From owner-freebsd-net@freebsd.org Sun Mar 1 09:31:17 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7B0F826B090; Sun, 1 Mar 2020 09:31:17 +0000 (UTC) (envelope-from vas@sibptus.ru) Received: from admin.sibptus.ru (admin.sibptus.ru [IPv6:2001:19f0:5001:21dc::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48VdLq3PxSz41MN; Sun, 1 Mar 2020 09:31:15 +0000 (UTC) (envelope-from vas@sibptus.ru) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sibptus.ru; s=20181118; h=In-Reply-To:Message-ID:Subject:To:From:Date; bh=Ana4rHn3y0cgJlfd6w+AfQtchTNTiFXRZarmVA//lIg=; b=jxGhZc8SnUl7Fq2j8e789tz0Sd ZhGigMd/XfN2AoxvxEouL4A5CINLvm2KLO9Bu7/Bix2SaHeiqYq9iM/UJiXJpx6BDWLakeN2f4ZAF +Iqu+x3sBzW1v9ut+Vj1SjqTpSpBQ99fSwOAGM/pTCFBruGNRaW2piaQciS3mu0P8Wzc=; Received: from vas by admin.sibptus.ru with local (Exim 4.93 (FreeBSD)) (envelope-from ) id 1j8KwG-000OPz-0b; Sun, 01 Mar 2020 16:31:08 +0700 Date: Sun, 1 Mar 2020 16:31:07 +0700 From: Victor Sudakov To: Sam Fourman Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org Subject: Re: l2tp+IPsec client on FreeBSD, VPN gateway on Windows Message-ID: <20200301093107.GA93651@admin.sibptus.ru> References: <20191217070332.GA32902@admin.sibptus.ru> <20191218161217.GA87036@admin.sibptus.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="EeQfGwPcQSOJBaQU" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://admin.sibptus.ru/~vas/ X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 X-Rspamd-Queue-Id: 48VdLq3PxSz41MN X-Spamd-Bar: -------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=sibptus.ru header.s=20181118 header.b=jxGhZc8S; dmarc=pass (policy=none) header.from=sibptus.ru; spf=pass (mx1.freebsd.org: domain of vas@sibptus.ru designates 2001:19f0:5001:21dc::10 as permitted sender) smtp.mailfrom=vas@sibptus.ru X-Spamd-Result: default: False [-8.44 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; R_DKIM_ALLOW(-0.20)[sibptus.ru:s=20181118]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; IP_SCORE(-3.35)[ip: (-9.89), ipnet: 2001:19f0:5000::/38(-4.94), asn: 20473(-1.84), country: US(-0.05)]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[sibptus.ru:+]; DMARC_POLICY_ALLOW(-0.50)[sibptus.ru,none]; SIGNED_PGP(-2.00)[]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:5000::/38, country:US]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Mar 2020 09:31:17 -0000 --EeQfGwPcQSOJBaQU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Sam Fourman wrote: > I am also interested to see a working configuration, I need to connect a > FreeBSD client to a Windows Server via L2TP+IPSEC pre-shared key. I can't say for sure about the L2TP server, but the following config works in my lab between a Windows 2016 server and FreeBSD/Strongswan: conn Win2016 keyexchange =3D ikev1 ike=3D3des-sha1-modp2048! esp=3D3des-sha1! left=3D192.168.246.1 right=3D192.168.246.14 type=3Dtransport authby=3Dpsk auto=3Droute In Windows policies, configure: 3DES+SHA1 (both for IKE and ESP), DH Group (for IKE) =3D high, PFS =3D off = (keep unchecked). --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --EeQfGwPcQSOJBaQU Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJeW4DbAAoJEA2k8lmbXsY03xkH/22ehbWebGvlmWIBYSDuTlCD xhHTgc1MqJ2tO9JGM+wHSt/3CPP5FDxJtEX4TSAkx57cbB28sPoDo280zgx8Nn7Q JAayaCondHLJEP0RckGwfSDxRyRuNp9kDkRDk7aWW0rTRRnHZUMiZfjEV3aUBVtW TFbK/4ESqlVW1YAxJf/gaJXvQWrU+vJQP993bJU0ot652T8uk/+ER0/cJdbHg+nP Uuf8SM7VQWh+bM9HL69MfDI2+CYbkDNDeRCTwk9rKH3X7c6vqVrRNxv89ytgLNAn WbtgxdyFnPxAAAWLd6PLzuJ6IitOL/dXiVxk+j/d04nFaj5hKm6my3cP/px0fGs= =J2oi -----END PGP SIGNATURE----- --EeQfGwPcQSOJBaQU-- From owner-freebsd-net@freebsd.org Sun Mar 1 16:37:45 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AF47E244C40 for ; Sun, 1 Mar 2020 16:37:45 +0000 (UTC) (envelope-from plaine@gmail.com) Received: from mail-io1-xd33.google.com (mail-io1-xd33.google.com [IPv6:2607:f8b0:4864:20::d33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48Vppw1xfkz3Jb8 for ; Sun, 1 Mar 2020 16:37:44 +0000 (UTC) (envelope-from plaine@gmail.com) Received: by mail-io1-xd33.google.com with SMTP id h3so8915474ioj.6 for ; Sun, 01 Mar 2020 08:37:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=eErQKexSchJR8on21sFdHJ04tkrGBNokQTLZswv2FBA=; b=CEld47seU4M7+VHp2t5AFYpKjcmEF1RbbUpD/LpHWFphAbj3IMrQa494BF7t5t/4cC R44RPwQ5rVWlLQqnPAtV/Uo/6EVFnj6FdKpjVRrNIJXcWz+dt19XfjdgL7PkmxgL429J ZNDBG9K6gxTM2lJe1WXf7dLtq5GH6ISZywZUW7AJXtbcnRykYOaT6lUgPYE7jc7706gC qH34wwaOvJKZqOmbV8H4ZTNqOAhc/aqtRr4Pw63V0wtuV7HKPRwI5ZEoD0aEAO9bQX09 WmXf7eaStR9hlaD6W1RKMFfLqzCrQ6rMfBgyYbEcCescwB5uPTfIHs0SihvGUX/PHBoe YAQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=eErQKexSchJR8on21sFdHJ04tkrGBNokQTLZswv2FBA=; b=YKyw5PuulVBpOSVQyTaOmM7Sm0Jz4Gzsito2Zxt0VNdiFnTTh41o5S/ug+deGpUUMq LMFLcfOFBZ6uuUtzKgp03JkIAr3CBIm/vHLtqZm7PmZax37FOMF9m6QSFFvuqYPlKkLU z4r6DeFr5WifuUbR3JjNhaiJ6Fh573p1J3U2JL6p6cZSpxI9IB0rRHF3hkgPnKFCtC5k UFdzzxLut+QKZ2vrIY+SJ6PCrhZYx0YeMsym7v5HjABQ45XXiLYyyF55vq+0Yw4rGx3A mrojzbjB7eoPDN8mTUCcnABiscqqruuvxywNRQhUk23AW/uf3d/L65cZ//K45lh75aTF cBmw== X-Gm-Message-State: APjAAAXPLMM6B/jS28bWV4sWejfb0eT6gUwzgJo9hpcd5kwKchFJ/XdH khGhvrmtVTZAZhyQTmUwXQ3mnswBojPcLY05N+EUKQ== X-Google-Smtp-Source: APXvYqygF8brfGFQk8uvVMXzYtYMaczJ8P4SrID0vyt7bOLtvz2YGQP6l5D0nMzMk7D9N44yD1BTLYbyP8Wqv57BxeA= X-Received: by 2002:a6b:760a:: with SMTP id g10mr10533293iom.269.1583080662517; Sun, 01 Mar 2020 08:37:42 -0800 (PST) MIME-Version: 1.0 From: pepe Date: Sun, 1 Mar 2020 18:37:28 +0200 Message-ID: Subject: Qualcom Atheros QCA6174 802.11ac To: freebsd-net@freebsd.org X-Rspamd-Queue-Id: 48Vppw1xfkz3Jb8 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=CEld47se; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of plaine@gmail.com designates 2607:f8b0:4864:20::d33 as permitted sender) smtp.mailfrom=plaine@gmail.com X-Spamd-Result: default: False [-1.99 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.992,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_DN_NONE(0.00)[]; IP_SCORE_FREEMAIL(0.00)[]; URI_COUNT_ODD(1.00)[3]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(0.00)[ip: (-5.57), ipnet: 2607:f8b0::/32(-1.88), asn: 15169(-1.67), country: US(-0.05)]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[3.3.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Mar 2020 16:37:45 -0000 Just a quick question. Is there drivers for that wlan chip in topic? FreeBSD 12.1 in use. Or if there are not drivers, any idea if they're coming in any near future? -- kpn@IRCnet, http://kpn.kahvipannu.fi From owner-freebsd-net@freebsd.org Sun Mar 1 21:00:53 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 369B624D724 for ; Sun, 1 Mar 2020 21:00:53 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 48VwfY0Z6Qz4P95 for ; Sun, 1 Mar 2020 21:00:53 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.nyi.freebsd.org (Postfix) id 1347824D721; Sun, 1 Mar 2020 21:00:53 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 12B9924D720 for ; Sun, 1 Mar 2020 21:00:53 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48VwfX6DpSz4P8k for ; Sun, 1 Mar 2020 21:00:52 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CB30C9941 for ; Sun, 1 Mar 2020 21:00:52 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 021L0qPD071233 for ; Sun, 1 Mar 2020 21:00:52 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 021L0q7J071220 for net@FreeBSD.org; Sun, 1 Mar 2020 21:00:52 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <202003012100.021L0q7J071220@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: net@FreeBSD.org Subject: Problem reports for net@FreeBSD.org that need special attention Date: Sun, 1 Mar 2020 21:00:52 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Mar 2020 21:00:53 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- In Progress | 221146 | [ixgbe] Problem with second laggport In Progress | 235700 | oce(4) driver causes fatal trap 12 on boot with e New | 204438 | setsockopt() handling of kern.ipc.maxsockbuf limi New | 205592 | TCP processing in IPSec causes kernel panic New | 213410 | [carp] service netif restart causes hang only whe Open | 193452 | Dell PowerEdge 210 II -- Kernel panic bce (broadc Open | 194453 | dummynet(4): pipe config bw parameter limited to Open | 200319 | Bridge+CARP crashes/freezes Open | 202510 | [CARP] advertisements sourced from CARP IP cause Open | 207261 | netmap: Doesn't do TX sync with kqueue Open | 210726 | tcp connect() can return invalid EADDRINUSE (Eg: Open | 222273 | igb(4): Kernel panic (fatal trap 12) due to netwo Open | 225438 | panic in6_unlink_ifa() due to race Open | 225792 | ECMP is broken since tryforward() Open | 227720 | Kernel panic in ppp server Open | 230807 | if_alc(4): Driver not working for Killer Networki Open | 235524 | igb(4): Ethernet interface loses active link stat Open | 236888 | ppp daemon: Allow MTU to be overridden for PPPoE Open | 236983 | bnxt(4) VLAN not operational unless explicit "ifc Open | 237072 | netgraph(4): performance issue [on HardenedBSD]? Open | 237391 | route get returns no result for network addresses Open | 237840 | Removed dummynet dependency on ipfw Open | 238324 | Add XG-C100C/AQtion AQC107 10GbE NIC driver Open | 240530 | netgraph/ng_source: Allow ng_source to inject int Open | 240608 | if_vmx(4): iflib - Panic with INVARIANTS: Memory Open | 240944 | em(4): Crash with Intel 82571EB NIC with AMD Pile Open | 240969 | netinet6: Neighbour reachability detection broken Open | 241106 | tun/ppp: panic: vm_fault: fault on nofault entry Open | 241162 | Panic in closefp() triggered by nginx (uwsgi with Open | 241191 | route flush panic with RADIX_MPATH Open | 243463 | ix0: Watchdog timeout Open | 244066 | divert: Add sysctls for divert socket send and re 32 problems total for which you should take action. From owner-freebsd-net@freebsd.org Mon Mar 2 17:58:31 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BB97C255658 for ; Mon, 2 Mar 2020 17:58:31 +0000 (UTC) (envelope-from list1@gjunka.com) Received: from msa1.earth.yoonka.com (yoonka.com [88.98.225.149]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "msa1.earth.yoonka.com", Issuer "msa1.earth.yoonka.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 48WSYf19PPz46JJ for ; Mon, 2 Mar 2020 17:58:29 +0000 (UTC) (envelope-from list1@gjunka.com) Received: from crayon2.yoonka.com (crayon2.yoonka.com [10.70.7.20]) (authenticated bits=0) by msa1.earth.yoonka.com (8.15.2/8.15.2) with ESMTPSA id 022HwSYA015800 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Mon, 2 Mar 2020 17:58:28 GMT (envelope-from list1@gjunka.com) Subject: Re: Qualcom Atheros QCA6174 802.11ac To: freebsd-net@freebsd.org References: From: Grzegorz Junka Message-ID: <3d75e5fc-bfff-87eb-f283-f880d1405386@gjunka.com> Date: Mon, 2 Mar 2020 17:58:28 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-GB-large X-Rspamd-Queue-Id: 48WSYf19PPz46JJ X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of list1@gjunka.com designates 88.98.225.149 as permitted sender) smtp.mailfrom=list1@gjunka.com X-Spamd-Result: default: False [-5.85 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:88.98.225.149:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; DMARC_NA(0.00)[gjunka.com]; IP_SCORE(-3.55)[ip: (-9.30), ipnet: 88.98.192.0/18(-4.65), asn: 56478(-3.72), country: GB(-0.07)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:56478, ipnet:88.98.192.0/18, country:GB]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Mar 2020 17:58:31 -0000 On 01/03/2020 16:37, pepe wrote: > Just a quick question. Is there drivers for that wlan chip in topic? > FreeBSD 12.1 in use. Or if there > are not drivers, any idea if they're coming in any near future? I asked the same question about 6 month ago and was pointed to this thread: https://lists.freebsd.org/pipermail/freebsd-current/2019-February/072769.html The repo is here: https://github.com/erikarn/athp/ Doesn't look like there is going to be support for it anytime soon. GrzegorzJ From owner-freebsd-net@freebsd.org Tue Mar 3 00:17:28 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 74F9D25F889 for ; Tue, 3 Mar 2020 00:17:28 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48Wcyw2NSTz4BB7; Tue, 3 Mar 2020 00:17:28 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: from reviews.nyi.freebsd.org (reviews.nyi.freebsd.org [IPv6:2610:1c1:1:607c::16:b]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 137E124816; Tue, 3 Mar 2020 00:17:28 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: by reviews.nyi.freebsd.org (Postfix, from userid 1346) id 121A9399206; Tue, 3 Mar 2020 00:17:28 +0000 (UTC) Date: Tue, 3 Mar 2020 00:17:28 +0000 To: Phabricator From: "glebius (Gleb Smirnoff)" Cc: freebsd-net@freebsd.org Reply-to: "glebius (Gleb Smirnoff)" Subject: [Differential] D23788: DRAFT: ng_ksocket: IPv6 address parsing and unparsing Message-ID: <5716f0c3344f106d7a0582414f0400ec@localhost.localdomain> X-Priority: 3 X-Phabricator-Sent-This-Message: Yes X-Mail-Transport-Agent: MetaMTA X-Auto-Response-Suppress: All X-Phabricator-Mail-Tags: , X-Herald-Rules: <28>, <125>, <128>, <67>, <8> X-Phabricator-Projects: <#network> X-Phabricator-To: X-Phabricator-To: X-Phabricator-To: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: Precedence: bulk Thread-Topic: PHID-DREV-isgti776xdsdvju2ufh3 X-Phabricator-Mail-ID: 1849203 X-Phabricator-Send-Attempt: mhyocksg77iagmdk In-Reply-To: References: Thread-Index: MWQ0ZDVhYmNlZTMxYjNlZWMyN2FmZTk4YjlhIF5dohg= X-Phabricator-Stamps: actor(@glebius) application(Differential) author(@neel_neelc.org) herald(H8) herald(H28) herald(H67) herald(H125) herald(H128) mention(@neel_neelc.org) monogram(D23788) object-type(DREV) phid(PHID-DREV-isgti776xdsdvju2ufh3) reviewer(#manpages) reviewer(@hrs) revision-repository(rS) revision-status(needs-review) subscriber(#contributor_reviews_base) subscriber(@bcr) subscriber(@freebsd-net-list) subscriber(@glebius) subscriber(@hrs) subscriber(@imp) subscriber(@lutz_donnerhacke.de) subscriber(@melifaro) tag(#network) via(web) MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Mar 2020 00:17:28 -0000 Z2xlYml1cyBhZGRlZCBhIGNvbW1lbnQuCgoKICBJbiBEMjM3ODgjNTIzMjQ3IDxodHRwczovL3Jl dmlld3MuZnJlZWJzZC5vcmcvRDIzNzg4IzUyMzI0Nz4sIEBuZWVsX25lZWxjLm9yZyB3cm90ZToK ICAKICA+IEkgc3RpbGwgZ2V0ICJuZ2N0bDogc2VuZCBtc2c6IEludmFsaWQgYXJndW1lbnQiIGVy cm9ycyB3aXRoIHRoZSBjb21tYW5kcyBpbiB0aGUgVGVzdCBQbGFuLiBBbSBJIGRvaW5nIGFueXRo aW5nIHdyb25nPwogIAogIFdlbGwsIHlvdSd2ZSBhZGRlZCAzIG5ldyBwbGFjZXMgdGhhdCBjb3Vs ZCByZXR1cm4gRUlOVkFMLiBDb3VsZCBpdCBiZSB0aGF0IG9uZSBvZiB0aGVtIGZpcmVzPyBPZiBj b3Vyc2UgdGhlcmUgYXJlIG1vcmUgcGxhY2VzIGluIG5ldGdyYXBoIHRoYXQgY2FuIHJldHVybiBF SU5WQUwsIGJ1dCBmaXJzdCBtYWtlcyBzZW5zZSB0byBpc29sYXRlIHRoYXQgdGhpcyBpc24ndCBu ZXcgY29kZS4KClJFUE9TSVRPUlkKICByUyBGcmVlQlNEIHNyYyByZXBvc2l0b3J5CgpDSEFOR0VT IFNJTkNFIExBU1QgQUNUSU9OCiAgaHR0cHM6Ly9yZXZpZXdzLmZyZWVic2Qub3JnL0QyMzc4OC9u ZXcvCgpSRVZJU0lPTiBERVRBSUwKICBodHRwczovL3Jldmlld3MuZnJlZWJzZC5vcmcvRDIzNzg4 CgpFTUFJTCBQUkVGRVJFTkNFUwogIGh0dHBzOi8vcmV2aWV3cy5mcmVlYnNkLm9yZy9zZXR0aW5n cy9wYW5lbC9lbWFpbHByZWZlcmVuY2VzLwoKVG86IG5lZWxfbmVlbGMub3JnLCBocnMsICNtYW5w YWdlcwpDYzogZ2xlYml1cywgYmNyLCBocnMsIGltcCwgbHV0el9kb25uZXJoYWNrZS5kZSwgbWVs aWZhcm8sICNjb250cmlidXRvcl9yZXZpZXdzX2Jhc2UsIGZyZWVic2QtbmV0LWxpc3QsIG1tYWN5 LCBrcHJhdmVlbi5sa21sX2dtYWlsLmNvbSwgbWFyY25hcmNfZ21haWwuY29tLCBzaW1vbnZlbGxh X2dtYWlsLmNvbSwgbm92aWNlX3RlY2hpZS5jb20sIHRvbW1pLnBlcm5pbGFfaWtpLmZpCg== From owner-freebsd-net@freebsd.org Tue Mar 3 04:19:47 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0E4CB264903 for ; Tue, 3 Mar 2020 04:19:47 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48WkLV5bb2z4jZN; Tue, 3 Mar 2020 04:19:46 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: from reviews.nyi.freebsd.org (reviews.nyi.freebsd.org [IPv6:2610:1c1:1:607c::16:b]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 62AAC274CA; Tue, 3 Mar 2020 04:19:46 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: by reviews.nyi.freebsd.org (Postfix, from userid 1346) id 6059838EAAE; Tue, 3 Mar 2020 04:19:46 +0000 (UTC) Date: Tue, 3 Mar 2020 04:19:46 +0000 To: Phabricator From: "neel_neelc.org (Neel Chauhan)" Cc: freebsd-net@freebsd.org Reply-to: "neel_neelc.org (Neel Chauhan)" Subject: [Differential] D23788: DRAFT: ng_ksocket: IPv6 address parsing and unparsing Message-ID: <98c8945511996e1bc77e3a2d4298b2ba@localhost.localdomain> X-Priority: 3 X-Phabricator-Sent-This-Message: Yes X-Mail-Transport-Agent: MetaMTA X-Auto-Response-Suppress: All X-Phabricator-Mail-Tags: X-Herald-Rules: <28>, <125>, <128>, <67>, <8> X-Phabricator-Projects: <#network> X-Phabricator-To: X-Phabricator-To: X-Phabricator-To: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: Precedence: bulk Thread-Topic: PHID-DREV-isgti776xdsdvju2ufh3 X-Phabricator-Mail-ID: 1849357 X-Phabricator-Send-Attempt: yqi2rv665e5btm77 In-Reply-To: References: Thread-Index: MWQ0ZDVhYmNlZTMxYjNlZWMyN2FmZTk4YjlhIF5d2uI= X-Phabricator-Stamps: actor(@neel_neelc.org) application(Differential) author(@neel_neelc.org) herald(H8) herald(H28) herald(H67) herald(H125) herald(H128) monogram(D23788) object-type(DREV) phid(PHID-DREV-isgti776xdsdvju2ufh3) reviewer(#manpages) reviewer(@hrs) revision-repository(rS) revision-status(needs-review) subscriber(#contributor_reviews_base) subscriber(@bcr) subscriber(@freebsd-net-list) subscriber(@glebius) subscriber(@hrs) subscriber(@imp) subscriber(@lutz_donnerhacke.de) subscriber(@melifaro) tag(#network) via(web) MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Mar 2020 04:19:47 -0000 bmVlbF9uZWVsYy5vcmcgZWRpdGVkIHRoZSB0ZXN0IHBsYW4gZm9yIHRoaXMgcmV2aXNpb24uCgpS RVBPU0lUT1JZCiAgclMgRnJlZUJTRCBzcmMgcmVwb3NpdG9yeQoKQ0hBTkdFUyBTSU5DRSBMQVNU IEFDVElPTgogIGh0dHBzOi8vcmV2aWV3cy5mcmVlYnNkLm9yZy9EMjM3ODgvbmV3LwoKUkVWSVNJ T04gREVUQUlMCiAgaHR0cHM6Ly9yZXZpZXdzLmZyZWVic2Qub3JnL0QyMzc4OAoKRU1BSUwgUFJF RkVSRU5DRVMKICBodHRwczovL3Jldmlld3MuZnJlZWJzZC5vcmcvc2V0dGluZ3MvcGFuZWwvZW1h aWxwcmVmZXJlbmNlcy8KClRvOiBuZWVsX25lZWxjLm9yZywgaHJzLCAjbWFucGFnZXMKQ2M6IGds ZWJpdXMsIGJjciwgaHJzLCBpbXAsIGx1dHpfZG9ubmVyaGFja2UuZGUsIG1lbGlmYXJvLCAjY29u dHJpYnV0b3JfcmV2aWV3c19iYXNlLCBmcmVlYnNkLW5ldC1saXN0LCBtbWFjeSwga3ByYXZlZW4u bGttbF9nbWFpbC5jb20sIG1hcmNuYXJjX2dtYWlsLmNvbSwgc2ltb252ZWxsYV9nbWFpbC5jb20s IG5vdmljZV90ZWNoaWUuY29tLCB0b21taS5wZXJuaWxhX2lraS5maQo= From owner-freebsd-net@freebsd.org Tue Mar 3 05:27:35 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 11094265786 for ; Tue, 3 Mar 2020 05:27:35 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48Wlrk4Krtz3JHR; Tue, 3 Mar 2020 05:27:34 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: from reviews.nyi.freebsd.org (reviews.nyi.freebsd.org [IPv6:2610:1c1:1:607c::16:b]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 1570A197; Tue, 3 Mar 2020 05:27:33 +0000 (UTC) (envelope-from daemon-user@freebsd.org) Received: by reviews.nyi.freebsd.org (Postfix, from userid 1346) id 146CA39F927; Tue, 3 Mar 2020 05:27:33 +0000 (UTC) Date: Tue, 3 Mar 2020 05:27:33 +0000 To: Phabricator From: "neel_neelc.org (Neel Chauhan)" Cc: freebsd-net@freebsd.org Reply-to: "neel_neelc.org (Neel Chauhan)" Subject: [Differential] D23788: DRAFT: ng_ksocket: IPv6 address parsing and unparsing Message-ID: <7e35b24be9db48499816802b676f940b@localhost.localdomain> X-Priority: 3 X-Phabricator-Sent-This-Message: Yes X-Mail-Transport-Agent: MetaMTA X-Auto-Response-Suppress: All X-Phabricator-Mail-Tags: , , X-Herald-Rules: <28>, <125>, <128>, <67>, <8> X-Phabricator-Projects: <#network> X-Phabricator-To: X-Phabricator-To: X-Phabricator-To: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: X-Phabricator-Cc: Precedence: bulk Thread-Topic: PHID-DREV-isgti776xdsdvju2ufh3 X-Phabricator-Mail-ID: 1849390 X-Phabricator-Send-Attempt: wfzi65upf7gtybhi In-Reply-To: References: Thread-Index: MWQ0ZDVhYmNlZTMxYjNlZWMyN2FmZTk4YjlhIF5d6sU= X-Phabricator-Stamps: actor(@neel_neelc.org) application(Differential) author(@neel_neelc.org) herald(H8) herald(H28) herald(H67) herald(H125) herald(H128) monogram(D23788) object-type(DREV) phid(PHID-DREV-isgti776xdsdvju2ufh3) reviewer(#manpages) reviewer(@hrs) revision-repository(rS) revision-status(needs-review) subscriber(#contributor_reviews_base) subscriber(@bcr) subscriber(@freebsd-net-list) subscriber(@glebius) subscriber(@hrs) subscriber(@imp) subscriber(@lutz_donnerhacke.de) subscriber(@melifaro) tag(#network) via(web) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="b1_7e35b24be9db48499816802b676f940b" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Mar 2020 05:27:35 -0000 --b1_7e35b24be9db48499816802b676f940b Content-Type: text/plain; charset = "utf-8" Content-Transfer-Encoding: base64 bmVlbF9uZWVsYy5vcmcgdXBkYXRlZCB0aGlzIHJldmlzaW9uIHRvIERpZmYgNjkxMDMuCm5lZWxf bmVlbGMub3JnIGFkZGVkIGEgY29tbWVudC4KCgogIEkgZm9yZ290IGEgInJldHVybigwKSIgaW4g dGhlIElQdjYgdW5wYXJzaW5nLgogIAogIFRoaXMgZG9lcyBub3Qgc29sdmUgdGhlICJJbnZhbGlk IGFyZ3VtZW50IiBlcnJvcnMuIEhvd2V2ZXIsIHRoZSBpc3N1ZSBpcyBub3Qgd2l0aCBteSBjb2Rl LiBJIHRyaWVkIHByaW50ZnMgaW4gdGhlIHNhbWUgc3RhdGVtZW50cyBhcyB0aGUgRUlOVkFMIHJl dHVybnMgYW5kIGdvdCBub3RoaW5nLgogIAogIFNvbWV0aGluZyBlbHNlIG11c3QgYmUgY2F1c2lu ZyB0aGlzIGluIHRoZSBuZ19rc29ja2V0IG9yIGl0cyBkZXBlbmRlbnRzLgoKUkVQT1NJVE9SWQog IHJTIEZyZWVCU0Qgc3JjIHJlcG9zaXRvcnkKCkNIQU5HRVMgU0lOQ0UgTEFTVCBVUERBVEUKICBo dHRwczovL3Jldmlld3MuZnJlZWJzZC5vcmcvRDIzNzg4P3ZzPTY4ODUwJmlkPTY5MTAzCgpDSEFO R0VTIFNJTkNFIExBU1QgQUNUSU9OCiAgaHR0cHM6Ly9yZXZpZXdzLmZyZWVic2Qub3JnL0QyMzc4 OC9uZXcvCgpSRVZJU0lPTiBERVRBSUwKICBodHRwczovL3Jldmlld3MuZnJlZWJzZC5vcmcvRDIz Nzg4CgpBRkZFQ1RFRCBGSUxFUwogIHNoYXJlL21hbi9tYW40L25nX2tzb2NrZXQuNAogIHN5cy9u ZXRncmFwaC9uZ19rc29ja2V0LmMKCkVNQUlMIFBSRUZFUkVOQ0VTCiAgaHR0cHM6Ly9yZXZpZXdz LmZyZWVic2Qub3JnL3NldHRpbmdzL3BhbmVsL2VtYWlscHJlZmVyZW5jZXMvCgpUbzogbmVlbF9u ZWVsYy5vcmcsIGhycywgI21hbnBhZ2VzCkNjOiBnbGViaXVzLCBiY3IsIGhycywgaW1wLCBsdXR6 X2Rvbm5lcmhhY2tlLmRlLCBtZWxpZmFybywgI2NvbnRyaWJ1dG9yX3Jldmlld3NfYmFzZSwgZnJl ZWJzZC1uZXQtbGlzdCwgbW1hY3ksIGtwcmF2ZWVuLmxrbWxfZ21haWwuY29tLCBtYXJjbmFyY19n bWFpbC5jb20sIHNpbW9udmVsbGFfZ21haWwuY29tLCBub3ZpY2VfdGVjaGllLmNvbSwgdG9tbWku cGVybmlsYV9pa2kuZmkK --b1_7e35b24be9db48499816802b676f940b Content-Type: text/x-patch; charset=utf-8; name="D23788.69103.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="D23788.69103.patch" ZGlmZiAtLWdpdCBhL3N5cy9uZXRncmFwaC9uZ19rc29ja2V0LmMgYi9zeXMvbmV0Z3JhcGgvbmdf a3NvY2tldC5jCi0tLSBhL3N5cy9uZXRncmFwaC9uZ19rc29ja2V0LmMKKysrIGIvc3lzL25ldGdy YXBoL25nX2tzb2NrZXQuYwpAQCAtNjAsNiArNjAsOSBAQAogI2luY2x1ZGUgPHN5cy91aW8uaD4K ICNpbmNsdWRlIDxzeXMvdW4uaD4KIAorI2luY2x1ZGUgPG5ldC9pZi5oPgorI2luY2x1ZGUgPG5l dC9pZl92YXIuaD4KKwogI2luY2x1ZGUgPG5ldGdyYXBoL25nX21lc3NhZ2UuaD4KICNpbmNsdWRl IDxuZXRncmFwaC9uZXRncmFwaC5oPgogI2luY2x1ZGUgPG5ldGdyYXBoL25nX3BhcnNlLmg+CkBA IC02OCw2ICs3MSw4IEBACiAjaW5jbHVkZSA8bmV0aW5ldC9pbi5oPgogI2luY2x1ZGUgPG5ldGlu ZXQvaXAuaD4KIAorI2luY2x1ZGUgPG5ldGluZXQ2L3Njb3BlNl92YXIuaD4KKwogI2lmZGVmIE5H X1NFUEFSQVRFX01BTExPQwogc3RhdGljIE1BTExPQ19ERUZJTkUoTV9ORVRHUkFQSF9LU09DS0VU LCAibmV0Z3JhcGhfa3NvY2siLAogICAgICJuZXRncmFwaCBrc29jayBub2RlIik7CkBAIC0xNDks NiArMTU0LDE5IEBACiAJeyAiZW5jYXAiLAlJUFBST1RPX0VOQ0FQLAkJUEZfSU5FVAkJfSwKIAl7 ICJkaXZlcnQiLAlJUFBST1RPX0RJVkVSVCwJCVBGX0lORVQJCX0sCiAJeyAicGltIiwJSVBQUk9U T19QSU0sCQlQRl9JTkVUCQl9LAorCXsgImlwNiIsCUlQUFJPVE9fSVBWNiwJCVBGX0lORVQ2CX0s CisJeyAicmF3NiIsCUlQUFJPVE9fUkFXLAkJUEZfSU5FVDYJfSwKKwl7ICJpY21wNiIsCUlQUFJP VE9fSUNNUFY2LAkJUEZfSU5FVDYJfSwKKwl7ICJpZ21wNiIsCUlQUFJPVE9fSUdNUCwJCVBGX0lO RVQ2CX0sCisJeyAidGNwNiIsCUlQUFJPVE9fVENQLAkJUEZfSU5FVDYJfSwKKwl7ICJ1ZHA2IiwJ SVBQUk9UT19VRFAsCQlQRl9JTkVUNgl9LAorCXsgImdyZTYiLAlJUFBST1RPX0dSRSwJCVBGX0lO RVQ2CX0sCisJeyAiZXNwNiIsCUlQUFJPVE9fRVNQLAkJUEZfSU5FVDYJfSwKKwl7ICJhaDYiLAlJ UFBST1RPX0FILAkJUEZfSU5FVDYJfSwKKwl7ICJzd2lwZTYiLAlJUFBST1RPX1NXSVBFLAkJUEZf SU5FVDYJfSwKKwl7ICJlbmNhcDYiLAlJUFBST1RPX0VOQ0FQLAkJUEZfSU5FVDYJfSwKKwl7ICJk aXZlcnQ2IiwJSVBQUk9UT19ESVZFUlQsCQlQRl9JTkVUNgl9LAorCXsgInBpbTYiLAlJUFBST1RP X1BJTSwJCVBGX0lORVQ2CX0sCiAJeyBOVUxMLAkJLTEJCQkJCX0sCiB9OwogCkBAIC0yOTQsMTAg KzMxMiw1MCBAQAogCQlicmVhazsKIAkgICAgfQogCi0jaWYgMAotCWNhc2UgUEZfSU5FVDY6CS8q IFhYWCBpbXBsZW1lbnQgdGhpcyBzb21lZGF5ICovCi0jZW5kaWYKKwljYXNlIFBGX0lORVQ2Ogor CSAgICB7CisJCXN0cnVjdCBzb2NrYWRkcl9pbjYgKmNvbnN0IHNpbjYgPSAoc3RydWN0IHNvY2th ZGRyX2luNiAqKXNhOworCQljaGFyICplcHRyOworCQljaGFyIGFkZHJbSU5FVDZfQUREUlNUUkxF Tl07CisJCWNoYXIgaWZuYW1lWzE2XTsKKwkJdV9sb25nIHBvcnQ7CisJCWJvb2wgaGFzaWZuYW1l ID0gdHJ1ZTsKIAorCQlpZiAoc1sqb2ZmXSA9PSAnWycpCisJCQkoKm9mZikrKzsKKwkJaWYgKChl cHRyID0gc3Ryc3RyKCZzWypvZmZdLCAiJSIpKSA9PSBOVUxMKSB7CisJCQloYXNpZm5hbWUgPSBm YWxzZTsKKwkJCWVwdHIgPSBzdHJzdHIoJnNbKm9mZl0sICJdIik7CisJCX0KKwkJc25wcmludGYo YWRkciwgZXB0ciAtIChzICsgKm9mZiksICIlcyIsICZzWypvZmZdKTsKKwkJKm9mZiArPSAoZXB0 ciAtIChzICsgKm9mZikpOworCQlpZiAoIWluZXRfcHRvbihBRl9JTkVUNiwgYWRkciwgJnNpbjYt PnNpbjZfYWRkcikpCisJCQlyZXR1cm4gKEVJTlZBTCk7CisKKwkJaWYgKGhhc2lmbmFtZSkgewor CQkJdWludDE2X3Qgc2NvcGU7CisKKwkJCWVwdHIgPSBzdHJzdHIoTlVMTCwgIl0iKTsKKwkJCXNu cHJpbnRmKGlmbmFtZSwgZXB0ciAtIChzICsgKm9mZiksICIlcyIsICZzWypvZmZdKTsKKwkJCSpv ZmYgKz0gKGVwdHIgLSAocyArICpvZmYpKTsKKworCQkJaWYgKG50b2hsKHNpbjYtPnNpbjZfYWRk ci5zNl9hZGRyMTZbMF0pICE9IDB4ZmU4MCkKKwkJCQlyZXR1cm4gKEVJTlZBTCk7CisJCQlzY29w ZSA9IGluNl9nZXRzY29wZSgmc2luNi0+c2luNl9hZGRyKTsKKwkJCXNpbjYtPnNpbjZfc2NvcGVf aWQgPQorCQkJICAgIGluNl9nZXRzY29wZXpvbmUoaWZ1bml0KGlmbmFtZSksIHNjb3BlKTsKKwkJ fQorCisJCWlmIChzWypvZmZdID09ICddJykgeworCQkJKCpvZmYpKys7CisJCQlwb3J0ID0gc3Ry dG91bChzICsgKm9mZiwgJmVwdHIsIDEwKTsKKwkJCWlmIChwb3J0ID4gMHhmZmZmIHx8IGVwdHIg PT0gcyArICpvZmYpCisJCQkJcmV0dXJuIChFSU5WQUwpOworCQkJc2luNi0+c2luNl9wb3J0ID0g aHRvbnMocG9ydCk7CisJCX0KKwkJYnJlYWs7CisJICAgIH0KKwogCWRlZmF1bHQ6CiAJCXJldHVy biAoRUlOVkFMKTsKIAl9CkBAIC0zNTYsOSArNDE0LDIxIEBACiAJCXJldHVybigwKTsKIAkgICAg fQogCi0jaWYgMAotCWNhc2UgUEZfSU5FVDY6CS8qIFhYWCBpbXBsZW1lbnQgdGhpcyBzb21lZGF5 ICovCi0jZW5kaWYKKwljYXNlIFBGX0lORVQ2OgorCSAgICB7CisJCWNvbnN0IHN0cnVjdCBzb2Nr YWRkcl9pbjYgKnNpbjYgPSAoY29uc3Qgc3RydWN0IHNvY2thZGRyX2luNiAqKXNhOworCQljaGFy IGFkZHJbSU5FVDZfQUREUlNUUkxFTl07CisJCQorCQlpbmV0X250b3AoQUZfSU5FVDYsICZzaW42 LT5zaW42X2FkZHIsIGFkZHIsIElORVQ2X0FERFJTVFJMRU4pOworCQlzbGVuICs9IHNucHJpbnRm KGNidWYsIGNidWZsZW4sICJpbmV0Ni9bJXNdIiwgYWRkcik7CisKKwkJaWYgKHNpbjYtPnNpbjZf cG9ydCAhPSAwKSB7CisJCQlzbGVuICs9IHNucHJpbnRmKGNidWYgKyBzdHJsZW4oY2J1ZiksCisJ CQkgICAgY2J1ZmxlbiAtIHN0cmxlbihjYnVmKSwgIjolZCIsCisJCQkgICAgKHVfaW50KW50b2hz KHNpbjYtPnNpbjZfcG9ydCkpOworCQl9CisJCXJldHVybigwKTsKKwkgICAgfQogCiAJZGVmYXVs dDoKIAkJcmV0dXJuICgqbmdfa3NvY2tldF9nZW5lcmljX3NvY2thZGRyX3R5cGUuc3VwZXJ0eXBl LT51bnBhcnNlKQpkaWZmIC0tZ2l0IGEvc2hhcmUvbWFuL21hbjQvbmdfa3NvY2tldC40IGIvc2hh cmUvbWFuL21hbjQvbmdfa3NvY2tldC40Ci0tLSBhL3NoYXJlL21hbi9tYW40L25nX2tzb2NrZXQu NAorKysgYi9zaGFyZS9tYW4vbWFuNC9uZ19rc29ja2V0LjQKQEAgLTE4NSw3ICsxODUsOCBAQAog ZXF1aXZhbGVudCBvZiB0aGUgQyBzdHJ1Y3R1cmUKIGlzIGFuIGFjY2VwdGFibGUgZm9ybS4KIEZv ciB0aGUKLS5EdiBQRl9JTkVUCisuRHYgUEZfSU5FVCAsCisuRHYgUEZfSU5FVDYKIGFuZAogLkR2 IFBGX0xPQ0FMCiBhZGRyZXNzIGZhbWlsaWVzLCBhIG1vcmUgY29udmVuaWVudCBmb3JtIGlzIGFs c28gdXNlZCwgd2hpY2ggaXMKQEAgLTE5Myw4ICsxOTQsMTIgQEAKIGFkZHJlc3MuCiBGb3IKIC5E diBQRl9JTkVUICwKLXRoZSBhZGRyZXNzIGlzIGFuIElQIGFkZHJlc3MgZm9sbG93ZWQgYnkgYW4g b3B0aW9uYWwgY29sb24gYW5kIHBvcnQgbnVtYmVyLgordGhlIGFkZHJlc3MgaXMgYW4gSVB2NCBh ZGRyZXNzIGZvbGxvd2VkIGJ5IGFuIG9wdGlvbmFsIGNvbG9uIGFuZCBwb3J0IG51bWJlci4KIEZv cgorLkR2IFBGX0lORVQ2ICwKK3RoZSBhZGRyZXNzIGlzIGFuIElQdjYgYWRkcmVzcyBwb3NzaWJs eSBlbmNsb3NlZCBpbiBzcXVhcmUgYnJhY2tldHMgZm9sbG93ZWQKK2J5IGFuIG9wdGlvbmFsIGNv bG9uIGFuZCBwb3J0IG51bWJlci4KK0ZvcgogLkR2IFBGX0xPQ0FMICwKIHRoZSBhZGRyZXNzIGlz IHRoZSBwYXRobmFtZSBhcyBhIGRvdWJseSBxdW90ZWQgc3RyaW5nLgogLlBwCkBAIC0yMDQsNiAr MjA5LDggQEAKIGxvY2FsLyIvdG1wL2Zvby5zb2NrZXQiCiAuSXQgRHYgUEZfSU5FVAogaW5ldC8x OTIuMTY4LjEuMToxMjM0CisuSXQgRHYgUEZfSU5FVAoraW5ldDYvWzIwMDE6OjFdOjEyMzQKIC5J dCBPdGhlcgogLkR2ICJcJnsgZmFtaWx5PTE2IGxlbj0xNiBkYXRhPVsweDcwIDB4MDAgMHgwMSAw eDIzXSBcJn0iCiAuRWwKCg== --b1_7e35b24be9db48499816802b676f940b-- From owner-freebsd-net@freebsd.org Wed Mar 4 20:10:21 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 909D22777FC for ; Wed, 4 Mar 2020 20:10:21 +0000 (UTC) (envelope-from dk@neveragain.de) Received: from mail.neveragain.de (chao.neveragain.de [94.16.113.56]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48XlNq3gY0z43BB for ; Wed, 4 Mar 2020 20:10:19 +0000 (UTC) (envelope-from dk@neveragain.de) Received: from [IPv6:2a02:908:113b:fb5c:4981:c81d:4c5:2c01] (unknown [IPv6:2a02:908:113b:fb5c:4981:c81d:4c5:2c01]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.neveragain.de (Postfix) with ESMTPSA id AE921200773 for ; Wed, 4 Mar 2020 21:10:10 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=neveragain.de; s=2015-10; t=1583352610; bh=R2F+a65/YdCzPnDVFX6Nm8CpC5cSHSOqhBBBct4rJKE=; h=From:Subject:Date:To; b=LuA0F3eJRBiL5c1iq+FnfIKQ2o0KohFPavsSGiNNRQD60rf9ytlP1eXVzAmWPI81K JBSyDrn9QRWTzSJtj6TjY/UG0gkru6eM7j+eFA5yoTTch3O9FnxqJDsXO6uAeGbagK gMok7z/aFpwsMLHNtvG0UwGBpO1oi3ogpAhHEIRx7pkkYhRpAUhMti/o+m0w70X7c6 2Q1DOCBzPEIH0huES+tPJRXvTENPbi8Shu+9kfZw+P7AC2IA90yo3bhi/jjUrp5jgv +jF/i1w5BFv8CPLaHasj4pWFBZPJcXmcYRcDYyEdjfFh5nYjdd2r/Bzn1sWeM2yWbs aAqdLteZ+Rl7w== From: =?utf-8?Q?Dennis_K=C3=B6gel?= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.60.0.2.5\)) Subject: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) Message-Id: <523BA6CF-C2C3-4E55-B81C-CB8816E56DDE@neveragain.de> Date: Wed, 4 Mar 2020 21:10:09 +0100 To: freebsd-net@freebsd.org X-Mailer: Apple Mail (2.3608.60.0.2.5) X-Rspamd-Queue-Id: 48XlNq3gY0z43BB X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=neveragain.de header.s=2015-10 header.b=LuA0F3eJ; dmarc=pass (policy=none) header.from=neveragain.de; spf=pass (mx1.freebsd.org: domain of dk@neveragain.de designates 94.16.113.56 as permitted sender) smtp.mailfrom=dk@neveragain.de X-Spamd-Result: default: False [-1.04 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[neveragain.de:s=2015-10]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+a:mail.neveragain.de]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_DN_NONE(0.00)[]; NEURAL_SPAM_MEDIUM(0.57)[0.571,0]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MV_CASE(0.50)[]; DKIM_TRACE(0.00)[neveragain.de:+]; DMARC_POLICY_ALLOW(-0.50)[neveragain.de,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(-0.12)[asn: 197540(-0.56), country: DE(-0.02)]; ASN(0.00)[asn:197540, ipnet:94.16.112.0/21, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Mar 2020 20:10:21 -0000 Hi, I=E2=80=98ve spent quite some time debugging weird intermittent IPv6 = connectivity issues over the last few days. It turned out that net.inet6.icmp6.nd6_onlink_ns_rfc4861=3D1 fixed those = problems. This flag was introduced in a 2008 Security Advisory, because = "non-neighbors" could abuse Neighbor Discovery to potentially cause = denial-of-service situations. In my situation it caused valid Neighbor Solicitation packets from my = provider to be silently dropped, making the connection effectively = unusable. In the comments in nd6_nbr.c[0] it says that IETF discussion on this = issue is still ongoing.=20 In the meantime, 12 years have passed. There are several reports on = similar connection issues over the years, each time due to this default = setting. An OpenBSD discussion from 2013 [1] explains the effects in depth, but = ultimately ends up nowhere. The key takeaway from this thread is RFC = 4861 sect. 7.2.2, which states that any address "should" be used as = source. Dragonfly decided to disable this protection by default in 2018 [2]. I=E2=80=98d propose to do the same in FreeBSD, given that the issue 1) = is rather hard to debug 2) breaks interop with RFC-compliant setups = again and again and 3) I cannot see any harm here (Solicitation can only = originate from the rather trusted local network, i.e. from a neighbor). What do you think? Am I missing something? Thanks, - D.=20 [0]: = https://github.com/freebsd/freebsd/blob/master/sys/netinet6/nd6_nbr.c#L188= [1]: = http://openbsd-archive.7691.n7.nabble.com/OpenBSD-ignoring-RFC-compliant-I= Pv6-neighbor-solicitation-td223348.html [2]: https://www.mail-archive.com/commits@dragonflybsd.org/msg14496.html From owner-freebsd-net@freebsd.org Thu Mar 5 06:58:57 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2D79A2601BD for ; Thu, 5 Mar 2020 06:58:57 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (mx.allbsd.org [IPv6:2001:2f0:104:e001::41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail.allbsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48Y1nD4Jvcz410j for ; Thu, 5 Mar 2020 06:58:56 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail-d.allbsd.org ([IPv6:2409:11:a740:4700:58:65ff:fe00:b0b]) (authenticated bits=56) by mail.allbsd.org (8.15.2/8.15.2) with ESMTPSA id 0256wVaC002543 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK) (Client CN "/CN=mail-d.allbsd.org", Issuer "/C=US/O=Let's+20Encrypt/CN=Let's+20Encrypt+20Authority+20X3"); Thu, 5 Mar 2020 15:58:45 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from alph.d.allbsd.org ([IPv6:2409:11:a740:4700:16:ceff:fe34:2700]) by mail-d.allbsd.org (8.15.2/8.15.2) with ESMTPS id 0256wQr4045024 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Thu, 5 Mar 2020 15:58:26 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [[UNIX: localhost]]) (authenticated bits=0) by alph.d.allbsd.org (8.15.2/8.15.2) with ESMTPA id 0256wPOb045021; Thu, 5 Mar 2020 15:58:26 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Thu, 05 Mar 2020 15:56:25 +0900 (JST) Message-Id: <20200305.155625.1199096393793640113.hrs@FreeBSD.org> To: dk@neveragain.de Cc: freebsd-net@freebsd.org Subject: Re: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) From: Hiroki Sato In-Reply-To: <523BA6CF-C2C3-4E55-B81C-CB8816E56DDE@neveragain.de> References: <523BA6CF-C2C3-4E55-B81C-CB8816E56DDE@neveragain.de> X-Old-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-PGPkey-fingerprint: 6C0D 2353 27CF 80C7 901E FDD2 DBB0 7DC6 6F1F 737F X-Mailer: Mew version 6.8 on Emacs 26.3 Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="--Security_Multipart(Thu_Mar__5_15_56_25_2020_808)--" Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (mail.allbsd.org [IPv6:2001:2f0:104:e001:0:0:0:41]); Thu, 05 Mar 2020 15:58:51 +0900 (JST) X-Rspamd-Queue-Id: 48Y1nD4Jvcz410j X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-0.09 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_SPAM_MEDIUM(0.91)[0.907,0]; ASN(0.00)[asn:7514, ipnet:2001:2f0::/32, country:JP] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Mar 2020 06:58:57 -0000 ----Security_Multipart(Thu_Mar__5_15_56_25_2020_808)-- Content-Type: Text/Plain; charset=utf-8 Content-Transfer-Encoding: base64 RGVubmlzIEvDtmdlbCA8ZGtAbmV2ZXJhZ2Fpbi5kZT4gd3JvdGUNCiAgaW4gPDUyM0JBNkNGLUMy QzMtNEU1NS1CODFDLUNCODgxNkU1NkRERUBuZXZlcmFnYWluLmRlPjoNCg0KZGs+IEhpLA0KZGs+ IA0KZGs+IEnigJh2ZSBzcGVudCBxdWl0ZSBzb21lIHRpbWUgZGVidWdnaW5nIHdlaXJkIGludGVy bWl0dGVudCBJUHY2DQpkaz4gY29ubmVjdGl2aXR5IGlzc3VlcyBvdmVyIHRoZSBsYXN0IGZldyBk YXlzLg0KZGs+IA0KZGs+IEl0IHR1cm5lZCBvdXQgdGhhdCBuZXQuaW5ldDYuaWNtcDYubmQ2X29u bGlua19uc19yZmM0ODYxPTEgZml4ZWQgdGhvc2UNCmRrPiBwcm9ibGVtcy4NCg0KIFdoYXQgd2Fz IHRoZSBwcm9ibGVtIG1vcmUgc3BlY2lmaWNhbGx5Pw0KDQotLSBIaXJva2kNCg== ----Security_Multipart(Thu_Mar__5_15_56_25_2020_808)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iMgEABMKAC4WIQRsDSNTJ8+Ax5Ae/dLbsH3Gbx9zfwUCXmCimRAcaHJzQGZyZWVi c2Qub3JnAAoJENuwfcZvH3N/P3ACB2c9MQXXZ46+l60lGK6oCcFu8LpHOEZG0rcx 2sPzyaMQyF7Vdd85j7Y1+1KnXfexSKPsc26pq5Z4kV6nof5kSsjXAgdJtHQhnd9C 9J6wPDtGG7O3UVB0Or3d8OG0Vq6Iy//jfvwKj1SCTRkTAjjzN/iyGOif68VlEWdw ouKQxS0PSv80YQ== =7o5D -----END PGP SIGNATURE----- ----Security_Multipart(Thu_Mar__5_15_56_25_2020_808)---- From owner-freebsd-net@freebsd.org Thu Mar 5 12:28:08 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C8E8A26806E for ; Thu, 5 Mar 2020 12:28:08 +0000 (UTC) (envelope-from pch-b9D3CB0F5@u-1.phicoh.com) Received: from stereo.hq.phicoh.net (stereo6-tun.hq.phicoh.net [IPv6:2001:888:1044:10:2a0:c9ff:fe9f:17a9]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48Y9520rmvz46Zy for ; Thu, 5 Mar 2020 12:28:05 +0000 (UTC) (envelope-from pch-b9D3CB0F5@u-1.phicoh.com) Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305) (Smail #157) id m1j9pbX-0000F6C; Thu, 5 Mar 2020 13:27:55 +0100 Message-Id: To: freebsd-net@freebsd.org Subject: Re: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) From: Philip Homburg Sender: pch-b9D3CB0F5@u-1.phicoh.com In-reply-to: Your message of "Wed, 4 Mar 2020 21:10:09 +0100 ." <523BA6CF-C2C3-4E55-B81C-CB8816E56DDE@neveragain.de> Date: Thu, 05 Mar 2020 13:27:54 +0100 X-Rspamd-Queue-Id: 48Y9520rmvz46Zy X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of pch-b9D3CB0F5@u-1.phicoh.com has no SPF policy when checking 2001:888:1044:10:2a0:c9ff:fe9f:17a9) smtp.mailfrom=pch-b9D3CB0F5@u-1.phicoh.com X-Spamd-Result: default: False [1.66 / 15.00]; ARC_NA(0.00)[]; SUBJECT_ENDS_SPACES(0.50)[]; NEURAL_HAM_MEDIUM(-0.05)[-0.052,0]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[phicoh.com]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; NEURAL_SPAM_LONG(0.01)[0.012,0]; R_SPF_NA(0.00)[]; FORGED_SENDER(0.30)[pch-fbsd-2@u-1.phicoh.com,pch-b9D3CB0F5@u-1.phicoh.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3265, ipnet:2001:888::/32, country:NL]; FROM_NEQ_ENVFROM(0.00)[pch-fbsd-2@u-1.phicoh.com,pch-b9D3CB0F5@u-1.phicoh.com]; IP_SCORE(-0.00)[asn: 3265(-0.03), country: NL(0.03)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Mar 2020 12:28:08 -0000 In your letter dated Wed, 4 Mar 2020 21:10:09 +0100 you wrote: >This flag was introduced in a 2008 Security Advisory, because "non-neighbors" >could abuse Neighbor Discovery to potentially cause denial-of-service situatio >ns. >In my situation it caused valid Neighbor Solicitation packets from my provider > to be silently dropped, making the connection effectively unusable. In theory, the onlink status of a prefix should be announced in in router advertisements and should be consistent across all nodes on a subnet. In that sense, if this check fails then the network is misconfigured. (In the real world we can assume that many networks are misconfigured). That said, there is a specific check in processing Neighbor Discovery packets that the hop limit is equal to 255. In that sense any node that manages to send a packet with hop limit 255 is a neighbor, so I don't quite see how there could be an attack by non-neighbors. From owner-freebsd-net@freebsd.org Fri Mar 6 07:11:49 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C85BE26149B for ; Fri, 6 Mar 2020 07:11:49 +0000 (UTC) (envelope-from dk@neveragain.de) Received: from mail.neveragain.de (mail.neveragain.de [IPv6:2a03:4000:28:6cc::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48Yf1c0PtQz4XJ6; Fri, 6 Mar 2020 07:11:47 +0000 (UTC) (envelope-from dk@neveragain.de) Received: from [IPv6:2a02:908:113b:fb5c:b44d:9c3b:1d7a:bdf8] (unknown [IPv6:2a02:908:113b:fb5c:b44d:9c3b:1d7a:bdf8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.neveragain.de (Postfix) with ESMTPSA id BD3C3201C41; Fri, 6 Mar 2020 08:11:37 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=neveragain.de; s=2015-10; t=1583478697; bh=krfaDHg3FfBIkh3f04iOLGbGc9MdFv3IVfQ+wRaTQQg=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=aQ7x8VEYtgm1wv66YwkSdZG9KzRKymr9l6LKXlucSaKLczVUs04laLshdiu4R7Lv0 NEY1+nhvS6Ns6guFNXPci1hbr1f4RMoyrPl1pgwAOno7josKvWBDgRw/CXDT1Wkoeh iYJgx2oiLBAGsuJvACwN9eS+owmWtIjnH+JLr6TUJgG0L7IZX5SuLYj7gtC3dXDPmo gPsuYnZc7mf6qe1F4TXUpKh9k63R5v3qB/gwJWwM3E3M4AK1R1KRYtydci78rU8I00 K0iJ+FQRbRyO4KWs5vor4nqPj27UcPU1c1kiRbnksVeYivoHE16s7G8oMn1Px8R1MW 9aSUMTD5z+9dA== Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.60.0.2.5\)) Subject: Re: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) From: =?utf-8?Q?Dennis_K=C3=B6gel?= In-Reply-To: <20200305.155625.1199096393793640113.hrs@FreeBSD.org> Date: Fri, 6 Mar 2020 08:11:37 +0100 Cc: freebsd-net@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <23693606-3BEB-4130-96B7-1A12BA429E4A@neveragain.de> References: <523BA6CF-C2C3-4E55-B81C-CB8816E56DDE@neveragain.de> <20200305.155625.1199096393793640113.hrs@FreeBSD.org> To: Hiroki Sato X-Mailer: Apple Mail (2.3608.60.0.2.5) X-Rspamd-Queue-Id: 48Yf1c0PtQz4XJ6 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=neveragain.de header.s=2015-10 header.b=aQ7x8VEY; dmarc=pass (policy=none) header.from=neveragain.de; spf=pass (mx1.freebsd.org: domain of dk@neveragain.de designates 2a03:4000:28:6cc::25 as permitted sender) smtp.mailfrom=dk@neveragain.de X-Spamd-Result: default: False [-2.68 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[neveragain.de:s=2015-10]; NEURAL_HAM_MEDIUM(-0.75)[-0.755,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a:mail.neveragain.de]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; MV_CASE(0.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; DKIM_TRACE(0.00)[neveragain.de:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[neveragain.de,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(-0.42)[ipnet: 2a03:4000::/32(-1.51), asn: 197540(-0.57), country: DE(-0.02)]; ASN(0.00)[asn:197540, ipnet:2a03:4000::/32, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Mar 2020 07:11:49 -0000 Am 05.03.2020 um 07:56 schrieb Hiroki Sato : > dk> I=E2=80=98ve spent quite some time debugging weird intermittent = IPv6 > dk> connectivity issues over the last few days. > dk>=20 > dk> It turned out that net.inet6.icmp6.nd6_onlink_ns_rfc4861=3D1 fixed = those > dk> problems. >=20 > What was the problem more specifically? In short, the uplink's router sent Neighbor Solicitations sometimes with = a public address as source - one of its addresses that is not = specifically on the link to my host. Which, to my current understanding, = is perfectly legal. FreeBSD by default considers this address to be a "non-neighbor" and = silently drops the packet. So from the uplink router's perspective, they = tried to reach my box, to learn the link-layer address, but my box did = not respond, therefore traffic could not be forwarded to me. After a while of being unreachable, the router retries from a fe80:: = address, which works fine, of course. This cycle happened every 30-120 = minutes, probably depending on traffic levels (neighbor cache). Only after studying tcpdump and getting a hunch and turning on nd6_debug = I started to understand what's happening. tcpdump: 23:30:54.175447 IP6 2001:db8:28::3 > 2001:db8:28:6cc::22:c: ICMP6, = neighbor solicitation, who has 2001:db8:28:6cc::22:c, length 32 23:30:55.171125 IP6 2001:db8:28::3 > 2001:db8:28:6cc::22:c: ICMP6, = neighbor solicitation, who has 2001:db8:28:6cc::22:c, length 32 23:30:56.171814 IP6 2001:db8:28::3 > 2001:db8:28:6cc::22:c: ICMP6, = neighbor solicitation, who has 2001:db8:28:6cc::22:c, length 32 23:31:05.184814 IP6 fe80::22d8:b00:8cee:ff4 > ff02::1:ff22:c: ICMP6, = neighbor solicitation, who has 2001:db8:28:6cc::22:c, length 32 23:31:05.184889 IP6 fe80::6472:6eff:fe45:12e1 > fe80::22d8:b00:8cee:ff4: = ICMP6, neighbor advertisement, tgt is 2001:db8:28:6cc::22:c, length 32 Let me know if you have further questions on the setup or the effects. - D.= From owner-freebsd-net@freebsd.org Fri Mar 6 07:16:05 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 25F2426176E for ; Fri, 6 Mar 2020 07:16:05 +0000 (UTC) (envelope-from dk@neveragain.de) Received: from mail.neveragain.de (mail.neveragain.de [IPv6:2a03:4000:28:6cc::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48Yf6W0zHYz3Drn for ; Fri, 6 Mar 2020 07:16:02 +0000 (UTC) (envelope-from dk@neveragain.de) Received: from [IPv6:2a02:908:113b:fb5c:b44d:9c3b:1d7a:bdf8] (unknown [IPv6:2a02:908:113b:fb5c:b44d:9c3b:1d7a:bdf8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.neveragain.de (Postfix) with ESMTPSA id E1E69201CBA; Fri, 6 Mar 2020 08:16:00 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=neveragain.de; s=2015-10; t=1583478961; bh=zfcJuoAyHoaL6AIRSIdVVMOh0+xAbnLVe8Kp62lV19M=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=mPxwW3pn2hVPEDvK9EyN3ifSVaWpUhM2fWiw4G61bubWEJds5QbpiCvhIL1h6xGTI SgT7jQR/xPbIwwCMwGpLM9cJjOKPS7+IcdPx6bp2HmdDloUf0bDIefx6+vGXL5idyd T+0XzCKsfVSJOkuPGoNDqeCiYyGqmt7CoTCVLGZF2B5yGM6ognqGxWw5Vy9vrLOEEG MQUOuuevso9IBcFDIc152KLfz+glQ2S2gPJz5YmzEN/xATyc6o9ujQsKzup0qfzMAR nZRgZ+i7uV/TVACvL3poPqXViBjrBTlXpePttxeK7Mu/6BOjL9icSRbSUk32nJDQr/ IMkL31QD1edaQ== Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.60.0.2.5\)) Subject: Re: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) From: =?utf-8?Q?Dennis_K=C3=B6gel?= In-Reply-To: Date: Fri, 6 Mar 2020 08:16:01 +0100 Cc: freebsd-net@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <97992D2A-CE25-44DB-8441-1C2F3A43C1B2@neveragain.de> References: To: Philip Homburg X-Mailer: Apple Mail (2.3608.60.0.2.5) X-Rspamd-Queue-Id: 48Yf6W0zHYz3Drn X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=neveragain.de header.s=2015-10 header.b=mPxwW3pn; dmarc=pass (policy=none) header.from=neveragain.de; spf=pass (mx1.freebsd.org: domain of dk@neveragain.de designates 2a03:4000:28:6cc::25 as permitted sender) smtp.mailfrom=dk@neveragain.de X-Spamd-Result: default: False [-2.84 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[neveragain.de:s=2015-10]; NEURAL_HAM_MEDIUM(-0.84)[-0.842,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a:mail.neveragain.de]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[neveragain.de:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[neveragain.de,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(-0.50)[ipnet: 2a03:4000::/32(-1.88), asn: 197540(-0.59), country: DE(-0.02)]; ASN(0.00)[asn:197540, ipnet:2a03:4000::/32, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Mar 2020 07:16:05 -0000 Am 05.03.2020 um 13:27 schrieb Philip Homburg = : > In your letter dated Wed, 4 Mar 2020 21:10:09 +0100 you wrote: >> This flag was introduced in a 2008 Security Advisory, because = "non-neighbors"=20 >> could abuse Neighbor Discovery to potentially cause denial-of-service = situatio >> ns. >> In my situation it caused valid Neighbor Solicitation packets from my = provider >> to be silently dropped, making the connection effectively unusable. >=20 > In theory, the onlink status of a prefix should be announced in in=20 > router advertisements and should be consistent across all nodes on a > subnet. In that sense, if this check fails then the network is = misconfigured. Good point, and probably an indication that my provider's setup is = broken. But in terms of RFC-perspective, RAs and ND are not strictly = related, I believe - for example, prefixes might have been configured = manually (?). > That said, there is a specific check in processing Neighbor Discovery = packets > that the hop limit is equal to 255. In that sense any node that = manages to > send a packet with hop limit 255 is a neighbor, so I don't quite see = how there > could be an attack by non-neighbors. Exactly, that's where I couldn't understand the Advisory. Though it = seems to focus in router nodes, and not host nodes. - D.= From owner-freebsd-net@freebsd.org Fri Mar 6 09:20:04 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4B8AA263C12 for ; Fri, 6 Mar 2020 09:20:04 +0000 (UTC) (envelope-from pch-b9D3CB0F5@u-1.phicoh.com) Received: from stereo.hq.phicoh.net (stereo6-tun.hq.phicoh.net [IPv6:2001:888:1044:10:2a0:c9ff:fe9f:17a9]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48YhsZ2VBPz4jBS for ; Fri, 6 Mar 2020 09:20:01 +0000 (UTC) (envelope-from pch-b9D3CB0F5@u-1.phicoh.com) Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305) (Smail #157) id m1jA99C-0000MvC; Fri, 6 Mar 2020 10:19:58 +0100 Message-Id: To: freebsd-net@freebsd.org Cc: =?utf-8?Q?Dennis_K=C3=B6gel?= Subject: Re: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) From: Philip Homburg Sender: pch-b9D3CB0F5@u-1.phicoh.com References: <97992D2A-CE25-44DB-8441-1C2F3A43C1B2@neveragain.de> In-reply-to: Your message of "Fri, 6 Mar 2020 08:16:01 +0100 ." <97992D2A-CE25-44DB-8441-1C2F3A43C1B2@neveragain.de> Date: Fri, 06 Mar 2020 10:19:57 +0100 X-Rspamd-Queue-Id: 48YhsZ2VBPz4jBS X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of pch-b9D3CB0F5@u-1.phicoh.com has no SPF policy when checking 2001:888:1044:10:2a0:c9ff:fe9f:17a9) smtp.mailfrom=pch-b9D3CB0F5@u-1.phicoh.com X-Spamd-Result: default: False [0.42 / 15.00]; ARC_NA(0.00)[]; SUBJECT_ENDS_SPACES(0.50)[]; NEURAL_HAM_MEDIUM(-0.75)[-0.747,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-0.53)[-0.530,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[phicoh.com]; AUTH_NA(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[]; FORGED_SENDER(0.30)[pch-fbsd-2@u-1.phicoh.com,pch-b9D3CB0F5@u-1.phicoh.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3265, ipnet:2001:888::/32, country:NL]; FROM_NEQ_ENVFROM(0.00)[pch-fbsd-2@u-1.phicoh.com,pch-b9D3CB0F5@u-1.phicoh.com]; IP_SCORE(-0.00)[asn: 3265(-0.03), country: NL(0.03)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Mar 2020 09:20:04 -0000 > Good point, and probably an indication that my provider's setup is > broken. But in terms of RFC-perspective, RAs and ND are not strictly > related, I believe - for example, prefixes might have been configured > manually (?). Hmm, I forgot one case: NBMA (Non-broadcast multiple-access). A prefix may be marked off-link though it is actually onlink. In that case all traffic initially goes through the router. Then the router will send a redirect with the target's MAC address. So the conclusion has to be that a node has accept NS packets with a source address that is off-link. > Exactly, that's where I couldn't understand the Advisory. Though > it seems to focus in router nodes, and not host nodes. Maybe some systems do not properly separate the neighbor cache from the destination cache. Junk in the neighbor cache should not affect the destination cache. So a node may be able to claim an address that is not onlink in the neighbor cache. But the destination cache should always have the right entry so the neighbor cache entry is ignored. I can imagine that if a system confuses the two then attacks are possible.