From owner-freebsd-current@freebsd.org Sun May 27 19:12:57 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B064BF7D6BB for ; Sun, 27 May 2018 19:12:57 +0000 (UTC) (envelope-from Alexander@leidinger.net) Received: from mailgate.Leidinger.net (bastille.leidinger.net [89.238.82.207]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22BEC6A1BE for ; Sun, 27 May 2018 19:12:57 +0000 (UTC) (envelope-from Alexander@leidinger.net) Date: Sun, 27 May 2018 21:12:17 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=leidinger.net; s=outgoing-alex; t=1527448374; bh=jJ4RyT3WOUYozSAOIYh+imDGLE4Ew8sb8Sr7omxEsfk=; h=Date:From:To:Subject:References:In-Reply-To; b=nwoANvwNxlOWuA88zMf7Jsmi/ltrbNLPBMKDTofdlwNH2tzQmVWk50nhdVlAOLKve P1K/QSPMNv4DwQC3m5hRntiBNcVN5jg32TOAFQI7HwC0ayk2qt+IXjYt5IKsk/sTpd DUvvtWJXo4RDSycoUhUBQJsndPnIksnQGWOnE+mvxXp1DG5Lif9dO4jWjHWDUNq5Vw 8hO2hB8Qyq9ziaTMxVgtJnKcK7EfoIrivdJj1Mx3Y97TBZ/vsR1b5CPPXfWF71JUHD +XdknmspsaBFa06Qj+BNfrrXTw8kimb5K0larDtgzc8hBKkYJ2LU6MchrJtJKEPMrs 9axiiyrP0J7lA== Message-ID: <20180527211217.Horde.opQzHI4VOIxPiirx10J9wTe@webmail.leidinger.net> From: Alexander Leidinger To: freebsd-current@freebsd.org Subject: Re: Recent changes in routing or IPv6 related parts? References: <20180522101222.Horde.qCL_Frz6tcSPJrYy4UFWDEH@webmail.leidinger.net> <34db4188119c29a5e38c9216b15f3411@udns.ultimatedns.net> In-Reply-To: <34db4188119c29a5e38c9216b15f3411@udns.ultimatedns.net> User-Agent: Horde Application Framework 5 Content-Type: multipart/signed; boundary="=_X95Ezf14toofUPDphvQ_IRR"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 May 2018 19:12:58 -0000 This message is in MIME format and has been PGP signed. --=_X95Ezf14toofUPDphvQ_IRR Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Quoting Chris H (from Tue, 22 May 2018=20=20 09:59:04=20-0700): > On Tue, 22 May 2018 10:12:22 +0200 "Alexander Leidinger"=20=20 >=20 said > >> Hi, >> >> I've updated 2 machines to r333966 and I see a change in the=20=20 >>=20behavior in the network area on one of the systems. >> >> To begin with, the "original" behavior was not OK either, the em=20=20 >>=20NIC fails to "do proper network communication"=20=20=20 >>=20(https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220997). A=20=20= =20 >>=20workaround for me was so far to do an IPv4 ping to the router from=20= =20=20 >>=20time to time, and if it fails do some ifconfig down/up. If the ping=20= =20 >>=20 doesn't work afterwards, reboot. Most of the time this worked. >> >> Now I see a change in behavior, the scripts kicks in, all is ok for=20= =20 >>=20 the script afterwards, but internally (inside the machine) I can't=20= =20 >>=20 reach ipv6 jails. The system is reachable externally (only tested=20= =20 >>=20so far is the main host-IP). >> >> The setup is vimage based, several jails (via iocage) on epairs=20=20=20 >>=20connected via bridge to the NIC. One bridge for IPv6, one for IPv4.=20= =20 >>=20 rc.conf has prefer IPv4 setting after encountering another issue. >> >> One IPv4 address (/32) for the host where a nginx is running to=20=20 >>=20proxy port 80 and 443 requests on IPv4 to the IPv6 addresses of=20=20 >>=20the jails (IPv6 access is going directly to the jails). >> >> After a reboot, the nginx on the main IPv4 address delivers data=20=20 >>=20from the ipv6 addresses of the jails (rev-proxy setup). After a=20=20 >>=20while this stops working. The workaround-script mentioned above=20=20 >>=20doesn't change this behavior. Restarting nginx doesn't help. A=20=20 >>=20reboot helps. >> >> Has someone an idea of recent changes in a related area which may=20=20 >>=20be able to cause such an issue? Any rev I could try to revert to=20= =20 >>=20check if it is related? > Hello, Alexander. > I'm not sure if this landed in -CURRENT. I only know it landed in 11. > But your trouble might be related to pr #224247 : > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D224247 > > Hope this helps. Thanks, I've compiled a kernel which will print a message with the=20=20 interface=20name when a packet will be dropped because of this. If I see=20= =20 something=20which makes it look like it could be related, I will disable=20= =20 it=20and try again. Bye, Alexander. --=20 http://www.Leidinger.net=20Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_X95Ezf14toofUPDphvQ_IRR Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJbCwMRAAoJEKrxQhqFIICEF2EQALX7FSkUsisvL1+vbnH9rSFB PIkSb8YCapQpXscCeOgEbTGztnhI/jDMcFvMzOLr+f2Dy0z46MrgLPn/6pcmk52Q sBSu/rv24lUpgVD5kb1qAk9IhC8Pa7DU4CT23HAyXHP12h2UEdeQgFKS/mMc2Loi rD/E3r0qzgn5oIXvnW5qe231r+7Wmdstf1qoPThVETfA3RPhKV7CJa0BPnDYUcl4 OqB8u3AboButhHfSLgBUcas3OJdIrz3imUzQIbb8Mc0t1oo8qGALgxugsP+aEm6N 3rFW/Z8pUAn15/5E/sq5F96zG8lPde65uSBHH9zf4cNXRpDdgcmm9rUsFbcY9cY7 SPPL0HZm4xEsRe7hpLiTUcL6crOcnE6qkkV3noQpBWGmQhdVvcWIkytWd1Xdpu3Y RYaF4PCxn69jtUowEHbhp2mUNRhv1X0dsy4VUQ1r15liWFiH3hLrM45lv+GktI7j 9p/tlvsowL5ql/JPs1aKnAFX23HcOPEJHzKa2+X1qDTkWXoCK6wDb7TExNWKqVV0 aDTPrGkQbiFTecA1yJ0MhWhZCa36VhqjO1qx3YtcqGNim9c8unv65UwAKsYXXAyK C680MZs6jq5nvkokdMu0JY76jPuYPTBnqdlYCmL6/vYWqiXwuk46fhwxPEEoBwIU ssSQzZBX3IQixtjw10AI =JqqR -----END PGP SIGNATURE----- --=_X95Ezf14toofUPDphvQ_IRR--