Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 25 Sep 2019 15:24:38 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 240819] PF scrub drop UDP Fragment
Message-ID:  <bug-240819-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D240819

            Bug ID: 240819
           Summary: PF scrub drop UDP Fragment
           Product: Base System
           Version: 12.0-STABLE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: fabrice.bruel@orange.com

Hello,

I've notice a problem with scrub and UDP packet on FreeBSD 12STABLE

Version :
# uname -a
FreeBSD R640-4 12.0-STABLE FreeBSD 12.0-STABLE #1 r348036M: Tue May 21 10:5=
8:21
CEST 2019=20=20=20=20
root@PFWALL-GEN2:/usr/obj/PFWALL.amd64/usr/local/PFWall/FreeBSD/src/amd64.a=
md64/sys/PFWALL-AMD64
 amd64

Describe :

If PF is activated with this scrub option :

scrub out all random-id
scrub all fragment reassemble

UDP fragment doesn't cross PF. removing this 2 line solve the issue.

Incoming packet seems to be "bad" in tcpdump :

# tcpdump -n -i bxe3 udp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bxe3, link-type EN10MB (Ethernet), capture size 262144 bytes
16:23:13.231094 IP 10.2.0.22.2798 > 10.2.0.221.0: UDP, bad length 1420 > 13=
92
16:23:13.231116 IP 10.2.0.22 > 10.2.0.221: ip-proto-17
16:23:14.292550 IP 10.2.0.22.2799 > 10.2.0.221.0: UDP, bad length 1420 > 13=
92
16:23:14.292572 IP 10.2.0.22 > 10.2.0.221: ip-proto-17
16:23:15.354955 IP 10.2.0.22.2800 > 10.2.0.221.0: UDP, bad length 1420 > 13=
92

Note that's the MTU of the egress interface (bxe3 here) is 1500 :
# ifconfig bxe3
bxe3: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
=20=20=20=20=20=20=20
options=3D522ba<TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO6,W=
OL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO>

I've tried to remove tso, rxcsum,tso, with no result. Maybe it's more a IP
issue ?


How to reproduce :=20

# hping -2 -m 1400 -d 1420  ip_target

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-240819-227>