From owner-freebsd-net@FreeBSD.ORG Tue Jan 3 19:07:12 2012 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9059D1065670; Tue, 3 Jan 2012 19:07:12 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper-int.allbsd.org [IPv6:2001:2f0:104:e002::2]) by mx1.freebsd.org (Postfix) with ESMTP id EA8568FC1E; Tue, 3 Jan 2012 19:07:11 +0000 (UTC) Received: from alph.allbsd.org ([IPv6:2001:2f0:104:e010:862b:2bff:febc:8956]) (authenticated bits=128) by mail.allbsd.org (8.14.4/8.14.4) with ESMTP id q03J6wqS049780; Wed, 4 Jan 2012 04:07:08 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0) by alph.allbsd.org (8.14.4/8.14.4) with ESMTP id q03J6tTY082722; Wed, 4 Jan 2012 04:06:57 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Wed, 04 Jan 2012 04:06:11 +0900 (JST) Message-Id: <20120104.040611.1847309275485655567.hrs@allbsd.org> To: dougb@FreeBSD.org From: Hiroki Sato In-Reply-To: <20DC0C8A-DD9E-408E-9ACA-82532DB31871@lists.zabbadoz.net> <4F027BC0.1080101@FreeBSD.org> References: <20120103152909.GA83706@sandvine.com> <6FE9FF15-487F-4A31-AEE0-A0AD92F5DC72@sarenet.es> <20DC0C8A-DD9E-408E-9ACA-82532DB31871@lists.zabbadoz.net> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.3.51 on Emacs 23.3 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Wed_Jan__4_04_06_11_2012_717)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (mail.allbsd.org [IPv6:2001:2f0:104:e001::32]); Wed, 04 Jan 2012 04:07:09 +0900 (JST) X-Spam-Status: No, score=-104.6 required=13.0 tests=BAYES_00, CONTENT_TYPE_PRESENT, RDNS_NONE, SPF_SOFTFAIL, USER_IN_WHITELIST autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on gatekeeper.allbsd.org Cc: ndenev@gmail.com, emaste@FreeBSD.org, borjam@sarenet.es, freebsd-net@FreeBSD.org Subject: Re: openbgpds not talking each other since 8.2-STABLE upgrade X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jan 2012 19:07:12 -0000 ----Security_Multipart(Wed_Jan__4_04_06_11_2012_717)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Doug Barton wrote in <4F027BC0.1080101@FreeBSD.org>: do> We have a pair of physical FreeBSD systems configured as routers do> designed to operate in an active/standby CARP configuration. Everything do> used to work fine, but since an upgrade to 8.2-STABLE on December 29th do> the two routers don't speak BGP to each other anymore. They both do> function fine individually, and failover works. It is only the openbgpd do> communication between them that's not flowing. Doug, does your kernel have TCP_SIGNATURE option? The patch[*] for net/openbgpd can be used as a workaround if it was due to TCP_MD5SIG option on the listening sockets. [*] http://people.allbsd.org/~hrs/FreeBSD/openbgpd.20120104-1.diff While this is an ugly hack and I will investigate more reasonable solution for that, I want to narrow down the cause first. Can anyone who are using a 8-STABLE kenrel with TCP_SIGNATURE let me know if this works or not? -- Hiroki ----Security_Multipart(Wed_Jan__4_04_06_11_2012_717)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iEYEABECAAYFAk8DUaMACgkQTyzT2CeTzy0giACfSkwnqscci6nP71yC7Jwi+QHa BVYAoKl5IiyjZW96saGtXe2OM2RFuUKm =P7eV -----END PGP SIGNATURE----- ----Security_Multipart(Wed_Jan__4_04_06_11_2012_717)----