From owner-freebsd-net@freebsd.org  Wed Aug 17 10:31:44 2016
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 13927BBC79D
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Wed, 17 Aug 2016 10:31:44 +0000 (UTC)
 (envelope-from mail@m.jwh.me.uk)
Received: from mail.zorins.co.uk (mail.zorins.co.uk [91.121.236.227])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id D97491CF0
 for <freebsd-net@freebsd.org>; Wed, 17 Aug 2016 10:31:43 +0000 (UTC)
 (envelope-from mail@m.jwh.me.uk)
Received: from jwhlaptop (unknown [185.100.249.0])
 (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 (Authenticated sender: mail@m.jwh.me.uk)
 by mail.zorins.co.uk (Postfix) with ESMTPSA id 3sDlgq2tTszFTxZ
 for <freebsd-net@freebsd.org>; Wed, 17 Aug 2016 10:23:51 +0000 (UTC)
From: <mail+lists@m.jwh.me.uk>
Sender: "Joe Holden" <mail@m.jwh.me.uk>
To: <freebsd-net@freebsd.org>
Subject: PF weirdness
Date: Wed, 17 Aug 2016 11:24:05 +0100
Message-ID: <028b01d1f871$7b9af200$72d0d600$@m.jwh.me.uk>
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdH4cLcgqQp5VOS0R8qOrDQXDIvkcQ==
Content-Language: en-gb
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Aug 2016 10:31:44 -0000

Hi all,

Ok so, I have an ERL that just does PPPoE and NAT via PF, however it seems
to be modifying the packets passing through the nat filter such that
traceroutes end up like this:

C:\Users\jwh>tracert -d -w 1 8.8.8.8

Tracing route to 8.8.8.8 over a maximum of 30 hops

  1     5 ms     1 ms     1 ms  172.21.88.254
  2    47 ms    40 ms    39 ms  8.8.8.8
  3    40 ms     *       39 ms  8.8.8.8
  4    37 ms    25 ms    67 ms  8.8.8.8

[root@lxc1 ~]# traceroute -In 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  172.21.88.254  0.485 ms  0.387 ms  0.483 ms
 2  8.8.8.8  24.288 ms  24.301 ms  24.244 ms
 3  8.8.8.8  24.870 ms  24.821 ms  25.036 ms
 4  8.8.8.8  25.282 ms  25.646 ms  25.777 ms

It also affects any packets originating from the router itself, and the same
appears on UDP traceroutes.

Nothing looks out of the ordinary on the wire, but as soon as I run pfctl -d
it behaves normally, any ideas?

root@r1:~ # uname -a
FreeBSD r1.internethq 10.3-STABLE FreeBSD 10.3-STABLE #13 r303656M: Fri Aug
12 11:22:59 BST 2016     root@warez:/usr/obj/mips.mips64/usr/src/sys/ERL
mips

root@r1:~ # cat /etc/pf.conf
set skip on lo

nat on ng0 from any to any -> (ng0)

root@r1:~ # cat /etc/sysctl.conf
net.inet.ip.forwarding=1
net.inet.ip.fastforwarding=1
net.inet6.ip6.forwarding=1
net.inet.icmp.reply_from_interface=1