From owner-freebsd-net@FreeBSD.ORG Thu Mar 7 17:07:51 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 429C78F5; Thu, 7 Mar 2013 17:07:51 +0000 (UTC) (envelope-from ncrogers@gmail.com) Received: from mail-ee0-f49.google.com (mail-ee0-f49.google.com [74.125.83.49]) by mx1.freebsd.org (Postfix) with ESMTP id 8CC1B7A3; Thu, 7 Mar 2013 17:07:49 +0000 (UTC) Received: by mail-ee0-f49.google.com with SMTP id d41so529474eek.36 for ; Thu, 07 Mar 2013 09:07:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=t/FA6a5iw9i48jJqavMhUnLC7Qp6NR1n6q27Ku9YD+U=; b=TIfQPfStDVHYmIx8wi9sebwkCrKJgTWTP8I0H+G7sUjiwkVFO35OVewTU5y1MCuEZC yT1HaL3y1e/Cr2AaOCtGv91rz63hAmgJzAdamCg8N4XvSQ8mZC/hiRurIl1ZVxgCeP5J qX6kLsTiBRmo5U3qRwfmXlPHMV2DV8Sy/U4TnBDcX1CgkCJ3htHBi/XmLLz8w4M49grS 5LQKmZDU+iL1I1LBEVy+7BjKNS8J/nQHmS2RrmECAwBOEWHzychjr0bpjWumJQsxDFrp OoG0WvCAKXWQmBmCxeowJkQl/sscP2eaXm4rFtQemcLpZfBqDvvkQOZkNTBlfksctsXq gxFQ== MIME-Version: 1.0 X-Received: by 10.195.12.133 with SMTP id eq5mr55608632wjd.52.1362676063291; Thu, 07 Mar 2013 09:07:43 -0800 (PST) Received: by 10.194.110.195 with HTTP; Thu, 7 Mar 2013 09:07:43 -0800 (PST) In-Reply-To: <5136FD71.6000408@freebsd.org> References: <5136FD71.6000408@freebsd.org> Date: Thu, 7 Mar 2013 09:07:43 -0800 Message-ID: Subject: Re: Default route changes unexpectedly From: Nick Rogers To: Andre Oppermann Content-Type: text/plain; charset=ISO-8859-1 Cc: "freebsd-net@freebsd.org" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Mar 2013 17:07:51 -0000 On Wed, Mar 6, 2013 at 12:25 AM, Andre Oppermann wrote: > On 05.03.2013 18:39, Nick Rogers wrote: >> >> Hello, >> >> I am attempting to create awareness of a serious issue affecting users >> of FreeBSD 9.x and PF. There appears to be a bug that allows the >> kernel's routing table to be corrupted by traffic routing through the >> system. Under heavy traffic load, the default route can seemingly >> randomly change to an IP address that is not directly connected to the >> network (i.e., is not configured anywhere). Dhclient is not in the >> mix, nor is routed, bgpd, etc. Running `route monitor` shows no >> evidence of the change in the default route. The one commonality >> between all the systems experiencing this problem seems to be the use >> of PF. >> >> Obviously this is a serious problem as it causes all Internet-bound >> traffic to stop routing until the default route is corrected. Some >> users, including myself, are working around this problem by installing >> a script that runs multiple times a second to check if the default >> route is incorrect and fixing it if necessary, which mitigates the >> amount of downtime caused by the bug. > > > Can you describe your traffic forwarding setup in more detail? > Is it only pf, or do you run netgraph, or other things as well? > Do you use flow routing? I use PF for NAT, filtering, and rdr rules. ALTQ for bandwidth management. I do not use netgraph. I use vlans. PF redirects to squid as a transproxy. I'm not familiar with flow routing so unless its enabled in 9.1 by default I do not use it. > > How frequent does this happen? Every other day during periods of heavier Internet-bound traffic. > > I'm trying to create a stack graph to see which parts of the network > stack are involved in handling your packet. > > -- > Andre > >> Please refer to these past posts for more examples and evidence of >> other users experiencing this problem: >> >> http://forums.freebsd.org/showthread.php?p=211610#post211610 >> >> >> http://freebsd.1045724.n5.nabble.com/Default-route-quot-random-quot-gateway-modification-bug-td5750820.html >> >> http://lists.freebsd.org/pipermail/freebsd-net/2012-March/031879.html >> >> http://lists.freebsd.org/pipermail/freebsd-ipfw/2010-September/004361.html >> >> There is also a PR that was incorrectly labeled as an IPFW issue. >> Myself and others believe this issue is not restricted to the use of >> IPFW and that the PR should be relabeled. I am inclined to think it is >> strictly a PF issue since I am not using IPFW, however there is >> evidence of the default route changing on people using IPFW for past >> versions of FreeBSD (7.x/8.x), so perhaps this is related. >> >> http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/174749 >> >> Another PR for the same problem but specific to IPFW and 8.2-RELEASE >> >> http://www.freebsd.org/cgi/query-pr.cgi?pr=157796 >> >> I am hoping someone reading this can give the problem the attention it >> deserves. Thank you. >> >> -Nick >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> >