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280036] Data corruption over if_ovpn (OpenVPN DCO) observed
Date: Sat, 31 Aug 2024 05:19:29 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: 3226388001@jcom.home.ne.jp
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280036-7501-yG9kbymDro@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280036-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280036
--- Comment #9 from ss3bsd <3226388001@jcom.home.ne.jp> ---
(In reply to Marek Zarychta from comment #7)
Hi.
I had checked your PR before reporting this issue.
Reducing MTU did not solve this, so I agree that your PR and mine are separ=
ate
issues.
Thanks.
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Sat Aug 31 07:37:30 2024
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wwn1H6X3Rz5Tn5w
for <freebsd-net@mlmmj.nyi.freebsd.org>; Sat, 31 Aug 2024 07:37:55 +0000 (UTC)
(envelope-from dch@skunkwerks.at)
Received: from fout5-smtp.messagingengine.com (fout5-smtp.messagingengine.com [103.168.172.148])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wwn1G3NMqz4l4C;
Sat, 31 Aug 2024 07:37:54 +0000 (UTC)
(envelope-from dch@skunkwerks.at)
Authentication-Results: mx1.freebsd.org;
dkim=pass header.d=skunkwerks.at header.s=fm2 header.b=gFNeDTJP;
dkim=pass header.d=messagingengine.com header.s=fm1 header.b="O uXlhwK";
dmarc=pass (policy=none) header.from=skunkwerks.at;
spf=pass (mx1.freebsd.org: domain of dch@skunkwerks.at designates 103.168.172.148 as permitted sender) smtp.mailfrom=dch@skunkwerks.at
Received: from phl-compute-04.internal (phl-compute-04.nyi.internal [10.202.2.44])
by mailfout.nyi.internal (Postfix) with ESMTP id CD4E213805F6;
Sat, 31 Aug 2024 03:37:52 -0400 (EDT)
Received: from phl-imap-02 ([10.202.2.81])
by phl-compute-04.internal (MEProxy); Sat, 31 Aug 2024 03:37:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skunkwerks.at;
h=cc:cc:content-transfer-encoding:content-type:content-type
:date:date:from:from:in-reply-to:in-reply-to:message-id
:mime-version:references:reply-to:subject:subject:to:to; s=fm2;
t=1725089872; x=1725176272; bh=RA3PqnpBHh8rDZl600zCIZ6FYWiz58KU
YaSb91d/Ucw=; b=gFNeDTJPJLiwjs0pus4BpdpaTBzrnh16CftAqJ1CChdynJqA
+r4H1snpfFXBawz5r7oU8mtjcsHkX2Q7MUmVfDkJaSPSGSc15VaSbbWxOV3fW8Ld
fWJ84zEyciZf4eRRfX+u7GTXgRoJ6SpLFpzYyhSim8bc29U+MxzCfEpQ5Rjy3M1E
S9Kie6JGTevcjYnSv2djp/PFXk6sJ5APiUELoDvTWb3nxT23sqsMuJEojCiiiO+u
SamkdyYKqa9d4qljCYeop83uESlmDAj2+IiO+PMDAnuok3cyZYK3b4AuAjN3tKRy
ZJ3xjSaIfROPyItu84MAmtKmLPE7HI48hugMYQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-transfer-encoding
:content-type:content-type:date:date:feedback-id:feedback-id
:from:from:in-reply-to:in-reply-to:message-id:mime-version
:references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy
:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1725089872; x=
1725176272; bh=RA3PqnpBHh8rDZl600zCIZ6FYWiz58KUYaSb91d/Ucw=; b=O
uXlhwKiXie1HHMO+rqI9NQ3mTcRQmEDvOR2ruuFNvIinvL4TaolN58ypFfsIUSeI
91pPlQ7w0EbO04xK+LgouG36VcXz/IQSzd05BTp89RQ9jRGZfK98anUpIadWYhuy
oLl1ESRjWGatX4J8Ek6zItQuW1093+KzyH6ik54gF8sv0o4GjESBvXTBTFMcC8xt
tr+Zwe2d1YHonJLMJJjpXK405mw1JNiXhFDrEk31txzmtnPUgWpzfLflVBjc3CPd
GtIn1urKLrCwelGFwX/rG14/1utEf1JzslXfDJecEYlfVoR3fcKT5f1NndO7bpIk
dXBoZ2Xlrx2duCX95Xf/Q==
X-ME-Sender: <xms:UMjSZqqHtk1ad87A6gEjwKoNfHTXvF4ZN7QGtn0YJ5mTHIfHmvSKwg>
<xme:UMjSZoqbSNlq33TRdAMzyWBRMHzGbj1u3TttUOiKVCGHBdIrdVqDCndPSXgC6Hk1G
MUza7KapgdUaL5jBQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrudefjedguddvudcutefuodetggdotefrod
ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp
uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivg
hnthhsucdlqddutddtmdenucfjughrpefoggffhffvvefkjghfufgtgfesthejredtredt
tdenucfhrhhomhepfdffrghvvgcuvehothhtlhgvhhhusggvrhdfuceouggthhesshhkuh
hnkhifvghrkhhsrdgrtheqnecuggftrfgrthhtvghrnhepueeulefhueekueefveefvedt
ueekkedvgefgvddufffgfeeijefhudefteeuheelnecuffhomhgrihhnpehsuhhgghgvsh
htihhonhhsrdhnvghtpdhhrghprhhogiihrdhorhhgpdhgihhthhhusgdrtghomhdpfhhr
vggvsghsugdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih
hlfhhrohhmpegutghhsehskhhunhhkfigvrhhkshdrrghtpdhnsggprhgtphhtthhopedv
pdhmohguvgepshhmthhpohhuthdprhgtphhtthhopehfrhgvvggsshguqdhnvghtsehfrh
gvvggsshgurdhorhhgpdhrtghpthhtohepmhgrrhhkjhesfhhrvggvsghsugdrohhrgh
X-ME-Proxy: <xmx:UMjSZvONQMY2yTupklaUhWk8XBjpFrLuHM09RUVu2Gh1m8ZMmhgGiw>
<xmx:UMjSZp4u7EP0fvYmJ6AyUJfUlKjuoRK6GMg3gV_0z_Wi686y2AqTxg>
<xmx:UMjSZp6RXVeiGCazUAqNCVGRnVsN2CXazv0GZX88htnrR8DP9acW0w>
<xmx:UMjSZpiQOQaqXJ_2O2-gOCz2G5vRHUzb1SGDl-aW2v50IVTkWozOLA>
<xmx:UMjSZrQvk2yaCzq3MB1Sx9aZzKMhSZgtCeTP2c2aib0Iq_z_CqrjW9E9>
Feedback-ID: ic0e84090:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501)
id 6AE60B00066; Sat, 31 Aug 2024 03:37:52 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
Date: Sat, 31 Aug 2024 07:37:30 +0000
From: "Dave Cottlehuber" <dch@skunkwerks.at>
To: "Mark Johnston" <markj@freebsd.org>
Cc: freebsd-net <freebsd-net@freebsd.org>
Message-Id: <ee005257-1f1a-4123-ac4a-714c7e1205c3@app.fastmail.com>
In-Reply-To: <ZtDrmjCJCEkrAKev@nuc>
References: <ZtDrmjCJCEkrAKev@nuc>
Subject: Re: SO_SPLICE implementation
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.26 / 15.00];
NEURAL_HAM_MEDIUM(-1.00)[-1.000];
NEURAL_HAM_LONG(-1.00)[-1.000];
NEURAL_HAM_SHORT(-0.97)[-0.965];
DMARC_POLICY_ALLOW(-0.50)[skunkwerks.at,none];
RWL_MAILSPIKE_VERYGOOD(-0.20)[103.168.172.148:from];
R_DKIM_ALLOW(-0.20)[skunkwerks.at:s=fm2,messagingengine.com:s=fm1];
R_SPF_ALLOW(-0.20)[+ip4:103.168.172.128/27];
RCVD_IN_DNSWL_LOW(-0.10)[103.168.172.148:from];
MIME_GOOD(-0.10)[text/plain];
XM_UA_NO_VERSION(0.01)[];
FREEFALL_USER(0.00)[dch];
ASN(0.00)[asn:209242, ipnet:103.168.172.0/24, country:US];
DWL_DNSWL_NONE(0.00)[messagingengine.com:dkim];
MIME_TRACE(0.00)[0:+];
ARC_NA(0.00)[];
RCPT_COUNT_TWO(0.00)[2];
MLMMJ_DEST(0.00)[freebsd-net@freebsd.org];
FROM_EQ_ENVFROM(0.00)[];
FROM_HAS_DN(0.00)[];
RCVD_TLS_LAST(0.00)[];
TO_MATCH_ENVRCPT_ALL(0.00)[];
RCVD_COUNT_THREE(0.00)[3];
TO_DN_ALL(0.00)[];
DKIM_TRACE(0.00)[skunkwerks.at:+,messagingengine.com:+]
X-Rspamd-Queue-Id: 4Wwn1G3NMqz4l4C
On Thu, 29 Aug 2024, at 21:43, Mark Johnston wrote:
> Hello,
>
> Drew Gallatin and I have been working on an implementation of SO_SPLICE,
> an interface which allows TCP connections to be spliced together. This
> is intended for use in proxy applications to reduce the overhead of
> copying data between connections.
Awesome!
> At the moment the interface isn't widely used, though I'll make sure
> that net/relayd can take advantage of it (which it already does on
> OpenBSD). If there are existing applications that might take advantage
> of it, especially in the FreeBSD base system, I'd be interested to hear
> suggestions.
net/haproxy would be another good one. Currently it's enabled by option
https://docs.haproxy.org/3.0/configuration.html#4.2-option splice-auto
and AFAICT requires https://github.com/haproxy/haproxy/blob/master/Makefile#L30
preset in https://github.com/haproxy/haproxy/blob/master/Makefile#L416
> The code review is here if anyone's interested in looking at the
> implementation: https://reviews.freebsd.org/D46411
A+
Dave
From nobody Sun Sep 1 15:06:33 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WxZwW44Ktz5MQrg
for <net@mlmmj.nyi.freebsd.org>; Sun, 01 Sep 2024 15:06:35 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4WxZwW2y4zz4ZXs
for <net@FreeBSD.org>; Sun, 1 Sep 2024 15:06:35 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725203195; a=rsa-sha256; cv=none;
b=WYQRXDUjMyW38keve5fOsh27w+7AcfnPsNEyxhiECWm+ibeJP784l+uQt71D05/f6qhjCc
V5kNtn1+A+RCksYgw5nNR/eqMrDgHgqmK7stpSPFZJvz4uuqXT/hOVH0vhhjFWy78qcXSb
wK8og0Ys70QpvVB7TCfpwrRwbk/Llw1/lwwv3/WaFLXGKML49dfuwNRyX9e6tlGPGUSDfr
V9hOKgYWzgGPi4f8T9hplAgtSEVlJKfqPVk34QgUOaFo396rJub0ETWUC6DczYSRwAbVcH
jXFFG9Hasu4icm+WDZGoQ7zk7tgIecA/bw6HNRY4dgRtz6TQAWjW4An1mheesg==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725203195;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=teice7cBWufYO7TCvneZhs6RppK4Bfg/3fTbICUYxgU=;
b=XUw77vJ5JFTtui8czHOGmybOQT6gXlfYvxuFP641neBuFViH6gQChchm+oMwjO3nWQywLC
Lz4J0zzXTWXDcaleV6s87rUsfzUDj4KXj8sp/Qz4gAww+2vqCOqRl0kW95XswNL8X+CWGi
KrcVpMrL1hBg7q/MKpmFBg1T0z5FZbZbw76rUURymtdUvPKvJO7rQoDGJehGAUtXAUQneE
YVg6eo6QTDhcWtOjTtvYr4tcz8/NFTyrKAa19/1lbXlMxu84YUAjjP5ECdGaGgfsa0kj/7
YJZ1MBquAse3awPXA+ntTwIVC3Op0A1LYMcdvEiGsRf8rg3NYq61twU3x3sYhQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WxZwW2VQxzZ62
for <net@FreeBSD.org>; Sun, 1 Sep 2024 15:06:35 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 481F6Zx4076970
for <net@FreeBSD.org>; Sun, 1 Sep 2024 15:06:35 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from bugzilla@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 481F6Zjq076965
for net@FreeBSD.org; Sun, 1 Sep 2024 15:06:35 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280701] FreeBSD-SA-24:05 fix breaks ICMP/ICMP6 states handling
in pf firewall (ping, traceroute)
Date: Sun, 01 Sep 2024 15:06:33 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: commit-hook@FreeBSD.org
X-Bugzilla-Status: Open
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-280701-7501-rryygTgy1w@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280701
--- Comment #62 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:
URL:
https://cgit.FreeBSD.org/src/commit/?id=3D5ab1e5f7e5585558a73b723f07528977a=
82cee82
commit 5ab1e5f7e5585558a73b723f07528977a82cee82
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-08-26 12:59:38 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-09-01 15:05:28 +0000
pf: improve the ICMPv6 direction check
Following bluhm's advice this changes the way we setup state keys and
perform state lookups for ICMPv6 Neighbor Discovery packets:
- replace the NS-dst with ND target address;
- replace the NA-src with ND target address;
- replace the NA-dst with unspecified address if it is a multicast.
This allows pf to match Address Resolution, Neighbor Unreachability
Detection and Duplicate Address Detection packets to the corresponding
states without the need to create new ones or match unrelated ones.
As a side effect we're doing now one state table lookup for ND packets
instead of two.
Fixes a bug uncovered by one of the previous commits that virtually
breaks IPv6 connectivity after few minutes of use.
ok stsp henning, with and ok bluhm
PR: 280701
MFC after: 1 week
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 2633ae8c4c8a
Sponsored by: Rubicon Communications, LLC ("Netgate")
sys/net/pfvar.h | 4 +-
sys/netpfil/pf/pf.c | 116 ++++++++++++++++++++++++++++++++++-----------=
----
sys/netpfil/pf/pf_lb.c | 2 +-
3 files changed, 85 insertions(+), 37 deletions(-)
--=20
You are receiving this mail because:
You are the assignee for the bug.=
From nobody Sun Sep 1 21:01:20 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wxknr6L0Zz5PS1R
for <net@mlmmj.nyi.freebsd.org>; Sun, 01 Sep 2024 21:01:20 +0000 (UTC)
(envelope-from bugzilla-noreply@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4Wxknr3pycz49ws
for <net@FreeBSD.org>; Sun, 1 Sep 2024 21:01:20 +0000 (UTC)
(envelope-from bugzilla-noreply@FreeBSD.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725224480; a=rsa-sha256; cv=none;
b=OpDoliIsqKhkQP6dGiTNVTaxNdRRvLZb/tkQX4su41PkX/RX5KjQXYhtCBZe7JlzunST6T
rp/yKPdRhFh4EJ+URxzqqduyA0iq+2uloV6oQGo4As3tCzSl9Pj8oQb+EQEM3iuSY3O3KN
QV5Ey6fM7KzDshgoS+lqQNxGGlvysBnOdB3DBAq0+OAH/Lu1DqeIB9zzm6tjH+rFKPib41
7nCllw9qZ4pI75XD+OlcswWOU38J2V8uDDk2JYSFTPXesfP3IOyt7AfMLOOpDfyBo8fbIG
A1rncb1tcVf/WohYkVDOnFW7vXfBOUR+bxWtnEX6zEW4g/wlbcfUGwu5nJzINg==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1725224480;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=WPE7jjZpXsq7IJcFTX3AqDku9FS5AnQi4xLb+xPPgSI=;
b=pT0SW5SJKyo86KRA+9cLuQYYtJ0CbAkJh3EgkwJ/mCMrXfBJnWE4y4NdWhqXUJS1TIzSf6
odHSTfErY4GeIR+FXa6I+DIsUL/cD90ui81iil5Bs7kJK4BnXJWq/ggG0M3cg3Kqwnb7Yc
IOwJqhAZy8CRzgWo6Gw1Nlhjk4wQSEKNa6pHkOWZCOwOGTwfNIEkMC+NQRTP4DLs8V4X/d
oEVac7bFvjKOoY4BdOfb31mSXR7BEvQAjTA2hWnlNT23HAZoaMgYXP798Embbj2LScHYEf
DlVReiB5hcpyx2ue8lUUVeDMEbOtqxJAZ4GenQ+kcF7T9+nwNKMAwmCzNRSNPw==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wxknr35zfzkpv
for <net@FreeBSD.org>; Sun, 1 Sep 2024 21:01:20 +0000 (UTC)
(envelope-from bugzilla-noreply@FreeBSD.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 481L1KAO079098
for <net@FreeBSD.org>; Sun, 1 Sep 2024 21:01:20 GMT
(envelope-from bugzilla-noreply@FreeBSD.org)
Received: (from bugzilla@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 481L1KgL079091
for net@FreeBSD.org; Sun, 1 Sep 2024 21:01:20 GMT
(envelope-from bugzilla-noreply@FreeBSD.org)
Message-Id: <202409012101.481L1KgL079091@kenobi.freebsd.org>
X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f
From: bugzilla-noreply@FreeBSD.org
To: net@FreeBSD.org
Subject: Problem reports for net@FreeBSD.org that need special attention
Date: Sun, 1 Sep 2024 21:01:20 +0000
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="17252244800.A0f0fD2f.69655"
Content-Transfer-Encoding: 7bit
--17252244800.A0f0fD2f.69655
Date: Sun, 1 Sep 2024 21:01:20 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
To view an individual PR, use:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id).
The following is a listing of current problems submitted by FreeBSD users,
which need special attention. These represent problem reports covering
all versions including experimental development code and obsolete releases.
Status | Bug Id | Description
------------+-----------+---------------------------------------------------
New | 254445 | cloned_interfaces="bridge0" does not respect net.
Open | 166724 | if_re(4): watchdog timeout
Open | 200836 | iovctl(8): Return descriptions in the returned sc
Open | 223824 | Panic in ng_base.c (netgraph)
Open | 232472 | ixgbe(4): SR-IOV passthru not working on Hyper-V
Open | 234073 | ixl(4): Host X710-DA2 drops connect starting bhyv
Open | 241106 | tun/ppp: panic: vm_fault: fault on nofault entry
Open | 245981 | bnxt(4): BCM57414 / BCM57416 not initializing: bn
Open | 257038 | em(4): Panic on HTTP traffic to or from jail thro
Open | 257286 | gateway with `ping -6 -e` is ignored
Open | 258623 | cxgbe(4): Slow routing performance: 2 numa domain
Open | 258850 | lagg(4): interface vanishes when both member inte
Open | 261866 | ixgbe(4): Resets media type -> autoselect after s
Open | 262024 | em(4): iflib handles bad packets incorrectly
Open | 262093 | ixl(4): RX packet errors on Intel X710 after 12.2
Open | 263568 | ix(4): SR-IOV connection lost after loading VM wi
In Progress | 118111 | rc: network.subr Add MAC address based interface
17 problems total for which you should take action.
--17252244800.A0f0fD2f.69655
Date: Sun, 1 Sep 2024 21:01:20 +0000
MIME-Version: 1.0
Content-Type: text/html; charset="UTF-8"
<pre style="font-family: monospace;">
The following is a listing of current problems submitted by FreeBSD users,
which need special attention. These represent problem reports covering
all versions including experimental development code and obsolete releases.
Status | Bug Id | Description
------------+-----------+---------------------------------------------------
New | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254445">254445</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254445">cloned_interfaces="bridge0" does not respect net.</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=166724">166724</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=166724">if_re(4): watchdog timeout</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200836">200836</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200836">iovctl(8): Return descriptions in the returned sc</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223824">223824</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223824">Panic in ng_base.c (netgraph)</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232472">232472</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232472">ixgbe(4): SR-IOV passthru not working on Hyper-V </a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234073">234073</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234073">ixl(4): Host X710-DA2 drops connect starting bhyv</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241106">241106</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241106">tun/ppp: panic: vm_fault: fault on nofault entry </a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245981">245981</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245981">bnxt(4): BCM57414 / BCM57416 not initializing: bn</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257038">257038</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257038">em(4): Panic on HTTP traffic to or from jail thro</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257286">257286</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257286">gateway with `ping -6 -e` is ignored</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258623">258623</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258623">cxgbe(4): Slow routing performance: 2 numa domain</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258850">258850</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258850">lagg(4): interface vanishes when both member inte</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261866">261866</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261866">ixgbe(4): Resets media type -> autoselect after s</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262024">262024</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262024">em(4): iflib handles bad packets incorrectly</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262093">262093</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262093">ixl(4): RX packet errors on Intel X710 after 12.2</a>
Open | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263568">263568</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263568">ix(4): SR-IOV connection lost after loading VM wi</a>
In Progress | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=118111">118111</a> | <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=118111">rc: network.subr Add MAC address based interface </a>
17 problems total for which you should take action.
</pre>
--17252244800.A0f0fD2f.69655--