Date: Fri, 18 Jan 2019 09:57:43 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 234207] VRRP packets generate "ipfw: pullup failed" Message-ID: <bug-234207-7501-O2UdevrAt5@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-234207-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-234207-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234207 --- Comment #6 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Fri Jan 18 09:57:04 UTC 2019 New revision: 343142 URL: https://svnweb.freebsd.org/changeset/base/343142 Log: MFC 342925: Relax requirement to packet size of CARP protocol and remove version check. CARP shares protocol number 112 with VRRP (RFC 5798). And the size of VRRP packet may be smaller than CARP. ipfw_chk() does m_pullup() to at least sizeof(struct carp_header) and can fail when packet is VRRP. This leads to packet drop and message about failed pullup attempt. Also, RFC 5798 defines version 3 of VRRP protocol, this version number also unsupported by CARP and such check leads to packet drop. carp_input() does its own checks for protocol version and packet size, so we can remove these checks to be able pass VRRP packets. PR: 234207 Changes: _U stable/11/ stable/11/sys/netpfil/ipfw/ip_fw2.c -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-234207-7501-O2UdevrAt5>