From owner-freebsd-bugs@freebsd.org  Thu Apr 11 09:19:45 2019
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0A862157EE16
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Thu, 11 Apr 2019 09:19:45 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 95C2285FA6
 for <freebsd-bugs@freebsd.org>; Thu, 11 Apr 2019 09:19:44 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 52DBE157EE15; Thu, 11 Apr 2019 09:19:44 +0000 (UTC)
Delivered-To: bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 415C2157EE14
 for <bugs@mailman.ysv.freebsd.org>; Thu, 11 Apr 2019 09:19:44 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.ysv.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id D1F5285FA4
 for <bugs@FreeBSD.org>; Thu, 11 Apr 2019 09:19:43 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 01504E61C
 for <bugs@FreeBSD.org>; Thu, 11 Apr 2019 09:19:43 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x3B9JgmL089618
 for <bugs@FreeBSD.org>; Thu, 11 Apr 2019 09:19:42 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x3B9Jggw089608
 for bugs@FreeBSD.org; Thu, 11 Apr 2019 09:19:42 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 237197] ipnat NAt failures
Date: Thu, 11 Apr 2019 09:19:42 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 11.2-RELEASE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: netadmin@utvault.net
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
Message-ID: <bug-237197-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2019 09:19:45 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D237197

            Bug ID: 237197
           Summary: ipnat NAt failures
           Product: Base System
           Version: 11.2-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: netadmin@utvault.net

Hello,

I am runnning VPN gateways based on openvpn / Freebsd / ipnat.

This setup worked flawlessy for years until I upgraded from Freebsd 9 to
Freebsd 11.2 or 12.0.

Without changing anything in the software setup, some connections are getti=
ng
dropped, the nat drop count is steadily increasing over time (a few hours f=
rom
reboot) and most people are complaining about speed issues .... Not good.

Hardware is the same, the only thing changed is the O.S version.

Kernel is stock kernel with the #define LARGE_NAT in the ip_nat.h.

After spending a week trying to chase ghosts, I'm quite puzzled.

--=20
You are receiving this mail because:
You are the assignee for the bug.=