From owner-freebsd-net@freebsd.org Thu Jan 14 19:34:41 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3C6D64EBDCE for ; Thu, 14 Jan 2021 19:34:41 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DGvdr2Yl9z4qJw for ; Thu, 14 Jan 2021 19:34:40 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 10EJYUk1048934 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 14 Jan 2021 11:34:30 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 10EJYTsV048933; Thu, 14 Jan 2021 11:34:29 -0800 (PST) (envelope-from jmg) Date: Thu, 14 Jan 2021 11:34:29 -0800 From: John-Mark Gurney To: "Andrey V. Elsukov" , Lutz Donnerhacke , freebsd-net@freebsd.org, Hans Petter Selasky Subject: Re: FreeBSD does not reply to IPv6 Neighbor Solicitations Message-ID: <20210114193429.GT31099@funkthat.com> Mail-Followup-To: "Andrey V. Elsukov" , Lutz Donnerhacke , freebsd-net@freebsd.org, Hans Petter Selasky References: <20210105031528.GA91534@admin.sibptus.ru> <00a101d6e33b$96edf0c0$c4c9d240$@donnerhacke.de> <20210105104650.GA7688@admin.sibptus.ru> <00b601d6e35a$115a4a20$340ede60$@donnerhacke.de> <20210112022525.GN31099@funkthat.com> <95be49e2-56cc-cf3f-3515-8f13f14ddbad@yandex.ru> <20210112213707.GP31099@funkthat.com> <065eaff7-35bd-0cd3-f68f-849be2178574@yandex.ru> <20210114015917.GR31099@funkthat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210114015917.GR31099@funkthat.com> X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Thu, 14 Jan 2021 11:34:30 -0800 (PST) X-Rspamd-Queue-Id: 4DGvdr2Yl9z4qJw X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of jmg@gold.funkthat.com has no SPF policy when checking 208.87.223.18) smtp.mailfrom=jmg@gold.funkthat.com X-Spamd-Result: default: False [-1.80 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[jmg]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[funkthat.com]; RBL_DBL_DONT_QUERY_IPS(0.00)[208.87.223.18:from]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[208.87.223.18:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FREEMAIL_TO(0.00)[yandex.ru,donnerhacke.de,freebsd.org,selasky.org]; FORGED_SENDER(0.30)[jmg@funkthat.com,jmg@gold.funkthat.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US]; FROM_NEQ_ENVFROM(0.00)[jmg@funkthat.com,jmg@gold.funkthat.com]; MAILMAN_DEST(0.00)[freebsd-net]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jan 2021 19:34:41 -0000 John-Mark Gurney wrote this message on Wed, Jan 13, 2021 at 17:59 -0800: > Andrey V. Elsukov wrote this message on Wed, Jan 13, 2021 at 11:42 +0300: > > On 13.01.2021 00:37, John-Mark Gurney wrote: > > >> when this will happen again, it would be nice to make sure that NS > > >> packets hit the IP stack. E.g. with attached dtrace script. > > > > > > Ok, I ran the dtrace script when I reproduced the problem, and it did > > > not produce any output. > > > > > > These are effectively what the script does: > > > 9) configure inet6 addresses on ure and bge (duplicating the addresses > > > already configured) > > > > Does it mean that you just reconfigure address without removing it? It > > looks like the problem, that was discussed here > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233535 > > Yeah, I guess it is the same... > > > > bge0: > > > inet6 fe80::12e7:c6ff:fexx:xxxx%bge0 scopeid 0x2 > > > mldv2 flags=2 rv 2 qi 125 qri 10 uri 3 > > > group ff01::1%bge0 scopeid 0x2 mode exclude > > > mcast-macaddr 33:33:00:00:00:01 > > > group ff02::1%bge0 scopeid 0x2 mode exclude > > > mcast-macaddr 33:33:00:00:00:01 > > > group ff02::1:ffxx:xxxx%bge0 scopeid 0x2 mode exclude > > > mcast-macaddr 33:33:ff:xx:xx:xx > > > > > > so, I made things works, and ran ifmcstat again, and this time it has > > > an additional group in the output: > > > [...] > > > bge0: > > > inet6 fe80::12e7:c6ff:fexx:xxxx%bge0 scopeid 0x2 > > > mldv2 flags=2 rv 2 qi 125 qri 10 uri 3 > > > group ff02::1:ff00:c43c%bge0 scopeid 0x2 mode exclude > > > mcast-macaddr 33:33:ff:00:c4:3c > > > group ff01::1%bge0 scopeid 0x2 mode exclude > > > mcast-macaddr 33:33:00:00:00:01 > > > group ff02::1%bge0 scopeid 0x2 mode exclude > > > mcast-macaddr 33:33:00:00:00:01 > > > group ff02::1:ffxx:xxxx%bge0 scopeid 0x2 mode exclude > > > mcast-macaddr 33:33:ff:xx:xx:xx > > > > > > and the tcpdump output: > > > 21:10:53.938655 IP6 fc00:b5d:41c:7e37::7e37 > ff02::1:ff00:c43c: ICMP6, neighbor solicitation, who has fc00:b5d:41c:7e37::c43c, length 32 > > > 21:10:55.001428 IP6 fc00:b5d:41c:7e37::7e37 > ff02::1:ff00:c43c: ICMP6, neighbor solicitation, who has fc00:b5d:41c:7e37::c43c, length 32 > > > > Since ff02::1:ff00:c43c%bge0 is not configured in first case, IP stack > > just ignores NS messages and they don't hit ND6 code. > > > > In the PR 233535 the problem was reproducible with MLDv1, so if you > > disable MLDv2 will it work (to reduce possible scope of problematic code)? > > > > net.inet6.mld.v2enable=0 > > I just tested this, and it does not fix the problem for me. > > Do I need to reboot or something? If I set it to 0, the bug > still appears, and also the ifmcstat has the line: > mldv2 flags=2 rv 2 qi 125 qri 10 uri 3 > > is there something else that needs to be done to disable mldv2? I was able to reproduce using epair on a single system. It did take a few runs of the test before it failed, but it was able to fail. So, to reproduce, on a -current system (mine is main-c255640-gc38e59ce1b0), do: ifconfig epair0 create sh ipv6.failure.sh init epair0a epair0b sh ipv6.failure.sh run epair0a epair0b sh ipv6.failure.sh run epair0a epair0b sh ipv6.failure.sh run epair0a epair0b sh ipv6.failure.sh run epair0a epair0b In my case, it failed on the fourth try, but it does appear to be inconsistent, as a fifth run worked, but then the sixth run failed again, and additional runs worked... If you want to see the live tcpdump, you can run the following commands in a coupld different windows: jexec testjail tcpdump -n -p -i epair0a and: jexec checkjail tcpdump -n -p -i epair0b uname -a: FreeBSD test 13.0-CURRENT FreeBSD 13.0-CURRENT #7 main-c255640-gc38e59ce1b0: Sat Jan 9 01:55:25 UTC 2021 root@test:/usr/obj/usr/src.git/amd64.amd64/sys/GENERIC amd64 and the cpu: CPU: AMD PRO A10-8770E R7, 10 COMPUTE CORES 4C+6G (2794.80-MHz K8-class CPU) -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."