From nobody Fri Sep 16 12:51:36 2022 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MTYqH1b7rz4cklY for ; Fri, 16 Sep 2022 12:51:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MTYqH0Hz6z4NqB for ; Fri, 16 Sep 2022 12:51:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MTYqG6X4yzMSg for ; Fri, 16 Sep 2022 12:51:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 28GCpcD7094356 for ; Fri, 16 Sep 2022 12:51:38 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 28GCpch6094355 for ports-bugs@FreeBSD.org; Fri, 16 Sep 2022 12:51:38 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 261711] net/wireguard-kmod: Cannot send data over VXLAN / vtnet Date: Fri, 16 Sep 2022 12:51:36 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: marco@tols.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1663332699; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=m7HlueRaOgA9hbEVzAHLPgAavXG1TdCcNq4RzOX4lmg=; b=epDAqTQWV7B9JdgSxj3xGJ5bo4nx3gpaAsD9NdYOw+RQXZRHPk1tVQmodJlaejAOihf/oB Qc7hqGdQGZp30pWHlH2usrFaSyhqcg9colRd15CfZOa5YpKDVg08FGPdfWWVc6xpvwtErg uWBJI3RnY1vN7ZljtXLVXyp1zKc9yE04a+kcyhl9UQYAEayQhkVzzejZ/v0gXGIW2zm+UO MguN6jogrofvkAZvUSfK+WxslagHAFvy8Mr2cGv/sWsw3n3gWKl0Ymi2qGPFI7U6hXxeyN z6u8yK6hdZ1ljfmEb21MXSeeJXRixCZrXYSubziGXdr7ru4DJKObZTJozccR5A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1663332699; a=rsa-sha256; cv=none; b=oH60c9sgFcO0Y3cnQWNtK68aHAwwjQIffqZ3YRj9UnQJQt6zrbWAHRkYv7k+5McqlLLyiD IEYgzv/8jwFra5aw5BvZBKeFUHBRFP2IkCpeSiAG+I3QgtWc04SEdnlt7kq7eieR/7WWyp CHrYrs7KOtj4013mHW49DUBbqlpKgzi2y1E7plh0r9EWvVSWvHE4pWnUMU22vLky5baJ/Z JQ7KsQR3bCxvxlIU8Yj1tg5fzx9IqyHR5xqs6jrkzisscCoPPDsIvOOoXp/w3RtGyf3lP7 AH0fd5e/ONL5pMDUrXBJq8XvrbR9CKGPjJa6aCVvTk/Wgs5sIHyftwfZVG1eeA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261711 --- Comment #7 from marco@tols.org --- Hi there, I have the same issue. Hopefully my submission of uname -a and pkg info wireguard-kmod will help this bug progress further. I'm sure if this bug g= ets resolved, it will also resolve my issue. For completeness my setup is this: - 2x 13.1-RELEASE-p2 host - no firewalls active - Working wireguard setup (can ssh from one to the other via the wireguard = IPs) - Working vxlan over ipsec setup, traffic across the vxlan tunnel ends up on the other side. In my case the vxlan interfaces are bridged to a real interface so that I end up having a stretched ethernet network. When I change the vxlanlocal and vxlanremote on both ends from the ipsec ip addresses to the wireguard ip adresses the traffic across the vxlan tunnel = does not end up on the other side any more. I do see the udp/4789 packets arriv= e on the wg0 interface, but they don't seem to make it into the vxlan interface. My suspicion is that by the time the packets get decrypted by the wireguard setup, it's too late to have them get processed by vxlan. This is pure speculation. My `uname -a` is this: (identical on both ends) FreeBSD 13.1-RELEASE-p2 FreeBSD 13.1-RELEASE-p2 GENERIC amd64 my `pkg info wireguard-kmod` is this: wireguard-kmod-0.0.20220615 Name : wireguard-kmod Version : 0.0.20220615 Installed on : Fri Sep 16 11:29:06 2022 CEST Origin : net/wireguard-kmod Architecture : FreeBSD:13:amd64 Prefix : /usr/local Categories : net-vpn net kld Licenses : MIT Maintainer : decke@FreeBSD.org WWW : https://git.zx2c4.com/wireguard-freebsd/ Comment : WireGuard implementation for the FreeBSD kernel Annotations : FreeBSD_version: 1301000 repo_type : binary repository : FreeBSD Flat size : 144KiB Description : Kernel module for FreeBSD to support Wireguard. At this time this code is new, unvetted, possibly buggy, and should be considered "experimental". It might contain security issues. We gladly welcome your testing and bug reports, but do keep in mind that this code is new, so some caution should be exercised at the moment for using it in mission critical environments. WWW: https://git.zx2c4.com/wireguard-freebsd/ --=20 You are receiving this mail because: You are the assignee for the bug.=