Date: Mon, 27 Jun 2022 11:25:14 -0500 From: "Mike Karels" <mike@karels.net> To: "Marek Zarychta" <zarychtam@plan-b.pwste.edu.pl> Cc: "Dave Cottlehuber" <dch@skunkwerks.at>, freebsd-net <freebsd-net@freebsd.org> Subject: Re: missing SYN/ACK for inbound TCP solved by altering broadcast address - why? Message-ID: <1D46186C-EE8C-4EDA-9FE8-8636C3D90299@karels.net> In-Reply-To: <6e6d272a-0954-1fba-c0eb-14480d858a37@plan-b.pwste.edu.pl> References: <b727be82-f90b-4391-b151-81660f204a00@www.fastmail.com> <6e6d272a-0954-1fba-c0eb-14480d858a37@plan-b.pwste.edu.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Responding to parts of two emails: On 27 Jun 2022, at 7:41, Marek Zarychta wrote: > W dniu 27.06.2022 o=C2=A013:44, Dave Cottlehuber pisze: >> I've found a workaround for this issue, but don't understand why this >> occurs. Reading RFC1122 has left me none the wiser. What am I = >> missing? >> Is this a Linuxism or simple a standardisation loophole? > > It has been standardized in RFC3021 over twenty years ago. FreeBSD = > ifconfig(8) supports /31 netmask for a long time and the broadcast = > address is correctly assigned in this case (255.255.255.255). Either = > dhcp-options(5) "option broadcast-address" is missing on the DHCP = > server or our dhclient(8) is misbehaving or maybe the Linux client is = > better in figuring out the right broadcast address. Looks like RFC3021 only says it applies to point-to-point interfaces, and doesn=E2=80=99t consider other types. I don=E2=80=99t remember any c= ode in = ifconfig to special-case this, although the kernel will default the broadcast correctly in this case (to the all-1=E2=80=99s address; I guess that=E2=80= =99s an = extension). That means something is giving the broadcast address to ifconfig = explicitly. >> ## Problem >> >> - on 13.1-R, dhclient-set config works for all UDP, & outbound TCP >> - but inbound TCP connections send no SYN/ACK at all back >> - on Linux Ubuntu 22.04 & others, the DHCP supplied IP config >> works as expected Do you know if this worked with 13.0? (I made a change in 13.1, but don=E2=80=99t quite see how it would cause this situation to change.)= >> failing FreeBSD config from dhclient: >> inet 147.75.93.61 netmask 0xfffffffe broadcast 147.75.93.60 This is odd. I don=E2=80=99t know why the broadcast address would be hos= t 0 on that network, but note that it is the same as the router address. That is probably the root of the problem. I don=E2=80=99t see a broadcas= t address in the lease below, so maybe dhclient is confused. The default broadcast would be host -1, but of course that is the host itself. >> working Linux config (note broadcast) >> inet 147.75.93.61 netmask 0xfffffffe broadcast 255.255.255.254 That=E2=80=99s an odd choice of broadcast, but it doesn=E2=80=99t really = matter = here. >> - full details below (dhcp lease, ifconfigs etc) >> >> I worked around this by forcing broadcast-address in dhclient.conf: >> >> ## /etc/dhclient.conf >> interface "ice0" { >> supersede broadcast-address 255.255.255.255; >> } >> # repeat for other ifaces as required >> >> Which is ~ok~ for the moment, but I'd like to understand why this >> occurs, and fix it properly. Either at DHCPD end, or FreeBSD >> config. >> >> >> >> # Further details >> >> - Ubuntu 22.04 from vendor >> - FreeBSD 13.1-RELEASE amd64 vanilla install >> - 4x ice(4) NICs (Intel E810) and 2x (unused) ix (igxbe) >> - 2x of the ice(4) are bonded link aggregation >> - dhclient only used to attach to 1 nic, ignoring FreeBSD side of = >> bonding >> >> >> ## Linux ip addr >> >> # ip addr >> 8: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc = >> noqueue state UP group default qlen 1000 >> link/ether b4:96:91:d9:99:20 brd ff:ff:ff:ff:ff:ff >> inet 147.75.92.187/31 brd 255.255.255.255 scope global bond0 >> ... >> >> ## FreeBSD ifconfig >> >> # ifconfig ice0 >> ice0: flags=3D8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mt= u = >> 1500 >> options=3D4e10438<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,LRO,VLAN_HWFILTER,= RXCSUM_IPV6,TXCSUM_IPV6,NOMAP> >> ether b4:96:91:d9:9b:48 >> inet 147.75.93.61 netmask 0xfffffffe broadcast 147.75.93.60 >> media: Ethernet autoselect (25G-AUI <full-duplex>) >> status: active >> nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> >> ... >> root@metalBSD:~ # netstat -4rn >> Routing tables >> >> Internet: >> Destination Gateway Flags Netif Expire >> default 147.75.93.60 UGS ice0 >> 127.0.0.1 link#7 UH lo0 >> 147.75.93.60/31 link#3 U ice0 >> 147.75.93.61 link#3 UHS lo0 >> >> root@metalBSD:~ # cat /var/db/dhclient.leases.ice0 >> >> - note no broadcast-address provided >> - Linux & FreeBSD evidently derive it differently >> >> lease { >> interface "ice0"; >> fixed-address 147.75.93.61; >> option subnet-mask 255.255.255.254; >> option routers 147.75.93.60; >> option domain-name-servers 147.75.207.207,147.75.207.208; >> option host-name "intransigent09"; >> option dhcp-lease-time 172800; >> option dhcp-message-type 5; >> option dhcp-server-identifier 139.178.78.140; >> renew 1 2022/6/27 18:40:06; >> rebind 2 2022/6/28 12:40:06; >> expire 2 2022/6/28 18:40:06; >> } >> >> A+ >> Dave >> > > > -- = > Marek Zarychta
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1D46186C-EE8C-4EDA-9FE8-8636C3D90299>