Date: Mon, 29 Jan 2018 15:39:32 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 225536] ipfw tcp-setmss doesn't seems to work Message-ID: <bug-225536-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225536 Bug ID: 225536 Summary: ipfw tcp-setmss doesn't seems to work Product: Base System Version: 11.1-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: manu@freebsd.org Hello, I'm trying to rewrite the mss option on one of my gateway. I have two interfaces (each one is a lagg to a ix VF), both are in fib 1, traffic is natted from lagg1 to lagg0. ifconfig output : ixv0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0= mtu 1500 =20=20=20=20=20=20=20 options=3D405bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM= ,TSO4,LRO,VLAN_HWTSO> ether 00:16:3e:22:ac:63 hwaddr 00:16:3e:22:ac:63 nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect status: active ixv1: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0= mtu 1500 =20=20=20=20=20=20=20 options=3D405bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM= ,TSO4,LRO,VLAN_HWTSO> ether 00:16:3e:22:ac:63 hwaddr 00:16:3e:fd:31:cb nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect status: active ixv2: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0= mtu 9000 =20=20=20=20=20=20=20 options=3D405bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM= ,TSO4,LRO,VLAN_HWTSO> ether 00:16:3e:26:17:b5 hwaddr 00:16:3e:26:17:b5 nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect status: active ixv3: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0= mtu 9000 =20=20=20=20=20=20=20 options=3D405bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM= ,TSO4,LRO,VLAN_HWTSO> ether 00:16:3e:26:17:b5 hwaddr 00:16:3e:3a:73:21 nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect status: active lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3D600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128=20 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5=20 inet 127.0.0.1 netmask 0xff000000=20 nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL> groups: lo=20 lagg0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric = 0 mtu 1500 =20=20=20=20=20=20=20 options=3D405bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM= ,TSO4,LRO,VLAN_HWTSO> ether 00:16:3e:22:ac:63 inet XXX.XXX.XXX.XXX netmask 0xffffff80 broadcast 155.133.140.127=20 inet XXX.XXX.XXX.XXX netmask 0xffffffff broadcast 155.133.142.65=20 nd6 options=3D2b<PERFORMNUD,ACCEPT_RTADV,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect status: active fib: 1 groups: lagg=20 laggproto failover lagghash l2,l3,l4 laggport: ixv0 flags=3D5<MASTER,ACTIVE> laggport: ixv1 flags=3D0<> lagg1: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric = 0 mtu 9000 =20=20=20=20=20=20=20 options=3D405bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM= ,TSO4,LRO,VLAN_HWTSO> ether 00:16:3e:26:17:b5 inet 172.23.0.253 netmask 0xffff8000 broadcast 172.23.127.255=20 inet 172.23.0.254 netmask 0xffff0000 broadcast 172.23.255.255=20 nd6 options=3D2b<PERFORMNUD,ACCEPT_RTADV,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect status: active fib: 1 groups: lagg=20 laggproto failover lagghash l2,l3,l4 laggport: ixv2 flags=3D5<MASTER,ACTIVE> laggport: ixv3 flags=3D0<> ipfw rules : ipfw pipe 1 config bw 2000Mbit/s ipfw pipe 2 config bw 2000Mbit/s ipfw queue 1 config pipe 1 mask src-ip 0xffffffff ipfw queue 2 config pipe 2 mask dst-ip 0xffffffff # Setup tables ipfw table blacklist create type addr ipfw table nonat create type addr ipfw table nonat add XXX.XXX.XXX.XXX/24 ipfw table nat create type addr ipfw table nat add 172.23.0.0/17 # Setup rules ipfw add 00100 allow ip from any to any via lo0 ipfw add 00200 deny ip from any to 127.0.0.0/8 ipfw add 00201 deny ip from 127.0.0.0/8 to any ipfw add 00202 deny ip from 'table(blacklist)' to any ipfw add 00203 deny ip from any to 'table(blacklist)' ipfw add 00500 queue 1 ip from any to any xmit lagg1 out ipfw add 00501 queue 2 ip from any to any recv lagg1 in ipfw add 02100 nat 123 ip from any to not 'table(nonat)' fib 1 ipfw add 64999 allow ip from any to any fib 1 ipfw add 65000 allow ip from any to any fib 0 ipfw add 65535 deny ip from any to any ipfw nat 123 config ip XXX.XXX.XXX.XXX log reset All the configuration above works correctly. If I add : ipfw add 02005 tcp-setmss 1460 tcp from any to any fib 1 I can see that the rule is hit but the mss isn't updated : This is from lagg1 so I guess it's normal that the mss isn't rewritten at t= his point : 15:17:34.928408 IP 172.23.6.163.58048 > 83.166.144.237.http: Flags [S], seq 1940485466, win 26880, options [mss 8960,sackOK,TS val 414737643 ecr 0,nop,wscale 9], length 0 >From lagg0: 15:17:34.929409 IP XXX.XXX.XXX.XXX.53942 > 83.166.144.237.http: Flags [S], = seq 1940485466, win 26880, options [mss 8960,sackOK,TS val 414737643 ecr 0,nop,wscale 9], length 0 Is there something I miss ? Thanks --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-225536-8>