From nobody Wed Apr 20 21:08:17 2022 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id DA22613A3A1C for ; Wed, 20 Apr 2022 21:08:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KkCv54Vvlz3KFV for ; Wed, 20 Apr 2022 21:08:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 77ABE1B422 for ; Wed, 20 Apr 2022 21:08:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 23KL8H4N008808 for ; Wed, 20 Apr 2022 21:08:17 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 23KL8HAi008807 for net@FreeBSD.org; Wed, 20 Apr 2022 21:08:17 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 263288] IPv6 system not responding to Neighbor Solicitation Date: Wed, 20 Apr 2022 21:08:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: wcarson.bugzilla@disillusion.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1650488897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bTym5Ffed8L3wjpkM8siilx98qgM9vcGe0dUPyssNZk=; b=J/kW2AOYyQtc48NdlpQnBYxOM6pjtutONNx2Q1A2ySonBi7u8AtLxhPQVqeX1oGJgmB7+L Jov936LQ/tVnompyMsMNj6JX4fa2pmTdFw4tlcQ6ilsNxONKPAmCB9TklJCqPvCjF4kahb HMMgOTWZelN1Gm7OH19FR5WRktj26U+lUlbqEVDJT8qTt+zJVvJuDBjJu+nDc5zCsjqrBD gTJ+IjK/c154SkL2v4tVRola4/bnmZK6Fo1IjumETM8zdPKosBrXs0ZwHG3X3j9JryzojL +nlFy68o/0lEPtzAyUYd8K5qJAoZQs2vesjE4gWzSx0ld1I2J+HBCk0TgRdrLg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1650488897; a=rsa-sha256; cv=none; b=p4epl66PC5lroLvtLSQ+76XVHINr/EOb9qYYe5o6C+dvJ3g7vz+O5L/K27xt3yGPj7kqmo m320Ffq2xIMgElVqIkwQUTf2yOaSrtZJwhW7CDFSBo4TgufhuUeKZEA18kEkMJ+/T1eRkg SLtKmZGuY8mE6bpnO50APNPMr7mNsda8l51Nlzd4nJsZmA9RB2LR+7AkvfPXT1d5kMGt70 QltX1H5G2HX7rFWttaDqZebAC1kqv3SqGBbEMn/XRnXxJrCrvIFddYHp/334gjUBPR+fty nbH9pezF70BBzjYm1s4ztPixwbQccCEl0wIBCpeIGrIWmzFjvs8spgOsMXSk4A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D263288 --- Comment #8 from wcarson.bugzilla@disillusion.net --- I do have these lines in my pf.conf, which have worked for the past many ye= ars and not changed. (I also double-checked by comparing to a backup from 2020.= )=20 icmp6_types=3D"{ 2, 128 }" # packet too big, echo request (ping6) # Neighbor Discovery Protocol (NDP) (types 133-137): # Router Solicitation (RS), Router Advertisement (RA) # Neighbor Solicitation (NS), Neighbor Advertisement (NA) # Route Redirection icmp6_types_ext_if=3D"{ 128, 133, 134, 135, 136, 137 }" pass in quick on $ext_if inet6 proto ipv6-icmp icmp6-type $icmp6_types = keep state pass in quick on $ext_if inet6 proto ipv6-icmp from any to { $ext_if, ff02::1/16 } icmp6-type $icmp6_types_ext_if keep state Additionally, I turned off pf completely (via /etc/rc.conf, pf_enable=3D"NO= ", and rebooted) -- no change. root@roast:~ # pfctl -d pf disabled root@roast:~ # ping6 kyoto.disillusion.net PING6(56=3D40+8+8 bytes) 2600:3c00::f03c:91ff:feb0:a56f --> 2605:6400:10:968:22:da15:28a6:c800 ^C --- kyoto.disillusion.net ping6 statistics --- 2 packets transmitted, 0 packets received, 100.0% packet loss root@roast:~ # date ; ndp -c ; ping6 -c1 -t2 fe80::1%em0 ; ndp -na ; echo ; ping6 -c1 -t2 fe80::8678:acff:fe1c:ec41%em0 ; ndp -na ; Wed Apr 20 16:05:40 CDT 2022 fe80::1%em0 (fe80::1%em0) deleted fe80::8678:acff:fe1c:ec41%em0 (fe80::8678:acff:fe1c:ec41%em0) deleted fe80::e6c7:22ff:fe10:9cc1%em0 (fe80::e6c7:22ff:fe10:9cc1%em0) deleted PING6(56=3D40+8+8 bytes) fe80::f03c:91ff:feb0:a56f%em0 --> fe80::1%em0 --- fe80::1%em0 ping6 statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss Neighbor Linklayer Address Netif Expire S F= lags 2600:3c00:e000:137::1:1 f2:3c:91:b0:a5:6f em0 permanent R fe80::1%em0 00:05:73:a0:0f:ff em0 23h59m58s S R 2600:3c00:e000:137::1 f2:3c:91:b0:a5:6f em0 permanent R 2600:3c00:e000:137::3:1 f2:3c:91:b0:a5:6f em0 permanent R 2600:3c00:e000:137::2:1 f2:3c:91:b0:a5:6f em0 permanent R 2600:3c00::f03c:91ff:feb0:a56f f2:3c:91:b0:a5:6f em0 permanent R fe80::f03c:91ff:feb0:a56f%em0 f2:3c:91:b0:a5:6f em0 permanent R 2600:3c00:e000:137:cafe:8a2e:370:7334 f2:3c:91:b0:a5:6f em0 permanent R PING6(56=3D40+8+8 bytes) fe80::f03c:91ff:feb0:a56f%em0 --> fe80::8678:acff:fe1c:ec41%em0 --- fe80::8678:acff:fe1c:ec41%em0 ping6 statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss Neighbor Linklayer Address Netif Expire S F= lags 2600:3c00:e000:137::1:1 f2:3c:91:b0:a5:6f em0 permanent R fe80::1%em0 00:05:73:a0:0f:ff em0 23h59m56s S R 2600:3c00:e000:137::1 f2:3c:91:b0:a5:6f em0 permanent R 2600:3c00:e000:137::3:1 f2:3c:91:b0:a5:6f em0 permanent R 2600:3c00:e000:137::2:1 f2:3c:91:b0:a5:6f em0 permanent R 2600:3c00::f03c:91ff:feb0:a56f f2:3c:91:b0:a5:6f em0 permanent R fe80::f03c:91ff:feb0:a56f%em0 f2:3c:91:b0:a5:6f em0 permanent R fe80::8678:acff:fe1c:ec41%em0 84:78:ac:1c:ec:41 em0 16s R R 2600:3c00:e000:137:cafe:8a2e:370:7334 f2:3c:91:b0:a5:6f em0 permanent R root@roast:~ # ping6 kyoto.disillusion.net PING6(56=3D40+8+8 bytes) 2600:3c00::f03c:91ff:feb0:a56f --> 2605:6400:10:968:22:da15:28a6:c800 ^C --- kyoto.disillusion.net ping6 statistics --- 6 packets transmitted, 0 packets received, 100.0% packet loss root@roast:~ # ping6 ipv6.google.com PING6(56=3D40+8+8 bytes) 2600:3c00::f03c:91ff:feb0:a56f --> 2607:f8b0:4023:1000::71 ^C --- ipv6.l.google.com ping6 statistics --- 5 packets transmitted, 0 packets received, 100.0% packet loss It seems it thinks there are lots of bad Neighbor Solicitation messages? Is there a way to understand why it thinks they're bad? root@roast:~ # netstat -sp icmp6 icmp6: 1717 calls to icmp6_error 0 errors not generated in response to an icmp6 message 0 errors not generated because of rate limitation Output histogram: unreach: 1717 echo: 82607 echo reply: 3 neighbor solicitation: 8200 neighbor advertisement: 1120 MLDv2 listener report: 4 0 messages with bad code fields 0 messages < minimum length 0 bad checksums 0 messages with bad length Input histogram: unreach: 1715 echo: 3 echo reply: 105 router advertisement: 485020 neighbor solicitation: 359208 neighbor advertisement: 8191 Histogram of error messages to be generated: 0 no route 0 administratively prohibited 0 beyond scope 0 address unreachable 1717 port unreachable 0 packet too big 0 time exceed transit 0 time exceed reassembly 0 erroneous header field 0 unrecognized next header 0 unrecognized option 0 redirect 0 unknown 3 message responses generated 0 messages with too many ND options 0 messages with bad ND options 357910 bad neighbor solicitation messages <----- 0 bad neighbor advertisement messages 0 bad router solicitation messages 0 bad router advertisement messages 0 bad redirect messages 0 default routers overflows 0 prefix overflows 0 neighbour entries overflows 0 redirect overflows 0 messages with invalid hop limit 0 path MTU changes --=20 You are receiving this mail because: You are the assignee for the bug.=