From owner-freebsd-bugs@freebsd.org Sat Mar 28 19:16:35 2020 Return-Path: Delivered-To: freebsd-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0529D2630A8 for ; Sat, 28 Mar 2020 19:16:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 48qT3k0tTvz4D0Z for ; Sat, 28 Mar 2020 19:16:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id F41482630A1; Sat, 28 Mar 2020 19:16:24 +0000 (UTC) Delivered-To: bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CD4472630A0 for ; Sat, 28 Mar 2020 19:16:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48qT3V1mBVz4Cwn for ; Sat, 28 Mar 2020 19:16:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8BF9B1A0C6 for ; Sat, 28 Mar 2020 19:16:11 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 02SJGB5N022090 for ; Sat, 28 Mar 2020 19:16:11 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 02SJGBCS022089 for bugs@FreeBSD.org; Sat, 28 Mar 2020 19:16:11 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 245148] ifconfig(8) tunnel destination not respecting CLI specified address_family Date: Sat, 28 Mar 2020 19:16:11 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 12.1-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: junovitch@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Mar 2020 19:16:35 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D245148 Bug ID: 245148 Summary: ifconfig(8) tunnel destination not respecting CLI specified address_family Product: Base System Version: 12.1-STABLE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: junovitch@freebsd.org The following is observed on pfSense and the root cause appears to be ifconfig(8) does not make use of the specified "inet" or "inet6" when check= ing and setting tunnel remote destinations. /status_services.php: The command '/sbin/ifconfig 'ipsec1000' inet tunnel 'x.x.x.203' 'distantend.example.com' up' returned exit code '1', the output= was 'ifconfig: source and destination address families do not match' Please see below for a simple point to point/same LAN configuration where t= his can be reproduced. Host 1 configuration: "vm1" /etc/hosts 10.100.82.107 vm2 x:x:x:x:a00:27ff:fe64:d5bd vm2 Host 2 configuration: "vm2" /etc/hosts 10.100.82.105 vm1 x:x:x:x:a00:27ff:fec9:1f9e vm1 Host 1 CLI prep: root@vm1:~ # ifconfig gre0 create root@vm1:~ # ifconfig gre0 inet 10.0.0.1/30 10.0.0.2 root@vm1:~ # ifconfig gre0 inet tunnel 10.100.82.105 10.100.82.107 Host 2 CLI prep: root@vm2:~ # ifconfig gre0 create root@vm2:~ # ifconfig gre0 inet 10.0.0.2/30 10.0.0.1 root@vm2:~ # ifconfig gre0 inet tunnel 10.100.82.107 10.100.82.105 root@vm2:~ # ping -c 1 10.0.0.1 This produces a working configuration. But in an environment with dual sta= ck as in the case of my pfSense router the hostname fails to properly resolve respecting the passed 'inet' flag. Host 2 (unpatched): root@vm2:~ # ifconfig gre0 inet tunnel 10.100.82.107 vm1 ifconfig: source and destination address families do not match root@vm2:~ # ifconfig gre0 inet6 tunnel x:x:x:x:a00:27ff:fe64:d5bd vm1 Host 1 (patched to pass getaddrinfo hints): root@vm1:/usr/src/sbin/ifconfig # ifconfig gre0 inet tunnel 10.100.82.105 v= m2 root@vm1:/usr/src/sbin/ifconfig # ifconfig gre0 gre0: flags=3D8051 metric 0 mtu 1476 options=3D80000 tunnel inet 10.100.82.105 --> 10.100.82.107 inet6 fe80::a00:27ff:fec9:1f9e%gre0 prefixlen 64 scopeid 0x3 inet 10.0.0.1 --> 10.0.0.2 netmask 0xfffffffc groups: gre nd6 options=3D21 root@vm1:/usr/src/sbin/ifconfig # ifconfig gre0 inet6 tunnel x:x:x:x:a00:27ff:fec9:1f9e vm2 root@vm1:/usr/src/sbin/ifconfig # ifconfig gre0 gre0: flags=3D8051 metric 0 mtu 1476 options=3D80000 tunnel inet6 x:x:x:x:a00:27ff:fec9:1f9e --> x:x:x:x:a00:27ff:fe64:d= 5bd inet6 fe80::a00:27ff:fec9:1f9e%gre0 prefixlen 64 scopeid 0x3 inet 10.0.0.1 --> 10.0.0.2 netmask 0xfffffffc groups: gre nd6 options=3D21 --=20 You are receiving this mail because: You are the assignee for the bug.=