From owner-freebsd-current@FreeBSD.ORG Thu Nov 10 03:02:28 2005 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1901016A41F; Thu, 10 Nov 2005 03:02:28 +0000 (GMT) (envelope-from sean@mcneil.com) Received: from mail.mcneil.com (mcneil.com [24.199.45.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id B26F143D45; Thu, 10 Nov 2005 03:02:27 +0000 (GMT) (envelope-from sean@mcneil.com) Received: from localhost (localhost.mcneil.com [127.0.0.1]) by mail.mcneil.com (Postfix) with ESMTP id 6B169F24F0; Wed, 9 Nov 2005 19:02:27 -0800 (PST) Received: from mail.mcneil.com ([127.0.0.1]) by localhost (triton.mcneil.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 24115-01; Wed, 9 Nov 2005 19:02:27 -0800 (PST) Received: from mcneil.com (mcneil.com [24.199.45.54]) by mail.mcneil.com (Postfix) with ESMTP id EC147F2442; Wed, 9 Nov 2005 19:02:26 -0800 (PST) From: Sean McNeil To: "J.R. Oldroyd" In-Reply-To: <20051110024941.GA987@linwhf.opal.com> References: <1131161768.8571.9.camel@server.mcneil.com> <8427EC93-6788-4659-B769-3703FF2AAA9A@mcneil.com> <1131359967.1874.6.camel@server.mcneil.com> <1131424479.1341.3.camel@server.mcneil.com> <20051110024941.GA987@linwhf.opal.com> Content-Type: text/plain Organization: Sean McNeil Consulting, Inc Date: Wed, 09 Nov 2005 19:02:26 -0800 Message-Id: <1131591746.24065.3.camel@triton.mcneil.com> Mime-Version: 1.0 X-Mailer: Evolution 2.4.1 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at mcneil.com X-Mailman-Approved-At: Thu, 10 Nov 2005 04:30:35 +0000 Cc: ume@freebsd.org, current@freebsd.org Subject: Re: recent MFC code to 6-STABLE kills ipv6 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: sean@mcneil.com List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Nov 2005 03:02:28 -0000 On Wed, 2005-11-09 at 21:49 -0500, J.R. Oldroyd wrote: > Experiencing the problem over here, too. > > # ifconfig gif0 > gif0: flags=8051 mtu 1280 > tunnel inet 66.171.79.118 --> 64.86.88.116 > inet6 2001:5c0:8fff:fffe::553 --> 2001:5c0:8fff:fffe::552 prefixlen 128 > inet6 fe80::20c:6eff:fe75:69aa%gif0 prefixlen 64 scopeid 0x5 > > # ping6 2001:5c0:8fff:fffe::553 > PING6(56=40+8+8 bytes) 2001:5c0:8fff:fffe::553 --> 2001:5c0:8fff:fffe::553 > 16 bytes from 2001:5c0:8fff:fffe::553, icmp_seq=0 hlim=64 time=1.658 ms > 16 bytes from 2001:5c0:8fff:fffe::553, icmp_seq=1 hlim=64 time=0.720 ms > 16 bytes from 2001:5c0:8fff:fffe::553, icmp_seq=2 hlim=64 time=0.681 ms > ^C > > Ping6 works fine: > > However TCP traffic is broke, for example, when I try to telnet to the POP3 > server here, I observe that pf is blocking the server's response packets with > this error: > > # telnet 2001:5c0:8fff:fffe::553 110 > Trying 2001:5c0:8fff:fffe::553... > ^C > > from pflog: > 21:45:03.080452 rule 0/0(match): block in on gif0: 2001:5c0:8fff:fffe::553.110 > 2001:5c0:8fff:fffe::553.56716: tcp 36 [bad hdr length 8 - too short, < 20] > > This did not happen on earlier 6.0-current. Oh Boy! This is very interesting. I took a look at my ipfw show during a ping6 and see the problem. The revpath is messed up. I took out my rule: add deny all from any to any not verrevpath in via dc0 and ping6 now works. Thanks for the clue! This should be fixed. I have no idea why the revpath is no longer valid. Cheers, Sean