Date: Fri, 20 Sep 2024 10:02:53 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 280648] Traffic leak between fibs Message-ID: <bug-280648-7501-XUdfPsKIBZ@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-280648-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-280648-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280648 --- Comment #20 from Egor <banezmesm@gmail.com> --- I managed to run bird in non standart fib and at this time there wasn't lea= ked routes in routing table but it didn't change traffic behavior. I still had SYN-ACK drops in packet filter and i didn't see SYN packets on outgoing interface. 09:20:24.123696 rule 5/0(match): pass in on mce0.1280: 172.16.179.42.51806 > 172.16.188.194.22: Flags [S], seq 2399537834, win 64240, options [mss 1460,[|tcp]> 09:20:24.123742 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535, options [mss 1460,[|tcp]> 09:20:25.130047 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535, options [mss 1460,[|tcp]> 09:20:27.330596 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535, options [mss 1460,[|tcp]> 09:20:31.531341 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535, options [mss 1460,[|tcp]> test-fw01:~$ sudo birdc "show route table all" | grep 172.16.188 -A 3 172.16.188.192/26 unicast [bgp18 09:19:04.118] * (100) [AS4231000004i] via 192.168.255.114 on mce1.3101 unicast [bgp17 09:19:04.225] (100) [AS4231000004i] via 192.168.255.112 on mce0.3101 test-fw01:~$ netstat -nrF 1 | grep 172.16.188.192 172.16.188.192/26 192.168.255.114 UG1 mce1.310 test-fw01:~$ sudo tcpdump -nli mce0.3101 host 172.16.179.42 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on mce0.3101, link-type EN10MB (Ethernet), capture size 262144 by= tes 09:59:40.753971 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackO= K,TS val 738593035 ecr 3656452229], length 0 09:59:41.748887 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackO= K,TS val 738594032 ecr 3656452229], length 0 09:59:41.755927 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackO= K,TS val 738594032 ecr 3656453231], length 0 09:59:42.779932 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackO= K,TS val 738595063 ecr 3656454255], length 0 09:59:43.788132 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackO= K,TS val 738596071 ecr 3656454255], length 0 09:59:43.803928 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq 3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackO= K,TS val 738596083 ecr --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280648-7501-XUdfPsKIBZ>