From owner-freebsd-stable@FreeBSD.ORG Fri Jul 11 01:45:16 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E2E592C5 for ; Fri, 11 Jul 2014 01:45:16 +0000 (UTC) Received: from isis.morrow.me.uk (isis.morrow.me.uk [204.109.63.142]) by mx1.freebsd.org (Postfix) with ESMTP id BA1AE2DC3 for ; Fri, 11 Jul 2014 01:45:16 +0000 (UTC) Received: from anubis.morrow.me.uk (host86-182-14-79.range86-182.btcentralplus.com [86.182.14.79]) (Authenticated sender: mauzo) by isis.morrow.me.uk (Postfix) with ESMTPSA id AA20845038; Fri, 11 Jul 2014 01:45:07 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.8.3 isis.morrow.me.uk AA20845038 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=morrow.me.uk; s=dkim201101; t=1405043109; bh=UcAyuDMKiEHLCQEk5FZXt73BuG5T6TleRONLbqduPGM=; h=Date:From:To:Subject:References:In-Reply-To; b=ZYvC4lz8OSm8XngAJadpdZeNyyMHGLU03S7BqQwyyIOeol5aFDK1FM1JcJCOJZDeM k+ug1eEcMaDIyljYZK39FnLFnzi3nmGd2S2cyoCKW0L6HOP/mL2s0jJLPJVPH6p0+0 gzExJ71TpbXsSORlvmZB7tj8ikgtZs6Ix5W6c2c8= X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.98.1 at isis.morrow.me.uk Received: by anubis.morrow.me.uk (Postfix, from userid 5001) id 3FE17146D9; Fri, 11 Jul 2014 02:45:03 +0100 (BST) Date: Fri, 11 Jul 2014 02:45:03 +0100 From: Ben Morrow To: galu@packetdam.com, freebsd-stable@freebsd.org Subject: Re: Weird ISR accounting in 10-STABLE Message-ID: <20140711014459.GA79102@anubis.morrow.me.uk> Mail-Followup-To: galu@packetdam.com, freebsd-stable@freebsd.org References: <201407091402.23537.jhb@freebsd.org> <201407101430.52616.jhb@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Newsgroups: gmane.os.freebsd.stable User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2014 01:45:17 -0000 Quoth Vlad Galu : > On Thu, Jul 10, 2014 at 9:56 PM, Vlad Galu wrote: > > > > Good catch, why didn't I think of that earlier! I can see a lot of IPv6 > > traffic that I can't really explain. Since I was running pf with synproxy I > > disabled pf altogether, but that did not improve things. Here is a snapshot > > (source IP address edited): > > > > -- cut here -- > > 22:52:40.195950 IP6 A:B:C:D:E::1000.62571 > ::10.31.31.153.12132: Flags The second address here is an 'IPv4-compatible IPv6 address', which are not these days considered to be useful. See RFC 4291 section 2.5.5.1. I suspect the process which owns A:B:C:D:E::1000.62571 is playing silly games of some sort; possibly it's making Linux-based assumptions about the behaviour of dual-stack hosts which don't apply on BSD. > It was a routing loop! I kept seeing lots of identical SYN packets. I > somehow ended up with this v6 table entry: > -- cut here -- > Routing tables > > Internet6: > > Destination Gateway Flags > Netif Expire > > ::/96 ::1 UGRS > lo0 This is a correct route, and will not cause a routing loop. It's also *not* the same as the IPv6 loopback route (as someone else said); that route looks like ::1 link#2 UH lo0 and should also be present (the link number might be different, obviously). The 'R' flag means 'reject': because these addresses are not useful, there should be a routing table entry to ensure packets addressed to them get thrown away rather than sent out on the wire. You need to find out why they are being generated in the first place. Ben