Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 21 May 2007 16:17:07 -0700
From:      "Jack Vogel" <jfvogel@gmail.com>
To:        "Sten Spans" <sten@blinkenlights.nl>
Cc:        Ian FREISLICH <ianf@clue.co.za>, freebsd-current@freebsd.org
Subject:   Re: em0 hijacking traffic to port 623
Message-ID:  <2a41acea0705211617p17f74964oabdc88564376ada3@mail.gmail.com>
In-Reply-To: <Pine.LNX.4.64.0705220019390.17702@zaphod.blinkenlights.nl>
References:  <E1Hq8eK-0001RA-2f@clue.co.za> <Pine.LNX.4.64.0705220019390.17702@zaphod.blinkenlights.nl>

next in thread | previous in thread | raw e-mail | index | archive | help
On 5/21/07, Sten Spans <sten@blinkenlights.nl> wrote:
> On Mon, 21 May 2007, Ian FREISLICH wrote:
>
> > Hi
> >
> > We've noticed an issue on our firewalls where the first em device
> > in the system hijacks inbound port 623 tcp and udp.  The OS never
> > sees this traffic.  Interestingly, em1 and em2 do not appear to be
> > afflicted by this problem.  Some reading I've done points to a
> > similar conclusion:
> >
> > http://blogs.sun.com/shepler/entry/port_623_or_the_mount
> >
> > I've looked at the bios, but I can't find any settings that remotely
> > hint IPMI or RMCP+ or serial-over-lan.
> >
> > Does anyone know how I can stop the card or system from stealing
> > port 623 in hardware or must I just stop using em0 (and/or Intel NICS)?
>
> Does "ifconfig em0 promisc" help ?
> That fixed firmware related vanishing ipv6 packets on fxp and em.

Is this happening even with the latest CURRENT driver,  there is code in
it now that is supposed to stop the firmware from doing that, at least
that was the theory :)

Jack



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2a41acea0705211617p17f74964oabdc88564376ada3>