Date: Sun, 10 Nov 2024 16:41:34 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 282673] ipfw tags are lost while transit via if_epair Message-ID: <bug-282673-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D282673 Bug ID: 282673 Summary: ipfw tags are lost while transit via if_epair Product: Base System Version: 14.1-RELEASE Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: bugs.freebsd.org@mx.zzux.com Example script: #!/bin/sh kldload -n ipfw ifconfig epair1 create ifconfig epair1a inet 192.0.2.1/30 up ifconfig epair1b inet 192.0.2.2/30 up route -4 add 192.0.2.4/30 192.0.2.2 -ifp epair1a ipfw add 31560 count tag 4 tagged 3 in ipfw add 31570 count tag 3 tagged 2 in ipfw add 31580 count tag 2 not tagged 2 in dst-ip 192.0.2.4 ipfw add 31590 unreach host tagged 4 out netstat -nrW4 ping -c 5 -t 6 192.0.2.4 traceroute -w 1 -In 192.0.2.4 ipfw show 31560-31590 ipfw -q delete 31560-31590 ifconfig epair1a destroy Result on FreeBSD 11.2-RELEASE-p4 (everything's ok): Routing tables Internet: Destination Gateway Flags Use Mtu Netif Exp= ire 127.0.0.1 link#3 UH 0 16384 lo0 192.0.2.0/30 link#4 U 0 1500 epair1a 192.0.2.1 link#4 UHS 0 16384 lo0 192.0.2.2 link#5 UHS 0 16384 lo0 192.0.2.4/30 192.0.2.2 UGS 0 1500 epair1a 192.168.232.0/24 192.168.232.222 UGS 97 1500 lan1 192.168.232.192/27 link#1 U 2 1500 lan1 192.168.232.200 link#1 UHS 0 16384 lo0 PING 192.0.2.4 (192.0.2.4): 56 data bytes 36 bytes from localhost (127.0.0.1): Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 979c 0 0000 3d 01 6207 192.0.2.1 192.0.2.4 36 bytes from localhost (127.0.0.1): Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 9ee0 0 0000 3d 01 5ac3 192.0.2.1 192.0.2.4 36 bytes from localhost (127.0.0.1): Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 9ee1 0 0000 3d 01 5ac2 192.0.2.1 192.0.2.4 36 bytes from localhost (127.0.0.1): Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 9ee2 0 0000 3d 01 5ac1 192.0.2.1 192.0.2.4 36 bytes from localhost (127.0.0.1): Destination Host Unreachable Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 9ee3 0 0000 3d 01 5ac0 192.0.2.1 192.0.2.4 --- 192.0.2.4 ping statistics --- 5 packets transmitted, 0 packets received, 100.0% packet loss traceroute to 192.0.2.4 (192.0.2.4), 64 hops max, 48 byte packets 1 127.0.0.1 0.130 ms 0.036 ms 0.033 ms 2 127.0.0.1 0.030 ms 0.026 ms 0.040 ms 3 127.0.0.1 0.032 ms 0.028 ms 0.028 ms 4 127.0.0.1 0.029 ms !H 0.057 ms !H 0.031 ms !H 31560 11 708 count tag 4 ip from any to any tagged 3 in 31570 25 1560 count tag 3 ip from any to any tagged 2 in 31580 17 996 count tag 2 ip from any to 192.0.2.4 not tagged 2 in 31590 8 564 reject ip from any to any tagged 4 out Result on FreeBSD 14.1-RELEASE-p5 (very different from 11.2, tags are lost, cannot control every pass via ipfw): Routing tables Internet: Destination Gateway Flags Nhop# Mtu Netif Expire 127.0.0.1 link#3 UH 1 16384 lo0 192.0.2.0/30 link#4 U 5 1500 epair1a 192.0.2.1 link#3 UHS 6 16384 lo0 192.0.2.2 link#3 UHS 7 16384 lo0 192.0.2.4/30 192.0.2.2 UGS 8 1500 epair1a 192.168.232.0/24 192.168.232.222 UGS 4 1500 lan1 192.168.232.192/27 link#1 U 2 1500 lan1 192.168.232.200 link#3 UHS 3 16384 lo0 PING 192.0.2.4 (192.0.2.4): 56 data bytes 92 bytes from 127.0.0.1: Time to live exceeded Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 612e 0 0000 01 01 d475 192.0.2.1 192.0.2.4 92 bytes from 127.0.0.1: Time to live exceeded Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 612f 0 0000 01 01 d474 192.0.2.1 192.0.2.4 92 bytes from 127.0.0.1: Time to live exceeded Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 6130 0 0000 01 01 d473 192.0.2.1 192.0.2.4 92 bytes from 127.0.0.1: Time to live exceeded Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 6131 0 0000 01 01 d472 192.0.2.1 192.0.2.4 92 bytes from 127.0.0.1: Time to live exceeded Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 6132 0 0000 01 01 d471 192.0.2.1 192.0.2.4 --- 192.0.2.4 ping statistics --- 5 packets transmitted, 0 packets received, 100.0% packet loss traceroute to 192.0.2.4 (192.0.2.4), 64 hops max, 48 byte packets 1 127.0.0.1 0.103 ms 0.084 ms 0.059 ms 2 127.0.0.1 0.047 ms 0.047 ms 0.044 ms ....... 64 127.0.0.1 0.104 ms 0.112 ms 0.105 ms 31560 0 0 count tag 4 tagged 3 in 31570 0 0 count tag 3 tagged 2 in 31580 6560 326400 count tag 2 not tagged 2 in dst-ip 192.0.2.4 31590 0 0 reject tagged 4 out --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-282673-227>