From nobody Mon Jan 1 23:40:36 2024 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4T3stP2mSkz55rmv for ; Mon, 1 Jan 2024 23:40:45 +0000 (UTC) (envelope-from lexi@le-fay.org) Received: from thyme.eden.le-Fay.ORG (THYME.EDEN.LE-FAY.ORG [81.187.47.194]) by mx1.freebsd.org (Postfix) with ESMTP id 4T3stN1tJZz4cWV for ; Mon, 1 Jan 2024 23:40:44 +0000 (UTC) (envelope-from lexi@le-fay.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=le-fay.org header.s=thyme header.b="ARyjSnK/"; spf=pass (mx1.freebsd.org: domain of lexi@le-fay.org designates 81.187.47.194 as permitted sender) smtp.mailfrom=lexi@le-fay.org; dmarc=none Received: from iris.eden.le-Fay.ORG (IRIS.EDEN.LE-FAY.ORG [IPv6:2001:8b0:aab5:106::18]) by thyme.eden.le-Fay.ORG (Postfix) with ESMTP id DBDD7185 for ; Mon, 1 Jan 2024 23:40:36 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=le-fay.org; s=thyme; t=1704152436; bh=mpP+XO5TfNJdERWYyDjcV6JUkHcJRc/F5D/NpQ68VnY=; h=Date:From:To:Subject; b=ARyjSnK/lnlrTTkiS2mzo68NPfl5Wg9Lw8wvjYWOuuXGhPDe6g2mVGpshpG3Bzr9l 0CAn1G4DsdlMFsW5q8BWalxC/3CU2bRwdqCyvT1OERowTQ/jA6HpuhCDAGNuSBSsfd pRinkn9n/lA9V0RxovRLRC9CjY7USzLiSM0F5tzY= Received: from ilythia.eden.le-fay.org (ILYTHIA.EDEN.LE-FAY.ORG [IPv6:2001:8b0:aab5:104:3::101]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by iris.eden.le-Fay.ORG (Postfix) with ESMTPSA id C2C1110015 for ; Mon, 1 Jan 2024 23:40:36 +0000 (GMT) Date: Mon, 1 Jan 2024 23:40:36 +0000 From: Lexi Winter To: freebsd-current@freebsd.org Subject: bridge(4) and IPv6 broken? Message-ID: List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="KOhs/Fnhyb9mSIqR" Content-Disposition: inline X-Spamd-Result: default: False [-4.46 / 15.00]; SIGNED_PGP(-2.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.96)[-0.965]; R_SPF_ALLOW(-0.20)[+ip4:81.187.47.194]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; R_DKIM_ALLOW(-0.20)[le-fay.org:s=thyme]; RCVD_NO_TLS_LAST(0.10)[]; ASN(0.00)[asn:20712, ipnet:81.187.0.0/16, country:GB]; DMARC_NA(0.00)[le-fay.org]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROMTLD(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; DKIM_TRACE(0.00)[le-fay.org:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_NONE(0.00)[le-fay.org:dkim] X-Rspamd-Queue-Id: 4T3stN1tJZz4cWV X-Spamd-Bar: ---- --KOhs/Fnhyb9mSIqR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable hello, i'm having an issue with bridge(4) and IPv6, with a configuration which=20 is essentially identical to a working system running releng/14.0. ifconfig: lo0: flags=3D1008049 metric 0 mtu 1= 6384 options=3D680003 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 groups: lo nd6 options=3D21 pflog0: flags=3D1000141 metric 0 mtu 33152 options=3D0 groups: pflog alc0: flags=3D1008943 metric 0 mtu 1500 options=3Dc3098 ether 30:9c:23:a8:89:a0 inet6 fe80::329c:23ff:fea8:89a0%alc0 prefixlen 64 scopeid 0x3 media: Ethernet autoselect (1000baseT ) status: active nd6 options=3D1 wg0: flags=3D10080c1 metric 0 mtu 1420 options=3D80000 inet 172.16.145.21 netmask 0xffffffff inet6 fd00:0:1337:cafe:1111:1111:829a:595e prefixlen 128 groups: wg tunnelfib: 1 nd6 options=3D101 bridge0: flags=3D1008843 m= etric 0 mtu 1500 options=3D0 ether 58:9c:fc:10:ff:b6 inet 10.1.4.101 netmask 0xffffff00 broadcast 10.1.4.255 inet6 2001:8b0:aab5:104:3::101 prefixlen 64 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: tap0 flags=3D143 ifmaxaddr 0 port 6 priority 128 path cost 2000000 member: alc0 flags=3D143 ifmaxaddr 0 port 3 priority 128 path cost 55 groups: bridge nd6 options=3D1 tap0: flags=3D9903 metric 0 m= tu 1500 options=3D80000 ether 58:9c:fc:10:ff:89 groups: tap media: Ethernet 1000baseT status: no carrier nd6 options=3D29 the issue is that the bridge doesn't seem to respond to IPv6 ICMP Neighbour Solicitation. for example, while running ping, tcpdump shows this: 23:30:16.567071 58:9c:fc:10:ff:b6 > 1e:ab:48:c1:f6:62, ethertype IPv6 (0x86= dd), length 70: 2001:8b0:aab5:104:3::101 > 2001:8b0:aab5:106::12: ICMP6, ec= ho request, id 34603, seq 13, length 16 23:30:16.634860 1e:ab:48:c1:f6:62 > 33:33:ff:00:01:01, ethertype IPv6 (0x86= dd), length 86: fe80::1cab:48ff:fec1:f662 > ff02::1:ff00:101: ICMP6, neighb= or solicitation, who has 2001:8b0:aab5:104:3::101, length 32 23:30:17.567080 58:9c:fc:10:ff:b6 > 1e:ab:48:c1:f6:62, ethertype IPv6 (0x86= dd), length 70: 2001:8b0:aab5:104:3::101 > 2001:8b0:aab5:106::12: ICMP6, ec= ho request, id 34603, seq 14, length 16 23:30:17.674842 1e:ab:48:c1:f6:62 > 33:33:ff:00:01:01, ethertype IPv6 (0x86= dd), length 86: fe80::1cab:48ff:fec1:f662 > ff02::1:ff00:101: ICMP6, neighb= or solicitation, who has 2001:8b0:aab5:104:3::101, length 32 23:30:17.936956 1e:ab:48:c1:f6:62 > 33:33:00:00:00:01, ethertype IPv6 (0x86= dd), length 166: fe80::1cab:48ff:fec1:f662 > ff02::1: ICMP6, router adverti= sement, length 112 23:30:18.567093 58:9c:fc:10:ff:b6 > 1e:ab:48:c1:f6:62, ethertype IPv6 (0x86= dd), length 70: 2001:8b0:aab5:104:3::101 > 2001:8b0:aab5:106::12: ICMP6, ec= ho request, id 34603, seq 15, length 16 23:30:19.567104 58:9c:fc:10:ff:b6 > 1e:ab:48:c1:f6:62, ethertype IPv6 (0x86= dd), length 70: 2001:8b0:aab5:104:3::101 > 2001:8b0:aab5:106::12: ICMP6, ec= ho request, id 34603, seq 16, length 16 23:30:19.567529 1e:ab:48:c1:f6:62 > 33:33:ff:00:01:01, ethertype IPv6 (0x86= dd), length 86: fe80::1cab:48ff:fec1:f662 > ff02::1:ff00:101: ICMP6, neighb= or solicitation, who has 2001:8b0:aab5:104:3::101, length 32 fe80::1cab:48ff:fec1:f662 is the subnet router; it's sending solicitations but FreeBSD doesn't send a response, if i remove alc0 from the bridge and configure the IPv6 address directly on alc0 instead, everything works fine. i'm testing without any packet filter (ipfw/pf) in the kernel. it's possible i'm missing something obvious here; does anyone have an idea? kernel is: FreeBSD ilythia.eden.le-fay.org 15.0-CURRENT FreeBSD 15.0-CURRENT #3 main-n267318-1b8d70b2eb71: Sat Dec 30 11:36:42 GMT 2023 lexi@ilythia.eden.le-fay.org:/src/main/sys/amd64/compile/ILYTHIA amd64 thanks, lexi. --KOhs/Fnhyb9mSIqR Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCAAdFiEEuwt6MaPcv/+Mo+ftDHqbqZ41x5kFAmWTTXEACgkQDHqbqZ41 x5lH7wwAkwFAL1vtBMwdVWK2mR5UoMuXpIohHxhkZn5h+va+YPgWyUtYVnsf60Vn m+D4fuGqM1UPTAJvZzzZWSU92B4X4gOrsyWamTh5G3wXsu5NYmlmTjXSixLgogS3 onsICLUj4BO1mwTqcwSSQoPtVNtktGNnIxSnALCpo5yCC4dCxQXqIet1JZrM3T// 75t+5GgzxIxUdB9WRKqWYJg+Lba8Fz7UMKirkwkKZcqraGHmtMHELVsoiFmonb0a E3JbZLK0v23g5qCKKaVEUp/WY+N1uXpwqc76o/yi9gTyYpFA/LrPhYXwVrVac+lk riKTPiTSx4HBCCHPoy+CUMGtyVuTfbZyGKR3I/8Pt3ePDeibZQO34V9sjVEnNesg 4kN31JPs8JpdCx3uf46G/FGHfAPOq6WdMfwvkDqtm7yMZB2Io6CbzOxpXweIbPCt qDbjRJldwRp+cT7sW2pM16gBgcd38oCEaJ+FdkTxeexIKZXvJ174RF9/l4NuPcug VVtjc/sl =yhHT -----END PGP SIGNATURE----- --KOhs/Fnhyb9mSIqR--