From owner-freebsd-net@freebsd.org Sun Aug 5 06:05:29 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C21E01067974 for ; Sun, 5 Aug 2018 06:05:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 5F5D57D750 for ; Sun, 5 Aug 2018 06:05:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 23C621067970; Sun, 5 Aug 2018 06:05:29 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 129AC106796F for ; Sun, 5 Aug 2018 06:05:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A6E237D74D for ; Sun, 5 Aug 2018 06:05:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id EDDB822691 for ; Sun, 5 Aug 2018 06:05:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w7565RK2090841 for ; Sun, 5 Aug 2018 06:05:27 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w7565RlT090835 for net@FreeBSD.org; Sun, 5 Aug 2018 06:05:27 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 206544] sendmsg(2) (sendto(2) too?) can fail with EINVAL; isn't documented in manpage Date: Sun, 05 Aug 2018 06:05:27 +0000 X-Bugzilla-Reason: AssignedTo CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Documentation X-Bugzilla-Component: Manual Pages X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: doc@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: component flagtypes.name assigned_to cc product version Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2018 06:05:29 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D206544 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Component|kern |Manual Pages Flags|mfc-stable9?, mfc-stable10? | Assignee|net@FreeBSD.org |doc@FreeBSD.org CC| |doc@FreeBSD.org Product|Base System |Documentation Version|9.3-STABLE |Latest --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Sun Aug 5 06:05:59 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00C9710679F5 for ; Sun, 5 Aug 2018 06:05:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 914807D7B1 for ; Sun, 5 Aug 2018 06:05:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 55E4A10679F2; Sun, 5 Aug 2018 06:05:58 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 44A1410679F1 for ; Sun, 5 Aug 2018 06:05:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DA5E07D7AE for ; Sun, 5 Aug 2018 06:05:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 342B622695 for ; Sun, 5 Aug 2018 06:05:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w7565vEI006884 for ; Sun, 5 Aug 2018 06:05:57 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w7565vah006875 for net@FreeBSD.org; Sun, 5 Aug 2018 06:05:57 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 216922] bpf(4): opening already opened device returns EBUSY; not documented as supported error in open(2) and not documented in bpf manpages Date: Sun, 05 Aug 2018 06:05:57 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Documentation X-Bugzilla-Component: Manual Pages X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: doc@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: version product assigned_to cc component Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2018 06:05:59 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D216922 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Version|CURRENT |Latest Product|Base System |Documentation Assignee|net@FreeBSD.org |doc@FreeBSD.org CC| |doc@FreeBSD.org Component|kern |Manual Pages --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Aug 5 17:13:46 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4D7D71057F6D for ; Sun, 5 Aug 2018 17:13:46 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id A53B8962A3 for ; Sun, 5 Aug 2018 17:13:44 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) X-Virus-Scanned: by clamd daemon 0.100.1 for FreeBSD at relay.sibptus.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 40070961 for freebsd-net@freebsd.org; Mon, 06 Aug 2018 00:13:42 +0700 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.15.2/8.15.2) with ESMTP id w75HDgD4034199 for ; Mon, 6 Aug 2018 00:13:42 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.15.2/8.15.2/Submit) id w75HDdAc034198 for freebsd-net@freebsd.org; Mon, 6 Aug 2018 00:13:39 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Mon, 6 Aug 2018 00:13:39 +0700 From: Victor Sudakov To: freebsd-net@freebsd.org Subject: "freebsd-update -r" and IPv6 Message-ID: <20180805171339.GA34148@admin.sibptus.transneft.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.9.5 (2018-04-13) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2018 17:13:46 -0000 Dear Colleagues, I have an IPv6-only host for test purposes. I have noticed that I can never successfully complete "freebsd-update -r 11.2-RELEASE upgrade" procedure on this host, it always complains about Fetching metadata signature for 10.4-RELEASE from update5.freebsd.org... failed. No mirrors remaining, giving up. The name of the update server can be different each time, like "update4.freebsd.org", "update5.freebsd.org" etc with the same result. Is this supposed to work? Are all the servers necessary for freebsd-update operation available via IPv6? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-net@freebsd.org Sun Aug 5 17:26:51 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 146D8105861F for ; Sun, 5 Aug 2018 17:26:51 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:d12:604::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 913D596843 for ; Sun, 5 Aug 2018 17:26:50 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id w75HQfdM070001 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 5 Aug 2018 19:26:42 +0200 (CEST) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: vas@mpeks.tomsk.su Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id w75HQWS2069311 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 6 Aug 2018 00:26:32 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: "freebsd-update -r" and IPv6 To: Victor Sudakov , freebsd-net@freebsd.org References: <20180805171339.GA34148@admin.sibptus.transneft.ru> From: Eugene Grosbein Message-ID: <5B673343.9000401@grosbein.net> Date: Mon, 6 Aug 2018 00:26:27 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: <20180805171339.GA34148@admin.sibptus.transneft.ru> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM,SPF_PASS autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -0.0 SPF_PASS SPF: sender matches SPF record * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2018 17:26:51 -0000 06.08.2018 0:13, Victor Sudakov wrote: > Dear Colleagues, > > I have an IPv6-only host for test purposes. I have noticed that I can > never successfully complete "freebsd-update -r 11.2-RELEASE upgrade" > procedure on this host, it always complains about > > Fetching metadata signature for 10.4-RELEASE from update5.freebsd.org... failed. > No mirrors remaining, giving up. > > The name of the update server can be different each time, like > "update4.freebsd.org", "update5.freebsd.org" etc with the same result. > > Is this supposed to work? Are all the servers necessary for > freebsd-update operation available via IPv6? Please capture network traffic using tcpdump -nps0 while running freebsd-update and make it available to download. From owner-freebsd-net@freebsd.org Sun Aug 5 18:41:30 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9EFA11059D1E for ; Sun, 5 Aug 2018 18:41:30 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id F2C4A706D2 for ; Sun, 5 Aug 2018 18:41:29 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) X-Virus-Scanned: by clamd daemon 0.100.1 for FreeBSD at relay.sibptus.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 40071004; Mon, 06 Aug 2018 01:41:28 +0700 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.15.2/8.15.2) with ESMTP id w75IfRwN034789; Mon, 6 Aug 2018 01:41:27 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.15.2/8.15.2/Submit) id w75IfMK7034788; Mon, 6 Aug 2018 01:41:22 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Mon, 6 Aug 2018 01:41:22 +0700 From: Victor Sudakov To: Eugene Grosbein Cc: freebsd-net@freebsd.org Subject: Re: "freebsd-update -r" and IPv6 Message-ID: <20180805184122.GA34665@admin.sibptus.transneft.ru> References: <20180805171339.GA34148@admin.sibptus.transneft.ru> <5B673343.9000401@grosbein.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5B673343.9000401@grosbein.net> Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.9.5 (2018-04-13) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2018 18:41:30 -0000 Eugene Grosbein wrote: > > > > I have an IPv6-only host for test purposes. I have noticed that I can > > never successfully complete "freebsd-update -r 11.2-RELEASE upgrade" > > procedure on this host, it always complains about > > > > Fetching metadata signature for 10.4-RELEASE from update5.freebsd.org... failed. > > No mirrors remaining, giving up. > > > > The name of the update server can be different each time, like > > "update4.freebsd.org", "update5.freebsd.org" etc with the same result. > > > > Is this supposed to work? Are all the servers necessary for > > freebsd-update operation available via IPv6? > > Please capture network traffic using tcpdump -nps0 while running freebsd-update > and make it available to download. http://noc.sibptus.ru/~sudakov/update2.dmp -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-net@freebsd.org Sun Aug 5 19:41:53 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CE856105BE54 for ; Sun, 5 Aug 2018 19:41:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 67E2574CCC for ; Sun, 5 Aug 2018 19:41:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 2C7E4105BE53; Sun, 5 Aug 2018 19:41:53 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1B1BD105BE52 for ; Sun, 5 Aug 2018 19:41:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AFCE874CC9 for ; Sun, 5 Aug 2018 19:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 1493599B0 for ; Sun, 5 Aug 2018 19:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w75JfpSq051707 for ; Sun, 5 Aug 2018 19:41:51 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w75JfpPV051705 for net@FreeBSD.org; Sun, 5 Aug 2018 19:41:51 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228831] netstat -Aan -M no longer reads from the corefile Date: Sun, 05 Aug 2018 19:41:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: karels@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2018 19:41:54 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228831 Mike Karels changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |karels@freebsd.org --- Comment #1 from Mike Karels --- This functionality was broken by r315662 (Hide struct inpcb, struct tcpcb f= rom the userland.) Unfortunately, that change also removed the test of the "li= ve" flag, so it blindly shows connections for the current system rather than fr= om the core file. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Aug 5 21:01:14 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6A747105E0BF for ; Sun, 5 Aug 2018 21:01:14 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 09DA577C6C for ; Sun, 5 Aug 2018 21:01:14 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.ysv.freebsd.org (Postfix) id C3893105E0BD; Sun, 5 Aug 2018 21:01:13 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A1C53105E0BB for ; Sun, 5 Aug 2018 21:01:13 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 267E777C63 for ; Sun, 5 Aug 2018 21:01:13 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 74024A5CF for ; Sun, 5 Aug 2018 21:01:12 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w75L1ClF055783 for ; Sun, 5 Aug 2018 21:01:12 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w75L1CVS055773 for net@FreeBSD.org; Sun, 5 Aug 2018 21:01:12 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201808052101.w75L1CVS055773@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: net@FreeBSD.org Subject: Problem reports for net@FreeBSD.org that need special attention Date: Sun, 5 Aug 2018 21:01:12 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Aug 2018 21:01:14 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- In Progress | 221146 | [ixgbe] Problem with second laggport New | 204438 | setsockopt() handling of kern.ipc.maxsockbuf limi New | 205592 | TCP processing in IPSec causes kernel panic New | 213410 | [carp] service netif restart causes hang only whe Open | 165622 | [ndis][panic][patch] Unregistered use of FPU in k Open | 193452 | Dell PowerEdge 210 II -- Kernel panic bce (broadc Open | 202510 | [CARP] advertisements sourced from CARP IP cause Open | 222273 | igb(4): Kernel panic (fatal trap 12) due to netwo Open | 227720 | Kernel panic in ppp server 9 problems total for which you should take action. From owner-freebsd-net@freebsd.org Mon Aug 6 09:38:29 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A8C7F1051316 for ; Mon, 6 Aug 2018 09:38:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 3F28870E36 for ; Mon, 6 Aug 2018 09:38:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 0344C1051315; Mon, 6 Aug 2018 09:38:29 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E5FCE1051314 for ; Mon, 6 Aug 2018 09:38:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8403070E35 for ; Mon, 6 Aug 2018 09:38:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id B1098112B4 for ; Mon, 6 Aug 2018 09:38:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w769cRg2015354 for ; Mon, 6 Aug 2018 09:38:27 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w769cRmB015353 for net@FreeBSD.org; Mon, 6 Aug 2018 09:38:27 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Mon, 06 Aug 2018 09:38:27 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: egypcio@googlemail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Aug 2018 09:38:29 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 --- Comment #7 from Vin=C3=ADcius Zavam --- (In reply to Kajetan Staszkiewicz from comment #6) avoiding the use of rc to setup carp, MFC/MFH direct to 'releng', running y= our custom base system and kernel (SomethingCompletelyDifferent)? I would be a = bit skeptic, and say that this issue can be closed. right? it's neither related= to 11.1- or 11.2-RELEASE. did you try with a *clean* source from HEAD? did you try with any other STA= BLE branch (w/o modifying it)? does it happens when you run RELENG/11.2 with no patched or modified code? btw, you do need to setup the 'pass' manually before trying to test anything related to carp as we can see on its manual page and ifconfig(8); no matter= if you are using VLAN or not, the steps should be the same. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Aug 6 13:09:53 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1C6A310577AB for ; Mon, 6 Aug 2018 13:09:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id AE11777C2F for ; Mon, 6 Aug 2018 13:09:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 72D7E10577AA; Mon, 6 Aug 2018 13:09:52 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6158710577A7 for ; Mon, 6 Aug 2018 13:09:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0192877C2C for ; Mon, 6 Aug 2018 13:09:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 5A25A12FD0 for ; Mon, 6 Aug 2018 13:09:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w76D9pMd018078 for ; Mon, 6 Aug 2018 13:09:51 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w76D9p1U018076 for net@FreeBSD.org; Mon, 6 Aug 2018 13:09:51 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 227720] Kernel panic in ppp server Date: Mon, 06 Aug 2018 13:09:50 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: crash, needs-qa X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: matt.allanson@trimedx.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Aug 2018 13:09:53 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D227720 --- Comment #26 from Matt Allanson --- (In reply to Andrey V. Elsukov from comment #25) Just a heads up, replied in email forgot to comment it here. Sorry about that... We applied the patch to enable garbage collection. Rebuilt the image and installed it, then set net.gc.enabled=3D1 as well as in /etc/sysctl.conf an= d it continued to fail. Here is the most recent backtrace: (kgdb) bt #0 0xffffffff804e7866 in sched_switch () #1 0xffffffff804c8d38 in mi_switch () #2 0xffffffff8050acfe in sleepq_switch () #3 0xffffffff8050abb3 in sleepq_wait () #4 0xffffffff804c8684 in _sleep () #5 0xffffffff80510401 in taskqueue_thread_loop () #6 0xffffffff804878d4 in fork_exit () #7 (kgdb) Let me know any addition information you need. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Mon Aug 6 23:58:06 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BD23B106A58B for ; Mon, 6 Aug 2018 23:58:05 +0000 (UTC) (envelope-from luvandachalo@gmail.com) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 5D7D171DA7 for ; Mon, 6 Aug 2018 23:58:05 +0000 (UTC) (envelope-from luvandachalo@gmail.com) Received: by mailman.ysv.freebsd.org (Postfix) id 21484106A589; Mon, 6 Aug 2018 23:58:05 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F3827106A588 for ; Mon, 6 Aug 2018 23:58:04 +0000 (UTC) (envelope-from luvandachalo@gmail.com) Received: from smtp.jtl.co.ke (smtp.jtl.co.ke [41.222.9.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6CBBF71DA5 for ; Mon, 6 Aug 2018 23:58:04 +0000 (UTC) (envelope-from luvandachalo@gmail.com) Received: from [197.232.61.211] (helo=USER-PC) by smtp.jtl.co.ke with smtp (Exim 4.90_1) (envelope-from ) id 1fmpNv-000Jeb-7m for net@freebsd.org; Tue, 07 Aug 2018 02:57:59 +0300 From: Compuline Technologies To: Message-Id: <20180807025755.25313205@gmail.com> Subject: Don`t Miss Payroll 2018 & Quickbooks Pro/ Premier Offe !!!. Date: Tue, 7 Aug 2018 02:57:55 +0300 Reply-To: compulinetech@gmail.com Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Aug 2018 23:58:06 -0000 Dear Client Enjoy Our New 2018 Payroll Software Offer Kenyan Payroll 2018 Release with new KRA PAYE 2018 Rates, ITAX and many more Only @ ksh 24,000 Quickbooks Pro @ Ksh 22,000 Quickbooks Premier @ Ksh 28000, ( We also do Data Migrations from Older Versions to New ) The 2018 BestPay Human Resource and Payroll Processing System is a Kenyan human resource and payroll software that is used by many different organizations. The software incorporates all the features needed to run a payroll that fulfills the requirements of the Kenya Revenue Authority (K.R.A.) as per the Employers Guide to Pay As You Earn document which is issued by K.R.A every year. BestPay is a Windows based system which uses graphical features such as icons for ease of use. It is a user-friendly payroll program that runs on PCs with Windows XP,Linux and Windows 7,8 and 10 Platforms. Its main objective is to computerize the payroll and the human resource functions of your organization, providing the management with clear, concise, up-to- date reports that would give an accurate picture of the activities carried out within the organization. This would result in greater efficiency and accuracy in the information processed. The software also conforms with the new PAYE submission guidelines from the K.R.A. with regards to monthly and quarterly PAYE returns by employers on behalf of the employees. The system automatically generates the P10D report conforming with the KRA format. The employer can also generate the monthly return that can be uploaded to the KRA website on a monthly basis. SYSTEM FEATURES . Multi companies . Company details, company address, registration details . Allows user definable employee categories, departments, grades etc. . Permits the user to input the employee details in the main employee details screen. . Terminated employees - date of leaving, reasons for leaving (dismissal,resignation, termination, retirement) . User definable medical schemes . Employer training reports . Pension details showing employer and employee contributions. . Terminated employees reports . Multi access Other Features include: . User definable payroll, earning/deduction codes . Flexibility in handling of tax tables. . Batch posting of transactions; by employee, by class of employees. . Exempting of staff from selected statutory deductions (e.g. in case of an expatriate or casual employees) . Loan processing- tracking down loan details, editing loan transactions, producing and printing loan repayment schedule. . Instant viewing of an employee pay slip. . Statutory deductions PAYE, NSSF, NHIF . Year end income tax reports - KRA approved P9 forms, P10A, P10, P10D,Previous years P9 etc . Supports direct bank salary remittance (SFI) and compatible with QuickBooks Accounting Software . Audit trail Reports Include: . Pay slips . Payment lists ie. payment by cash, payment by cheque, payment by bank transfer . Payroll analysis payments, deductions, negative pay, by department,by cost center, by pay point . Benefits details . Statutory deduction reports e.g NSSF, NHIF,PAYE,HELB,Pension schemes . Printable Labels and Coinage Analysis Our expertise in Computers and Software Design provide us with the knowledge to Develop Solutions and Implement Customised and Offshelf Softwares that answer the needs of today's clients. . looking forward to doing business with you. James kanyi IT Consultant Compuline Technologies 0721339494 This email, any attachment and response string are confidential and may be legally privileged. Any opinions expressed in this mail do not necessarily reflect the opinions of Compuline Technologies. If you are not the intended recipient, please email the sender and delete this message and any attachments immediately. Please do not copy or forward this message or attachment. Internet communications are not secure and therefore Compuline Technologies does not accept legal responsibility for the contents of this message as it has been transmitted over a public network From owner-freebsd-net@freebsd.org Tue Aug 7 08:07:26 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B5D1010513E6 for ; Tue, 7 Aug 2018 08:07:26 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from kagate.punkt.de (kagate.punkt.de [217.29.33.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 361EF82989 for ; Tue, 7 Aug 2018 08:07:25 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from hugo10.ka.punkt.de (hugo10.ka.punkt.de [217.29.44.10]) by gate1.intern.punkt.de with ESMTP id w7781HJh059352 for ; Tue, 7 Aug 2018 10:01:17 +0200 (CEST) Received: from [217.29.44.49] ([217.29.44.49]) by hugo10.ka.punkt.de (8.14.2/8.14.2) with ESMTP id w7781Hem075304 for ; Tue, 7 Aug 2018 10:01:17 +0200 (CEST) (envelope-from hausen@punkt.de) From: "Patrick M. Hausen" Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: DHCP vs. SYNCDHCP in rc.conf Message-Id: <2E43A157-FFA5-47E8-92DF-21986AF89487@punkt.de> Date: Tue, 7 Aug 2018 10:01:18 +0200 To: freebsd-net@freebsd.org X-Mailer: Apple Mail (2.3273) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 08:07:26 -0000 Hi all, from reading the docs I think that SYNCDHCP is supposed to wait for dhclient to finish and that there should not be another difference. But then why does ifconfig_em0_name="inet0" ifconfig_inet0="SYNCDHCP" in rc.conf lead to the desired result while ifconfig_em0_name="inet0" ifconfig_inet0="DHCP" doesn't? ifconfig_em0="DHCP" works as it should but renaming and configuring via DHCP works only if combined with SYNC. Reading /etc/rc.subr did not help ;-) I simply don't get it. Thanks Patrick -- punkt.de GmbH Internet - Dienstleistungen - Beratung Kaiserallee 13a Tel.: 0721 9109-0 Fax: -100 76133 Karlsruhe info@punkt.de http://punkt.de AG Mannheim 108285 Gf: Juergen Egeling From owner-freebsd-net@freebsd.org Tue Aug 7 09:07:54 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6FB101053EEC for ; Tue, 7 Aug 2018 09:07:54 +0000 (UTC) (envelope-from herbert@gojira.at) Received: from mail.bsd4all.net (mail.bsd4all.net [IPv6:2a01:4f8:191:217b::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.bsd4all.net", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 140E784D52 for ; Tue, 7 Aug 2018 09:07:53 +0000 (UTC) (envelope-from herbert@gojira.at) Date: Tue, 07 Aug 2018 11:07:51 +0200 Message-ID: <87tvo65yu0.wl-herbert@gojira.at> From: "Herbert J. Skuhra" To: freebsd-net@freebsd.org Subject: Re: DHCP vs. SYNCDHCP in rc.conf In-Reply-To: <2E43A157-FFA5-47E8-92DF-21986AF89487@punkt.de> References: <2E43A157-FFA5-47E8-92DF-21986AF89487@punkt.de> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.8 EasyPG/1.0.0 Emacs/27.0 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 09:07:54 -0000 On Tue, 07 Aug 2018 10:01:18 +0200, "Patrick M. Hausen" wrote: > > Hi all, > > from reading the docs I think that SYNCDHCP is supposed > to wait for dhclient to finish and that there should not be > another difference. > > But then why does > > ifconfig_em0_name="inet0" > ifconfig_inet0="SYNCDHCP" > > in rc.conf lead to the desired result while > > ifconfig_em0_name="inet0" > ifconfig_inet0="DHCP" > > doesn't? > > ifconfig_em0="DHCP" > > works as it should but renaming and configuring via DHCP > works only if combined with SYNC. > > Reading /etc/rc.subr did not help ;-) I simply don't get it. Hmm, works for me! Tested on a Raspberry Pi 2 and 3 (both CURRENT) and a VM (11.2-RELEASE-p1 and CURRENT). Have you tried to boot with "rc_debug=YES"? -- Herbert From owner-freebsd-net@freebsd.org Tue Aug 7 09:44:01 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 791CB10555F2 for ; Tue, 7 Aug 2018 09:44:01 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from kagate.punkt.de (kagate.punkt.de [217.29.33.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0117E865D8 for ; Tue, 7 Aug 2018 09:44:00 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from hugo10.ka.punkt.de (hugo10.ka.punkt.de [217.29.44.10]) by gate1.intern.punkt.de with ESMTP id w779hx0R062194; Tue, 7 Aug 2018 11:43:59 +0200 (CEST) Received: from [217.29.44.49] ([217.29.44.49]) by hugo10.ka.punkt.de (8.14.2/8.14.2) with ESMTP id w779hxT9083033; Tue, 7 Aug 2018 11:43:59 +0200 (CEST) (envelope-from hausen@punkt.de) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: DHCP vs. SYNCDHCP in rc.conf From: "Patrick M. Hausen" In-Reply-To: <87tvo65yu0.wl-herbert@gojira.at> Date: Tue, 7 Aug 2018 11:43:59 +0200 Cc: freebsd-net@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <2E43A157-FFA5-47E8-92DF-21986AF89487@punkt.de> <87tvo65yu0.wl-herbert@gojira.at> To: "Herbert J. Skuhra" X-Mailer: Apple Mail (2.3273) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 09:44:01 -0000 Hi! > Am 07.08.2018 um 11:07 schrieb Herbert J. Skuhra : > Hmm, works for me! Tested on a Raspberry Pi 2 and 3 (both CURRENT) and = a > VM (11.2-RELEASE-p1 and CURRENT). Have you tried to boot with = "rc_debug=3DYES"? Weird. You are correct - I cannot reproduce which typo or similar caused it to fail before. Case closed, sorry about the noise. Patrick --=20 punkt.de GmbH Internet - Dienstleistungen - Beratung Kaiserallee 13a Tel.: 0721 9109-0 Fax: -100 76133 Karlsruhe info@punkt.de http://punkt.de AG Mannheim 108285 Gf: Juergen Egeling From owner-freebsd-net@freebsd.org Tue Aug 7 10:41:54 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 460E21057243 for ; Tue, 7 Aug 2018 10:41:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id D88C288DD6 for ; Tue, 7 Aug 2018 10:41:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 9BE181057242; Tue, 7 Aug 2018 10:41:53 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8A8B61057240 for ; Tue, 7 Aug 2018 10:41:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2D89988DD0 for ; Tue, 7 Aug 2018 10:41:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 8AD4C1E4BA for ; Tue, 7 Aug 2018 10:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w77AfqKR031330 for ; Tue, 7 Aug 2018 10:41:52 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w77Afqk0031329 for net@FreeBSD.org; Tue, 7 Aug 2018 10:41:52 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Tue, 07 Aug 2018 10:41:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 10:41:54 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 --- Comment #8 from Kajetan Staszkiewicz --- I can test it again on clean kernel if you wish, but I will compile it with INVARIANTS nevertheless, as they make the issue pop up immediately. When it comes to patches, the ones for carp system are from FreeBSD's HEAD. They are not my own. They *improve* things for FreeBSD 11.2 and but make it crash elsewhere afterwards. And sorry, but I can't agree on RC system - issuing *standard* ifconfig commands, just a bit more often than usual must not crash the kernel. And of course I have "pass" set. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Aug 7 10:44:51 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 420DD10574AE for ; Tue, 7 Aug 2018 10:44:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id D38298905D for ; Tue, 7 Aug 2018 10:44:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 969B010574AC; Tue, 7 Aug 2018 10:44:50 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8559E10574AB for ; Tue, 7 Aug 2018 10:44:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1A93D8905B for ; Tue, 7 Aug 2018 10:44:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 4B07D1E4DE for ; Tue, 7 Aug 2018 10:44:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w77AinZj037617 for ; Tue, 7 Aug 2018 10:44:49 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w77Ain5G037616 for net@FreeBSD.org; Tue, 7 Aug 2018 10:44:49 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Tue, 07 Aug 2018 10:44:49 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: version Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 10:44:51 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 Kajetan Staszkiewicz changed: What |Removed |Added ---------------------------------------------------------------------------- Version|11.1-RELEASE |11.2-RELEASE --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Tue Aug 7 15:05:12 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1727C1061897 for ; Tue, 7 Aug 2018 15:05:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id A43BF7374F for ; Tue, 7 Aug 2018 15:05:11 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 69CCE1061894; Tue, 7 Aug 2018 15:05:11 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5882A1061893 for ; Tue, 7 Aug 2018 15:05:11 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ED8387374A for ; Tue, 7 Aug 2018 15:05:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 41E872092C for ; Tue, 7 Aug 2018 15:05:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w77F5Aeo064638 for ; Tue, 7 Aug 2018 15:05:10 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w77F5AiY064637 for net@FreeBSD.org; Tue, 7 Aug 2018 15:05:10 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 131876] [socket] FD leak by receiving SCM_RIGHTS by recvmsg with small control message buffer Date: Tue, 07 Aug 2018 15:05:09 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 6.4-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: markj@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 15:05:12 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D131876 --- Comment #8 from commit-hook@freebsd.org --- A commit references this bug: Author: markj Date: Tue Aug 7 15:04:53 UTC 2018 New revision: 337421 URL: https://svnweb.freebsd.org/changeset/base/337421 Log: MFC r336957: Add a regression test related to PR 131876. PR: 131876 Changes: _U stable/11/ stable/11/tests/sys/kern/unix_passfd_test.c --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Tue Aug 7 16:37:21 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 97D6F10637F3 for ; Tue, 7 Aug 2018 16:37:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 19DB076926 for ; Tue, 7 Aug 2018 16:37:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id D336110637EE; Tue, 7 Aug 2018 16:37:20 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B184410637ED for ; Tue, 7 Aug 2018 16:37:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5328576924 for ; Tue, 7 Aug 2018 16:37:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 81E1421593 for ; Tue, 7 Aug 2018 16:37:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w77GbJ60011952 for ; Tue, 7 Aug 2018 16:37:19 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w77GbJGV011951 for net@FreeBSD.org; Tue, 7 Aug 2018 16:37:19 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 131876] [socket] FD leak by receiving SCM_RIGHTS by recvmsg with small control message buffer Date: Tue, 07 Aug 2018 16:37:18 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 6.4-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: markj@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 16:37:21 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D131876 --- Comment #9 from commit-hook@freebsd.org --- A commit references this bug: Author: markj Date: Tue Aug 7 16:36:50 UTC 2018 New revision: 337423 URL: https://svnweb.freebsd.org/changeset/base/337423 Log: Improve handling of control message truncation. If a recvmsg(2) or recvmmsg(2) caller doesn't provide sufficient space for all control messages, the kernel sets MSG_CTRUNC in the message flags to indicate truncation of the control messages. In the case of SCM_RIGHTS messages, however, we were failing to dispose of the rights that had already been externalized into the recipient's file descriptor table. Add a new function and mbuf type to handle this cleanup task, and use it any time we fail to copy control messages out to the recipient. To simplify cleanup, control message truncation is now only performed at control message boundaries. The change also fixes a few related bugs: - Rights could be leaked to the recipient process if an error occurred while copying out a message's contents. - We failed to set MSG_CTRUNC if the truncation occurred on a control message boundary, e.g., if the caller received two control messages and provided only the exact amount of buffer space needed for the first. PR: 131876 Reviewed by: ed (previous version) MFC after: 1 month Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D16561 Changes: head/sys/compat/cloudabi/cloudabi_sock.c head/sys/compat/freebsd32/freebsd32_misc.c head/sys/compat/linux/linux_socket.c head/sys/kern/uipc_syscalls.c head/sys/kern/uipc_usrreq.c head/sys/sys/mbuf.h --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Tue Aug 7 16:39:24 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A18491063959 for ; Tue, 7 Aug 2018 16:39:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 3DBD376B2D for ; Tue, 7 Aug 2018 16:39:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 02DA31063958; Tue, 7 Aug 2018 16:39:24 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E5AD21063957 for ; Tue, 7 Aug 2018 16:39:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8661276B28 for ; Tue, 7 Aug 2018 16:39:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id E58C621597 for ; Tue, 7 Aug 2018 16:39:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w77GdMGE013936 for ; Tue, 7 Aug 2018 16:39:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w77GdMW8013935 for net@FreeBSD.org; Tue, 7 Aug 2018 16:39:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 131876] [socket] FD leak by receiving SCM_RIGHTS by recvmsg with small control message buffer Date: Tue, 07 Aug 2018 16:39:23 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 6.4-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: markj@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 16:39:24 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D131876 --- Comment #10 from commit-hook@freebsd.org --- A commit references this bug: Author: markj Date: Tue Aug 7 16:39:08 UTC 2018 New revision: 337424 URL: https://svnweb.freebsd.org/changeset/base/337424 Log: Update PR 131876 regression tests after r337423. - Add some more cases to the truncation test. - Remove the "expect fail" annotations. PR: 131876 MFC after: 1 month Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D16562 Changes: head/tests/sys/kern/unix_passfd_test.c --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Tue Aug 7 22:22:46 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A5004106CC26 for ; Tue, 7 Aug 2018 22:22:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 42F6483EB3 for ; Tue, 7 Aug 2018 22:22:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 070C1106CC25; Tue, 7 Aug 2018 22:22:46 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D93B4106CC24 for ; Tue, 7 Aug 2018 22:22:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7030483EB1 for ; Tue, 7 Aug 2018 22:22:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id B39A424618 for ; Tue, 7 Aug 2018 22:22:44 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w77MMiXP027886 for ; Tue, 7 Aug 2018 22:22:44 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w77MMiAV027883 for net@FreeBSD.org; Tue, 7 Aug 2018 22:22:44 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Tue, 07 Aug 2018 22:22:44 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Aug 2018 22:22:46 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 --- Comment #9 from Kajetan Staszkiewicz --- Non-patched 11.2-RELEASE-p1 kernel with only change being lines: options INVARIANTS options INVARIANT_SUPPORT in kernel configuration file produces the same result and to cause it all w= hich has to be done is to add the same carp address twice: [22:14:37] kajetan-test-aw-3 ~/ # sudo kldload carp [22:14:47] kajetan-test-aw-3 ~/ # sudo ifconfig vtnet0 vhid 254 pass random= pass=20 [22:14:57] kajetan-test-aw-3 ~/ # sudo ifconfig vtnet0 inet6 2a00:X:0001::1= /128 vhid 254 alias [22:15:22] kajetan-test-aw-3 ~/ # sudo ifconfig vtnet0 inet6 2a00:X:0001::1= /128 vhid 254 alias panic: carp_attach: ifa 0xfffff80003dd5a00 attached #0 doadump (textdump=3D) at pcpu.h:229 #1 0xffffffff80ac4b0c in kern_reboot (howto=3D260) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/kern/kern_shutdown.c:383 #2 0xffffffff80ac5021 in vpanic (fmt=3D, ap=3D) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/kern/kern_shutdown.c:776 #3 0xffffffff80ac4e00 in kassert_panic (fmt=3D) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/kern/kern_shutdown.c:666 #4 0xffffffff8223c655 in carp_attach (ifa=3D0xfffff80003dd5a00, vhid=3D127= ) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/netinet/ip_carp.c:1806 #5 0xffffffff80cc0a72 in in6_control (so=3D, cmd=3D, data=3D, ifp=3D, td=3D) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/netinet6/in6.c:572 #6 0xffffffff80baea29 in ifioctl (so=3D0xfffff800058d1000, cmd=3D215642345= 1, data=3D, td=3D0xfffff80005d17620) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/net/if.c:3071 #7 0xffffffff80b261a9 in kern_ioctl (td=3D0xfffff80005d17620, fd=3D, com=3D, data=3D) = at file.h:323 #8 0xffffffff80b25e7c in sys_ioctl (td=3D0xfffff80005d17620, uap=3D0xfffff80005d17b58) at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/kern/sys_generic.c:745 #9 0xffffffff80f38509 in amd64_syscall (td=3D0xfffff80005d17620, traced=3D= 0) at subr_syscall.c:132 #10 0xffffffff80f1447d in fast_syscall_common () at /usr/home/kajetan.staszkiewicz/freebsd.git/sys/amd64/amd64/exception.S:479 #11 0x0000000800fddf7a in ?? () Now you have a nice issue for 11.2. I really don't feel like repeating the = rest information I already gave. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Wed Aug 8 13:29:30 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A16D8105C312 for ; Wed, 8 Aug 2018 13:29:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 38CA67DF9C for ; Wed, 8 Aug 2018 13:29:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id F21BC105C310; Wed, 8 Aug 2018 13:29:29 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E09AF105C30F for ; Wed, 8 Aug 2018 13:29:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7F57D7DF9B for ; Wed, 8 Aug 2018 13:29:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id DE60FC500 for ; Wed, 8 Aug 2018 13:29:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w78DTSMC021884 for ; Wed, 8 Aug 2018 13:29:28 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w78DTSPW021883 for net@FreeBSD.org; Wed, 8 Aug 2018 13:29:28 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Wed, 08 Aug 2018 13:29:27 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: egypcio@googlemail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 13:29:30 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 --- Comment #10 from Vin=C3=ADcius Zavam --- (In reply to Kajetan Staszkiewicz from comment #9) good that you really took it personal (although that was not the intention). the idea was/is to have the closest scenario to reproduce any panic regardi= ng the branch you reported as problematic, but not 'Something Completely Different'. now that you reported using 11.2-RELEASE base and its GENERIC kernel with o= nly these two extra options might help a little more others to reproduce and tr= y a fix (if you do not have one already to suggest). ty for your time and concern :) --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Wed Aug 8 14:33:58 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 07401105DB11 for ; Wed, 8 Aug 2018 14:33:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 97C888057E for ; Wed, 8 Aug 2018 14:33:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 5A7B2105DB0E; Wed, 8 Aug 2018 14:33:57 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 48F30105DB0D for ; Wed, 8 Aug 2018 14:33:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DD1E58057B for ; Wed, 8 Aug 2018 14:33:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 48DE3CEB8 for ; Wed, 8 Aug 2018 14:33:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w78EXuCC077428 for ; Wed, 8 Aug 2018 14:33:56 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w78EXuxu077427 for net@FreeBSD.org; Wed, 8 Aug 2018 14:33:56 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228802] [aarch64] network throughput regression in 12.0-CURRENT Date: Wed, 08 Aug 2018 14:33:56 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: hlh@restart.be X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-arm@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback+ X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 14:33:58 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228802 --- Comment #25 from hlh@restart.be --- I try with 12.0-CURRENT r336112 and patch from https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229644 The throughput regression is still there --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Wed Aug 8 16:10:16 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3A0AC106078A for ; Wed, 8 Aug 2018 16:10:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id C010C83CD1 for ; Wed, 8 Aug 2018 16:10:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 824DA1060789; Wed, 8 Aug 2018 16:10:15 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 710C81060788 for ; Wed, 8 Aug 2018 16:10:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 118E683CC9 for ; Wed, 8 Aug 2018 16:10:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 468F6DB52 for ; Wed, 8 Aug 2018 16:10:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w78GAEVx052554 for ; Wed, 8 Aug 2018 16:10:14 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w78GAEPd052553 for net@FreeBSD.org; Wed, 8 Aug 2018 16:10:14 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 209682] [panic] [netinet] arptimer race Date: Wed, 08 Aug 2018 16:10:13 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: crash, patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 16:10:16 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D209682 --- Comment #16 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Wed Aug 8 16:09:29 UTC 2018 New revision: 337460 URL: https://svnweb.freebsd.org/changeset/base/337460 Log: MFC r336405: Move invoking of callout_stop(&lle->lle_timer) into llentry_free(). This deduplicates the code a bit, and also implicitly adds missing callout_stop() to in[6]_lltable_delete_entry() functions. PR: 209682, 225927 Changes: _U stable/11/ stable/11/sys/net/if_llatbl.c stable/11/sys/netinet/in.c stable/11/sys/netinet6/in6.c --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Wed Aug 8 16:10:18 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8A0E0106079A for ; Wed, 8 Aug 2018 16:10:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 2780C83CF7 for ; Wed, 8 Aug 2018 16:10:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id E04A1106078F; Wed, 8 Aug 2018 16:10:17 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CF2E2106078D for ; Wed, 8 Aug 2018 16:10:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6462983CF0 for ; Wed, 8 Aug 2018 16:10:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 9B001DB57 for ; Wed, 8 Aug 2018 16:10:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w78GAGbh052581 for ; Wed, 8 Aug 2018 16:10:16 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w78GAGG2052580 for net@FreeBSD.org; Wed, 8 Aug 2018 16:10:16 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 225927] [panic] NULL pointer dereference in nd6_llinfo_timer() Date: Wed, 08 Aug 2018 16:10:16 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: crash X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 16:10:18 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225927 --- Comment #12 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Wed Aug 8 16:09:29 UTC 2018 New revision: 337460 URL: https://svnweb.freebsd.org/changeset/base/337460 Log: MFC r336405: Move invoking of callout_stop(&lle->lle_timer) into llentry_free(). This deduplicates the code a bit, and also implicitly adds missing callout_stop() to in[6]_lltable_delete_entry() functions. PR: 209682, 225927 Changes: _U stable/11/ stable/11/sys/net/if_llatbl.c stable/11/sys/netinet/in.c stable/11/sys/netinet6/in6.c --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Wed Aug 8 17:23:59 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 794D710637D1 for ; Wed, 8 Aug 2018 17:23:59 +0000 (UTC) (envelope-from longwitz@incore.de) Received: from dss.incore.de (dss.incore.de [195.145.1.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1956B88437 for ; Wed, 8 Aug 2018 17:23:58 +0000 (UTC) (envelope-from longwitz@incore.de) Received: from inetmail.dmz (inetmail.dmz [10.3.0.3]) by dss.incore.de (Postfix) with ESMTP id DA460EE1 for ; Wed, 8 Aug 2018 19:23:50 +0200 (CEST) X-Virus-Scanned: amavisd-new at incore.de Received: from dss.incore.de ([10.3.0.3]) by inetmail.dmz (inetmail.dmz [10.3.0.3]) (amavisd-new, port 10024) with LMTP id Lb3NKdCkYQZx for ; Wed, 8 Aug 2018 19:23:49 +0200 (CEST) Received: from mail.local.incore (fwintern.dmz [10.0.0.253]) by dss.incore.de (Postfix) with ESMTP id 9FACCEC1 for ; Wed, 8 Aug 2018 19:23:49 +0200 (CEST) Received: from bsdmhs.longwitz (unknown [192.168.99.6]) by mail.local.incore (Postfix) with ESMTP id 858C7330 for ; Wed, 8 Aug 2018 19:23:49 +0200 (CEST) Message-ID: <5B6B2725.9030306@incore.de> Date: Wed, 08 Aug 2018 19:23:49 +0200 From: Andreas Longwitz User-Agent: Thunderbird 2.0.0.19 (X11/20090113) MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: natd sends wrong sequence number when a retransmitted PASV packet comes in Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 17:23:59 -0000 On a firewall machine I use FreeBSD 10.4-STABLE #0 r331239. I run ipfw/natd as a security guard for my production FTP server. That works fine for many years. But now one of my customers runs his ftp clients in a not very stable environment, so sometimes a few packets are lost. Thats ok and TCP handles this nconspicuous. But there is one exception caused by a possible bug in natd: On in incoming "PASV" my FTP server answers with 227 Entering Passive Mode (195,145,1,138,175,174)\r\n wirshark gives Seq: 415 (4a4a5ed0), Ack: 83, Len: 51 and natd returns this message to the ftp client. If this answer is dropped for what reason ever the client repeats his "PASV" and my FTP server repeats his 227 answer too. Now natd finds that he has the port (175,174) already in his tables and sends a new random port number to the client: 227 Entering Passive Mode (195,145,1,138,195,71)\r\b wirshark gives Seq: 415 (4a4a5ed0), Ack: 83, Len: 50 The bug occurs when natd sends the next packet to the ftp client. This packet must have sequence number 455, but it has 466 and TCP cannot handle this situation, the connection breaks because the client sends RST after some retries. In the example above next packet going out was only an ACK wireshark gives Seq: 466 (4a4a5f03), Ack: 83, Len: 0 I have extended the PrintPacket() function of natd to see the value of th_seq in the verbose output: Out [TCP] 10.2.0.3:21 -> 44.222.180.186:35512 seq:4a4a5ecb aliased to [TCP] 195.145.1.138:21 -> 44.222.180.186:35512 seq:4a4a5ed0 Out [TCP] 10.2.0.3:21 -> 44.222.180.186:35512 seq:4a4a5ecb aliased to [TCP] 195.145.1.138:21 -> 44.222.180.186:35512 seq:4a4a5ed0 Out [TCP] 10.2.0.3:21 -> 44.222.180.186:35512 seq:4a4a5ef9 aliased to [TCP] 195.145.1.138:21 -> 44.222.180.186:35512 seq:4a4a5f03 >From these debug information I can conclude that natd is responsible for the wrong sequence number, the kernel does not change this. This bug occurs every time, when an outgoing 227 packet gets dropped, but only if the length of the second outgoing 227 packet is not equal to the length of the first 227 dropped packet. In the example the length changed form 50 to 51. I also can give some information from alias_ftp.c: First 227 message: ParseFtp227Reply: dlen=46, Entering Passive Mode (10,2,0,3,175,174)\r\n NewFtpMessage: dlen=46, 227 Entering Passive Mode (195,145,1,138,175,174)\r\n slen=51, delta=5, seq=4a4a5ecb, ip_len=98, new_len=103, index=1 Second 227 message: ParseFtp227Reply: dlen=46, Entering Passive Mode (10,2,0,3,175,174)\r\n NewFtpMessage: dlen=46, 227 Entering Passive Mode (195,145,1,138,195,71)\r\n slen=50, delta=5, seq=4a4a5ecb, ip_len=98, new_len=102, index=2 Andreas Longwitz From owner-freebsd-net@freebsd.org Wed Aug 8 18:00:27 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D5DAE1065392 for ; Wed, 8 Aug 2018 18:00:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 739818A9D1 for ; Wed, 8 Aug 2018 18:00:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 347D41065390; Wed, 8 Aug 2018 18:00:27 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2365E106538E for ; Wed, 8 Aug 2018 18:00:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BAB178A9CD for ; Wed, 8 Aug 2018 18:00:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 2425DEAB0 for ; Wed, 8 Aug 2018 18:00:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w78I0QCt099324 for ; Wed, 8 Aug 2018 18:00:26 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w78I0Qj8099313 for net@FreeBSD.org; Wed, 8 Aug 2018 18:00:26 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 230465] ixl: not working in netmap mode Date: Wed, 08 Aug 2018 18:00:25 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: halfling@halfling.com.br X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 18:00:28 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230465 Charles Goncalves changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |net@FreeBSD.org --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Wed Aug 8 18:45:24 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9646B1066BA8 for ; Wed, 8 Aug 2018 18:45:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 348228CB56 for ; Wed, 8 Aug 2018 18:45:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id E95EF1066BA6; Wed, 8 Aug 2018 18:45:23 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D7FC61066BA3 for ; Wed, 8 Aug 2018 18:45:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7ADC48CB54 for ; Wed, 8 Aug 2018 18:45:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id C1B59F2B6 for ; Wed, 8 Aug 2018 18:45:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w78IjMcL057779 for ; Wed, 8 Aug 2018 18:45:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w78IjM0d057778 for net@FreeBSD.org; Wed, 8 Aug 2018 18:45:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Wed, 08 Aug 2018 18:45:22 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 18:45:24 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 --- Comment #11 from Kajetan Staszkiewicz --- The fix is mentioned in my message dated 2018-08-03 15:36:02 UTC. Please st= op fixating on the fact that I have patched kernel and start reading my messag= es *thoroughly* instead. The issue seems not carp-specific anymore with some patches from HEAD appli= ed. I'll search if there is a better issue already opened and if not, open anot= her one. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Wed Aug 8 19:01:13 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 694921067A7B for ; Wed, 8 Aug 2018 19:01:12 +0000 (UTC) (envelope-from jhay@meraka.org.za) Received: from marge.meraka.csir.co.za (marge.meraka.csir.co.za [IPv6:2001:4200:7000:3::1]) by mx1.freebsd.org (Postfix) with ESMTP id 6A93C8E3FD for ; Wed, 8 Aug 2018 19:01:10 +0000 (UTC) (envelope-from jhay@meraka.org.za) Received: from marge.meraka.csir.co.za (localhost [127.0.0.1]) by marge.meraka.csir.co.za (Postfix) with ESMTP id D504F49ED for ; Wed, 8 Aug 2018 21:01:00 +0200 (SAST) X-Virus-Scanned: amavisd-new at meraka.org.za Received: from marge.meraka.csir.co.za ([127.0.0.1]) by marge.meraka.csir.co.za (marge.meraka.csir.co.za [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N4ffL6U2-HF5 for ; Wed, 8 Aug 2018 21:00:59 +0200 (SAST) Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by marge.meraka.csir.co.za (Postfix) with ESMTPSA for ; Wed, 8 Aug 2018 21:00:58 +0200 (SAST) Received: by mail-wr1-f53.google.com with SMTP id h15-v6so2924644wrs.7 for ; Wed, 08 Aug 2018 12:00:58 -0700 (PDT) X-Gm-Message-State: AOUpUlG2OBPw+YLjGG/IBjDyKQM99GWE2Zdd24/WkYrXWTwSXw3P2rk+ Mq8WG/mn+Esn3MyZN/dT0SRmpp4laYdAO+2ASXwI4A== X-Google-Smtp-Source: AA+uWPz+H6j/DgsNgAzaw1XkN2HXuYdpHfVVxGtkraI9ukUcBtQFgiYM8sglHUcsk+xuNyQOhytcMWBdHAQFVofenuU= X-Received: by 2002:adf:fdcd:: with SMTP id i13-v6mr2592095wrs.276.1533754856706; Wed, 08 Aug 2018 12:00:56 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:adf:e40c:0:0:0:0:0 with HTTP; Wed, 8 Aug 2018 12:00:56 -0700 (PDT) From: John Hay Date: Wed, 8 Aug 2018 21:00:56 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: route6d terminated with signal 11, Segmentation fault, Was: Bug in route6d? To: freebsd-net@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 19:01:13 -0000 Hi, I have logged it as a bug with a possible patch: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229807 Regards John On 8 July 2018 at 09:46, John Hay wrote: > Hi All, > > I have a small ntp server (PC Engines APU), with an ipv6 subnet on lo0 > with route6d to advertise it. A few minutes after almost every reboot, > route6d will crash with a sig 11. If I then restart route6d, it will run > until the next time I reboot. I think it is when re0 finally gets a global > ipv6 address. > > Currently it is running 11.2, but the problem is not new. It has been > there in 10.x and before. > > A sanitised piece of rc.conf looks like this: > > # Disable to make ipv6 work > ifconfig_re0="-rxcsum -txcsum" > ipv4_addrs_re0="X.Y.8.18/24" > ipv4_addrs_lo0="X.Y.58.41/32" > ifconfig_re0_ipv6="inet6 accept_rtadv" > ifconfig_lo0_alias0="inet6 2001:A:B:C::1/64" > defaultrouter="X.Y.8.1" > route6d_enable="YES" > route6d_flags="-s" > ipv6_gateway_enable="YES" > > > Gdb says: > > > root@tick:/ # gdb /usr/sbin/route6d /route6d.old.core > GNU gdb 6.1.1 [FreeBSD] > ... > Core was generated by `/usr/sbin/route6d -s'. > Program terminated with signal 11, Segmentation fault. > Reading symbols from /lib/libc.so.7...Reading symbols from > /usr/lib/debug//lib/libc.so.7.debug...done. > done. > Loaded symbols for /lib/libc.so.7 > Reading symbols from /libexec/ld-elf.so.1...Reading symbols from > /usr/lib/debug//libexec/ld-elf.so.1.debug...done. > done. > Loaded symbols for /libexec/ld-elf.so.1 > #0 ifrt (ifcp=0x800e38000, again=1) at /usr/src/usr.sbin/route6d/ > route6d.c:2206 > 2206 TAILQ_REMOVE(&riprt_head, rrt, rrt_next); > (gdb) > > > Looking at the code, I think rrt should not be removed, but rather > search_rrt and it should be freed afterwards? Route6d has now survived a > few reboots with the following patch. > > > --- route6d.c.org 2018-06-22 01:03:51.000000000 +0200 > +++ route6d.c 2018-07-08 08:23:53.279925000 +0200 > @@ -2203,8 +2203,9 @@ > goto next; > } > > - TAILQ_REMOVE(&riprt_head, rrt, rrt_next); > - delroute(&rrt->rrt_info, &rrt->rrt_gw); > + TAILQ_REMOVE(&riprt_head, search_rrt, > rrt_next); > + delroute(&search_rrt->rrt_info, > &search_rrt->rrt_gw); > + free(search_rrt); > } > /* Attach the route to the list */ > trace(1, "route: %s/%d: register route (%s)\n", > > > Regards > > John > -- > John Hay > > From owner-freebsd-net@freebsd.org Wed Aug 8 19:30:25 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0655A10687BD for ; Wed, 8 Aug 2018 19:30:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 602FC8FE4D for ; Wed, 8 Aug 2018 19:30:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 23E3210687B6; Wed, 8 Aug 2018 19:30:24 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 12C5810687B5 for ; Wed, 8 Aug 2018 19:30:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AA4E18FE47 for ; Wed, 8 Aug 2018 19:30:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id F0886F84E for ; Wed, 8 Aug 2018 19:30:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w78JUMtm066766 for ; Wed, 8 Aug 2018 19:30:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w78JUMET066765 for net@FreeBSD.org; Wed, 8 Aug 2018 19:30:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 230465] ixl: not working in netmap mode Date: Wed, 08 Aug 2018 19:30:22 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: m.muenz@spam-fetish.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2018 19:30:25 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230465 Michael changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |m.muenz@spam-fetish.org --- Comment #1 from Michael --- X710 has a couple of problem with netmap.=20 Also experienced it with all available firmware versions for the NIC. I just downgraded to X520 or Chelsio. For me the NIC just freezes, carrier active and seeing incoming packets via tcpdump but nothing else ... --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 03:56:38 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CF933105279C for ; Thu, 9 Aug 2018 03:56:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 6D4537DB6F for ; Thu, 9 Aug 2018 03:56:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 2EE00105279A; Thu, 9 Aug 2018 03:56:38 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1D9361052799 for ; Thu, 9 Aug 2018 03:56:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B05327DB69 for ; Thu, 9 Aug 2018 03:56:37 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 0396613FD1 for ; Thu, 9 Aug 2018 03:56:37 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w793uaUI042229 for ; Thu, 9 Aug 2018 03:56:36 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w793uaa3042228 for net@FreeBSD.org; Thu, 9 Aug 2018 03:56:36 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 230465] ixl: not working in netmap mode Date: Thu, 09 Aug 2018 03:56:36 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-STABLE X-Bugzilla-Keywords: IntelNetworking X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: keywords cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 03:56:39 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230465 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |IntelNetworking CC| |sbruno@FreeBSD.org --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 03:57:41 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BD3531052866 for ; Thu, 9 Aug 2018 03:57:41 +0000 (UTC) (envelope-from dpd@dpdtech.com) Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DA367DC59 for ; Thu, 9 Aug 2018 03:57:41 +0000 (UTC) (envelope-from dpd@dpdtech.com) Received: by mail-pf1-x436.google.com with SMTP id e13-v6so2163507pff.7 for ; Wed, 08 Aug 2018 20:57:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dpdtech.com; s=google; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=k4NF4hs1TFxSZNBloKD16PqIui2+WrJxUzQkkX6jraU=; b=XT9qJ4bLe4c4qeiORhhSjrsMxt/YHJIV3Mi3WwVtyVUASbRja9Zy2zGwju9OGYnnv/ dXf9q7o0birK7VXE1K/baoGtpSgKYok5oWHM0b63xV9AngVRNGsBwVVxkn7te9YrT5ly fTk31P1Y05scW0jRz+FoqKDY1kV4vhF/JFkKU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=k4NF4hs1TFxSZNBloKD16PqIui2+WrJxUzQkkX6jraU=; b=RY1rkS9QWx/s4/bRoH40K2JYRHUj6h6bUoGEnxyBA2euEZIVNmf/WtQPtJYFNPhG2Y 97OEh2WXVVShBBC7EtGiw8rcd7K4mJVSB040NQj1ZreYGHFkIQioSqe5ywJvxi0coTuq /30oA4UYOYlved1dLffBH255Ycrsr7CgFdmaTVS+AMX1Fq7ghQDsP0U/J/BjN/Dru3Ff cyd8s09HCiDkbOr6fZJvW1Y6EhU91KxwKGwnoVyI8iiDVhSzE9BG6glB4MToFZXlN3M+ 68CrPlb/jp5Mq43b+VJknw2U6hf4FAGu78Mdn+aW0yrG4k4SZbHTiyFfyLigxThC0UMz KOpA== X-Gm-Message-State: AOUpUlH5UZT/AEs+aKxL2h2q2mOf4cwNJ38eXyut9UjhzNchU5ihOXAS zgVrx1m+cVfLyaNKj70ko62h3R63BbQ= X-Google-Smtp-Source: AA+uWPxdPDY+uO5iSruq5v4Vs6+GOLENYu1oneV0DU5dBXORYaAS6BrbTWxYZNUzZX7zYIabThnRPg== X-Received: by 2002:a62:5302:: with SMTP id h2-v6mr485803pfb.183.1533787059927; Wed, 08 Aug 2018 20:57:39 -0700 (PDT) Received: from ?IPv6:2620:131:c001:105:5473:6282:d15:9a86? ([2620:131:c001:105:5473:6282:d15:9a86]) by smtp.gmail.com with ESMTPSA id s195-v6sm15773912pgs.76.2018.08.08.20.57.38 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Aug 2018 20:57:38 -0700 (PDT) From: "David P. Discher" Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Is if_ipsec/ipsec - AESNI accelerated ? Message-Id: Date: Wed, 8 Aug 2018 20:57:36 -0700 To: freebsd-net@freebsd.org X-Mailer: Apple Mail (2.3273) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 03:57:41 -0000 I=E2=80=99m suspecting that IPSec in FreeBSD is not leveraging AESNI on = Intel. Is this correct ? A small system, with an Atom C2758 and AESNI can hit 940-950 Mbps on a = 1g copper link SCPing a file with Chiper=3Daes256-gcm. SSH/OpenSSL = automatically uses AESNI if available. (Side Note, loading cryptodev - = openSSH/SSL will grab crypto dev and cut your speed in half). Same with = un-encryrpted iperf2/3, even with just a single TCP connection. Over an IPsec tunnel, this same system bottle necks at 180 Mbps. These = systems are on the same vlan and subnet, same physical switch - so = direct route. So, does IPSec use AESNI ? I would have at least expected 600-700 Mbps. -- David P. Discher=20 https://davidpdischer.com/ From owner-freebsd-net@freebsd.org Thu Aug 9 04:14:08 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D263A10535DC for ; Thu, 9 Aug 2018 04:14:08 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:d12:604::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 594AE7E5AD for ; Thu, 9 Aug 2018 04:14:08 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id w794Dwii004114 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 9 Aug 2018 06:13:59 +0200 (CEST) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: dpd@dpdtech.com Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id w794DnuB013659 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 9 Aug 2018 11:13:49 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? To: "David P. Discher" , freebsd-net@freebsd.org References: From: Eugene Grosbein Message-ID: <0f4d3532-cb34-e606-4deb-593b4116495c@grosbein.net> Date: Thu, 9 Aug 2018 11:13:46 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM,SPF_PASS autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -0.0 SPF_PASS SPF: sender matches SPF record * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 04:14:09 -0000 09.08.2018 10:57, David P. Discher wrote: > I’m suspecting that IPSec in FreeBSD is not leveraging AESNI on Intel. Is this correct ? > > A small system, with an Atom C2758 and AESNI can hit 940-950 Mbps on a 1g copper link SCPing a file with Chiper=aes256-gcm. SSH/OpenSSL automatically uses AESNI if available. (Side Note, loading cryptodev - openSSH/SSL will grab crypto dev and cut your speed in half). Same with un-encryrpted iperf2/3, even with just a single TCP connection. > > Over an IPsec tunnel, this same system bottle necks at 180 Mbps. These systems are on the same vlan and subnet, same physical switch - so direct route. > > So, does IPSec use AESNI ? I would have at least expected 600-700 Mbps. Do you have aesni(4) driver in the kernel or loaded as module? It is present in FreeBSD since version 9.0 From owner-freebsd-net@freebsd.org Thu Aug 9 05:28:40 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 589351055ACD for ; Thu, 9 Aug 2018 05:28:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id D3D3580F54 for ; Thu, 9 Aug 2018 05:28:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 984F71055ACB; Thu, 9 Aug 2018 05:28:39 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 86E8B1055ACA for ; Thu, 9 Aug 2018 05:28:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 287C280F51 for ; Thu, 9 Aug 2018 05:28:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 6F64014C6B for ; Thu, 9 Aug 2018 05:28:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w795ScDb084493 for ; Thu, 9 Aug 2018 05:28:38 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w795Scub084492 for net@FreeBSD.org; Thu, 9 Aug 2018 05:28:38 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228108] if_ipsec drops all the icmp v4&v6 error messages Date: Thu, 09 Aug 2018 05:28:37 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11+ X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 05:28:40 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228108 --- Comment #10 from Andrey V. Elsukov --- (In reply to dpd from comment #9) > This change breaks ICMP ECHO (pings) to the receiving end of peer to peer > /30 of the IPsec tunnel between FreeBSD and Juniper JunOS on their SRX > products.=20 >=20 > To JunOS 12.x, this seems to block both ICMP and BGP packets to the other > end of the tunnel (being compared to 11.1-STABLE r331329), which works in > this setup. >=20 > To JunOS 17.x and an SRX, OSPF seems to work, but ICMP ECHO does not. (I > don't yet have BGP in this setup). >=20 > However, between 11.1-STABLE r331329 and 11.2-STABLE r335594, IPsec tunne= ls > get established, pings work, and BGP does establish. >=20 > In the case of 11.2 -> JunOS 17, the tunnels and OSPF did come up, and IC= MP > does work routed across the tunnel, just not to the tunnel's termination > point.=20 >=20 > I can't seem to explain it, and seemly a little strange mix of OS and > hardware, but reverting this one line seemed to fix all the issues I had. I have no idea how this commit can affect something. It should only affect inbound ICMP errors handling. Are you sure that described problems is not something related to misconfiguration across several booting? --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 05:37:54 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CECD81055F7B for ; Thu, 9 Aug 2018 05:37:54 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from forward105p.mail.yandex.net (forward105p.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Yandex CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4A85A8150C for ; Thu, 9 Aug 2018 05:37:53 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mxback6j.mail.yandex.net (mxback6j.mail.yandex.net [IPv6:2a02:6b8:0:1619::10f]) by forward105p.mail.yandex.net (Yandex) with ESMTP id 770974084DA4; Thu, 9 Aug 2018 08:37:51 +0300 (MSK) Received: from smtp1j.mail.yandex.net (smtp1j.mail.yandex.net [2a02:6b8:0:801::ab]) by mxback6j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id xLqWF7Rsc5-bpxqK3EA; Thu, 09 Aug 2018 08:37:51 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1533793071; bh=An6PvTyqVq2R5vHFsd3Z44+8Yz6Sk9jsF9VcqbUbHSA=; h=Subject:To:References:From:Message-ID:Date:In-Reply-To; b=e7bIKm9RriRYXrZrfLLWf/i8RBFO0eSn3f2sS5kmhpSFC9IjhYqfmUEP+qZGtWKmD RlJTifpYF8wBB9jgMtBbuS04jvfpcsWqAs+jWXGPZk86Xh8RjF8ee4qC538buyt6Yp q3KOrknf3zBg8N53COAj+QHsqRt2w0bWL2/ca4ko= Received: by smtp1j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id ClC87W4Qrk-boCqStO6; Thu, 09 Aug 2018 08:37:50 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client certificate not present) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1533793070; bh=An6PvTyqVq2R5vHFsd3Z44+8Yz6Sk9jsF9VcqbUbHSA=; h=Subject:To:References:From:Message-ID:Date:In-Reply-To; b=R/Pj/ArAwQcOKibmHZfamEgevul28WSZQKNbqztav5M2+LDaBCnjH50ncZ5u6P3vN vwRmE9lyn0g06ky0CxeJ3uHgXkX+60bQqfujaXLIqvSQpuVW+BjyB++vq10LVb1rHZ hWAnDFB+KatjgWt7+St/30qnT/pij91RVgHa6ots= Authentication-Results: smtp1j.mail.yandex.net; dkim=pass header.i=@yandex.ru Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? To: "David P. Discher" , freebsd-net@freebsd.org References: From: "Andrey V. Elsukov" Openpgp: id=E6591E1B41DA1516F0C9BC0001C5EA0410C8A17A Autocrypt: addr=bu7cher@yandex.ru; prefer-encrypt=mutual; keydata= xsBNBEwBF1kBCADB9sXFhBEUy8qQ4X63Y8eBatYMHGEFWN9ypS5lI3RE6qQW2EYbxNk7qUC5 21YIIS1mMFVBEfvR7J9uc7yaYgFCEb6Sce1RSO4ULN2mRKGHP3/Sl0ijZEjWHV91hY1YTHEF ZW/0GYinDf56sYpDDehaBF5wkWIo1+QK5nmj3vl0DIDCMNd7QEiWpyLVwECgLX2eOAXByT8B bCqVhJGcG6iFP7/B9Ll6uX5gb8thM9LM+ibwErDBVDGiOgvfxqidab7fdkh893IBCXa82H9N CNwnEtcgzh+BSKK5BgvPohFMgRwjti37TSxwLu63QejRGbZWSz3OK3jMOoF63tCgn7FvABEB AAHNIkFuZHJleSBWLiBFbHN1a292IDxhZUBmcmVlYnNkLm9yZz7CwHsEEwECACUCGwMGCwkI BwMCBhUIAgkKCwQWAgMBAh4BAheABQJMB/ruAhkBAAoJEAHF6gQQyKF6MLwH/3Ri/TZl9uo0 SepYWXOnxL6EaDVXDA+dLb1eLKC4PRBBjX29ttQ0KaWapiE6y5/AfzOPmRtHLrHYHjd/aiHX GMLHcYRXD+5GvdkK8iMALrZ28X0JXyuuZa8rAxWIWmCbYHNSBy2unqWgTI04Erodk90IALgM 9JeHN9sFqTM6zalrMnTzlcmel4kcjT3lyYw3vOKgoYLtsLhKZSbJoVVVlvRlGBpHFJI5AoYJ SyfXoN0rcX6k9X7Isp2K50YjqxV4v78xluh1puhwZyC0p8IShPrmrp9Oy9JkMX90o6UAXdGU KfdExJuGJfUZOFBTtNIMNIAKfMTjhpRhxONIr0emxxDOwE0ETAEXWQEIAJ2p6l9LBoqdH/0J PEFDY2t2gTvAuzz+8zs3R03dFuHcNbOwjvWCG0aOmVpAzkRa8egn5JB4sZaFUtKPYJEQ1Iu+ LUBwgvtXf4vWpzC67zs2dDuiW4LamH5p6xkTD61aHR7mCB3bg2TUjrDWn2Jt44cvoYxj3dz4 S49U1rc9ZPgD5axCNv45j72tggWlZvpefThP7xT1OlNTUqye2gAwQravXpZkl5JG4eOqJVIU X316iE3qso0iXRUtO7OseBf0PiVmk+wCahdreHOeOxK5jMhYkPKVn7z1sZiB7W2H2TojbmcK HZC22sz7Z/H36Lhg1+/RCnGzdEcjGc8oFHXHCxUAEQEAAcLAXwQYAQIACQUCTAEXWQIbDAAK CRABxeoEEMihegkYCAC3ivGYNe2taNm/4Nx5GPdzuaAJGKWksV+w9mo7dQvU+NmI2az5w8vw 98OmX7G0OV9snxMW+6cyNqBrVFTu33VVNzz9pnqNCHxGvj5dL5ltP160JV2zw2bUwJBYsgYQ WfyJJIM7l3gv5ZS3DGqaGIm9gOK1ANxfrR5PgPzvI9VxDhlr2juEVMZYAqPLEJe+SSxbwLoz BcFCNdDAyXcaAzXsx/E02YWm1hIWNRxanAe7Vlg7OL+gvLpdtrYCMg28PNqKNyrQ87LQ49O9 50IIZDOtNFeR0FGucjcLPdS9PiEqCoH7/waJxWp6ydJ+g4OYRBYNM0EmMgy1N85JJrV1mi5i Message-ID: Date: Thu, 9 Aug 2018 08:37:04 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="Uf2Hhj2k6cBpKr8PtEMawmb8aBllDHAAG" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 05:37:55 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Uf2Hhj2k6cBpKr8PtEMawmb8aBllDHAAG Content-Type: multipart/mixed; boundary="eLsGDHc7TdApySAvFeZAV7FG48CkFICad"; protected-headers="v1" From: "Andrey V. Elsukov" To: "David P. Discher" , freebsd-net@freebsd.org Message-ID: Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? References: In-Reply-To: --eLsGDHc7TdApySAvFeZAV7FG48CkFICad Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 09.08.2018 06:57, David P. Discher wrote: > I=E2=80=99m suspecting that IPSec in FreeBSD is not leveraging AESNI on= Intel. Is this correct ? IPsec uses crypto(9) framework that works by default without any acceleration. You need to load aesni(4) kernel module to enable acceleration. Also, you need to recreate security associations after module loading to take effect. --=20 WBR, Andrey V. Elsukov --eLsGDHc7TdApySAvFeZAV7FG48CkFICad-- --Uf2Hhj2k6cBpKr8PtEMawmb8aBllDHAAG Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAltr0wAACgkQAcXqBBDI oXp/bgf8D3YGjRMylF0OfpgfQPSZDbfR7VS7pe0fdeqgXIiqZa1jwqPBr3bPGbrR JQLWTHpWLE1NRsCZT5qRSIKwBeqggLpiDDWmK6YGf4jqHqs3X8RMQFi+eK/L+dUV XR+IShei/yOGJDwBNzk+3bLa2FWyyQDkG05rqva500gaSX3I/OBmHM0EVQ+e4hYp 0zF11UraSouM3H2sXgu2k9eL/QrvjOF3ytbN0hjnqhgJD3ulhh0JhHxVjg6TVVAC xSFPWHCLwez1IsGrYvMIhjIRBMBFQ1XeZRXjOkWSthjtzBU5MLGK4S7iIHZRi7qh Qa/KopyWh7LzkfU591vBLLMb8X59Pw== =C0+G -----END PGP SIGNATURE----- --Uf2Hhj2k6cBpKr8PtEMawmb8aBllDHAAG-- From owner-freebsd-net@freebsd.org Thu Aug 9 06:50:02 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 64A561057444 for ; Thu, 9 Aug 2018 06:50:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id EFE2F8308E for ; Thu, 9 Aug 2018 06:50:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id B1E481057441; Thu, 9 Aug 2018 06:50:01 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A086F1057440 for ; Thu, 9 Aug 2018 06:50:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4007D83087 for ; Thu, 9 Aug 2018 06:50:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 762FA15786 for ; Thu, 9 Aug 2018 06:50:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w796o0De030552 for ; Thu, 9 Aug 2018 06:50:00 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w796o0h1030547 for net@FreeBSD.org; Thu, 9 Aug 2018 06:50:00 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228108] if_ipsec drops all the icmp v4&v6 error messages Date: Thu, 09 Aug 2018 06:50:00 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: dpd@dpdtech.com X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11+ X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 06:50:02 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228108 --- Comment #11 from dpd@dpdtech.com --- (In reply to Andrey V. Elsukov from comment #10) Yes. Ironically ... I just reproduced this with bare metal just a few hours ago - but only between FreeBSD machines. Now that I have it "working" ... I= 'll revert the kernel in the morning and retest. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 07:00:29 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 620971057AFD for ; Thu, 9 Aug 2018 07:00:29 +0000 (UTC) (envelope-from dpd@dpdtech.com) Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E25B783717 for ; Thu, 9 Aug 2018 07:00:28 +0000 (UTC) (envelope-from dpd@dpdtech.com) Received: by mail-pf1-x434.google.com with SMTP id k21-v6so2370807pff.11 for ; Thu, 09 Aug 2018 00:00:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dpdtech.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=GJX5QWWD/DCZIq02L5y8n9uQLuwPUQ98bgHD0+Izn6E=; b=HNP6wAC9ewZ89x8zEeN4nsV/cvTcWPYidd8pJMNpecaZYlwGZuy8dE75yBpy4qE6Uo OIZBh5BXj9F2hpGE6zNOoh+AzwahG6Y9jD/tGHC8v10emWODofd3dIk+9RAQ6/K4kLml hAYO7x9wk5+2rQ7UVwFjSuSisuaRKCUWOjD/8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=GJX5QWWD/DCZIq02L5y8n9uQLuwPUQ98bgHD0+Izn6E=; b=kLFvOiPrDfl5LXKKCZaJf6B2kGYSoR2D0zfhvpWQSp2Ft4ovf2OwTi7n21Flg0Iu8X 9IqShl81chKMWx+J1YNdmf4Lm80tE3xblcdwidp6LPaq0u7OoOTKSvZiwsGpxTxCDzpJ hqgDHq7GQLuS1FmPufXeW/glZoqExJ78T+KC0PSAajwX9PLKHAYHOjuxU+kXrG1N1fwj EcpsxO7bBM/sLvzlrQYmlDe/g+8pEC3y5sCPmIWatnlf+f2iq4dPVkeD+hwGz7wPZ4fD Mzx7MwadALmyPKAsRXZpF9WcMogITf+veWgxwMlmKHmbqu7AMTV6dT9immeyF0bTKYXP fK4g== X-Gm-Message-State: AOUpUlFfPBwMN0dCmznSHXJtr717GxkCQ0+x1MJXVxxf1zCTnpSE6XOI j7yGtrdzB9UZbERJH88a03XraEaiL6k= X-Google-Smtp-Source: AA+uWPwkER6E8C91DyM2HTQl+Zl7zL+9OF6yYx/l87tgsRE/9zI+u4fQdZMJZtlLFDZc2sGRJ988UQ== X-Received: by 2002:a63:5a13:: with SMTP id o19-v6mr903959pgb.195.1533798027594; Thu, 09 Aug 2018 00:00:27 -0700 (PDT) Received: from relativity.dpdtech.com (173-13-188-42-sfba.hfc.comcastbusiness.net. [173.13.188.42]) by smtp.gmail.com with ESMTPSA id i7-v6sm5354656pgs.17.2018.08.09.00.00.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Aug 2018 00:00:26 -0700 (PDT) From: "David P. Discher" Message-Id: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? Date: Thu, 9 Aug 2018 00:00:25 -0700 In-Reply-To: Cc: freebsd-net@freebsd.org To: "Andrey V. Elsukov" References: X-Mailer: Apple Mail (2.3273) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 07:00:29 -0000 > On Aug 8, 2018, at 10:37 PM, Andrey V. Elsukov = wrote: >=20 > On 09.08.2018 06:57, David P. Discher wrote: >> I=E2=80=99m suspecting that IPSec in FreeBSD is not leveraging AESNI = on Intel. Is this correct ? >=20 > IPsec uses crypto(9) framework that works by default without any > acceleration. You need to load aesni(4) kernel module to enable > acceleration. Also, you need to recreate security associations after > module loading to take effect. Yes. I booted with AESNI loaded =E2=80=A6 via loader.conf. Transcript = below. Two endpoint are identical hardware. -- David P. Discher=20 https://davidpdischer.com/ 408.368.3725 =E2=80=A2 dpd@dpdtech.com [ pts/0 sjc2 util201:~ ] [ dpd ] > kldstat Id Refs Address Size Name 1 32 0xffffffff80200000 2081408 kernel 2 1 0xffffffff82283000 259e0 geom_mirror.ko 3 1 0xffffffff822a9000 e568 if_bridge.ko 4 2 0xffffffff822b8000 6d28 bridgestp.ko 5 1 0xffffffff822bf000 7600 if_tap.ko 6 1 0xffffffff822c7000 f988 ipmi.ko 7 2 0xffffffff822d7000 2d10 smbus.ko 8 1 0xffffffff822da000 381130 zfs.ko 9 2 0xffffffff8265c000 a380 opensolaris.ko 10 1 0xffffffff82667000 af98 aesni.ko 11 1 0xffffffff82b11000 2328 ums.ko [ pts/0 sjc2 util201:~ ] [ dpd ] > sudo /usr/local/etc/rc.d/racoon stop Password: Stopping racoon. Waiting for PIDS: 1065. [ pts/0 sjc2 util201:~ ] [ dpd ] > sudo /usr/local/etc/rc.d/racoon start Starting racoon. [ pts/0 sjc2 util201:~ ] [ dpd ] > sudo setkey -f /usr/local/etc/racoon/setkey.conf [ pts/0 sjc2 util201:~ ] [ dpd ] > ifconfig ipsec12 ipsec12: flags=3D8151 = metric 0 mtu 1350 tunnel inet 10.245.0.201 --> 10.245.0.202 inet 172.30.1.13 --> 172.30.1.14 netmask 0xfffffffc nd6 options=3D29 reqid: 12 groups: ipsec [ pts/0 sjc2 util201:~ ] [ dpd ] > ping 172.30.1.14 PING 172.30.1.14 (172.30.1.14): 56 data bytes 64 bytes from 172.30.1.14: icmp_seq=3D2 ttl=3D64 time=3D0.452 ms 64 bytes from 172.30.1.14: icmp_seq=3D3 ttl=3D64 time=3D0.368 ms 64 bytes from 172.30.1.14: icmp_seq=3D4 ttl=3D64 time=3D0.353 ms ^C --- 172.30.1.14 ping statistics --- 5 packets transmitted, 3 packets received, 40.0% packet loss round-trip min/avg/max/stddev =3D 0.353/0.391/0.452/0.044 ms [ pts/0 sjc2 util201:~ ] [ dpd ] > iperf3 -c 10.245.0.202 -i 8 -t 16 Connecting to host 10.245.0.202, port 5201 [ 5] local 10.245.0.201 port 55165 connected to 10.245.0.202 = port 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-8.00 sec 887 MBytes 930 Mbits/sec 0 419 = KBytes [ 5] 8.00-16.00 sec 898 MBytes 941 Mbits/sec 0 419 = KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-16.00 sec 1.74 GBytes 936 Mbits/sec 0 = sender [ 5] 0.00-16.01 sec 1.74 GBytes 935 Mbits/sec = receiver iperf Done. [ pts/0 sjc2 util201:~ ] [ dpd ] > iperf3 -c 172.30.1.14 -i 8 -t 16 Connecting to host 172.30.1.14, port 5201 [ 5] local 172.30.1.13 port 41671 connected to 172.30.1.14 port = 5201 [ ID] Interval Transfer Bitrate Retr Cwnd [ 5] 0.00-8.00 sec 166 MBytes 174 Mbits/sec 0 64.3 = KBytes [ 5] 8.00-16.00 sec 168 MBytes 176 Mbits/sec 0 64.3 = KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-16.00 sec 334 MBytes 175 Mbits/sec 0 = sender [ 5] 0.00-16.01 sec 334 MBytes 175 Mbits/sec = receiver iperf Done. [ pts/0 sjc2 util201:~ ] [ dpd ] > uname -a FreeBSD util201.sjc2.ixsystems.com 11.2-STABLE FreeBSD = 11.2-STABLE #3: Tue Jul 24 20:57:34 UTC 2018 = root@proxima.sjc2.ixsystems.com:/usr/obj/usr/src/sys/IX amd64 [ pts/0 sjc2 util201:~ ] [ dpd ] >= From owner-freebsd-net@freebsd.org Thu Aug 9 08:33:20 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D5829105C4E7 for ; Thu, 9 Aug 2018 08:33:19 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from forward103o.mail.yandex.net (forward103o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::606]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Yandex CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 555F7871C6 for ; Thu, 9 Aug 2018 08:33:19 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mxback9g.mail.yandex.net (mxback9g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:170]) by forward103o.mail.yandex.net (Yandex) with ESMTP id 5B963588384D; Thu, 9 Aug 2018 11:33:16 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback9g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id ZrqGtXKGd7-XG9qZh3q; Thu, 09 Aug 2018 11:33:16 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1533803596; bh=sFxvMGVSiRjwL3HDNacNUuWl/4PYVBuX4KxvNsDYHmY=; h=Subject:To:Cc:References:From:Message-ID:Date:In-Reply-To; b=XuMMAfc6e0EvvxOIzDuAuk4ycyNyeFZX6groqFQj6y77dOkE2Xic8RdliXeXz2FWM in1w883yDpOhSj874MWGson/KF2kLHd5SzrFC7ooAgKqJalI4+7g8dDYYKiED4/jFA q8CiSvylaeXULwGBUaYa+Nkr6Oa8FwtQrzlvcExo= Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id A9ueWv6dmr-XF8ejCRR; Thu, 09 Aug 2018 11:33:15 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client certificate not present) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1533803595; bh=sFxvMGVSiRjwL3HDNacNUuWl/4PYVBuX4KxvNsDYHmY=; h=Subject:To:Cc:References:From:Message-ID:Date:In-Reply-To; b=v0ZuyWioeveO8PsOFvilgIAV02Up4cPPDUsfu9RRgr++Ga570VImtgqhmTvTZ9/oD hhQ85443YpuI7ZobEk7+YP+3cij5U1rgg0P7dq1qUgFnCb4U9EIKBOoLXv0ivN19UB dfczQM6LzXTIcZptwloGUM9Lqkg/v1IXQpLk5Wk4= Authentication-Results: smtp4j.mail.yandex.net; dkim=pass header.i=@yandex.ru Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? To: "David P. Discher" Cc: freebsd-net@freebsd.org References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> From: "Andrey V. Elsukov" Openpgp: id=E6591E1B41DA1516F0C9BC0001C5EA0410C8A17A Autocrypt: addr=bu7cher@yandex.ru; prefer-encrypt=mutual; keydata= xsBNBEwBF1kBCADB9sXFhBEUy8qQ4X63Y8eBatYMHGEFWN9ypS5lI3RE6qQW2EYbxNk7qUC5 21YIIS1mMFVBEfvR7J9uc7yaYgFCEb6Sce1RSO4ULN2mRKGHP3/Sl0ijZEjWHV91hY1YTHEF ZW/0GYinDf56sYpDDehaBF5wkWIo1+QK5nmj3vl0DIDCMNd7QEiWpyLVwECgLX2eOAXByT8B bCqVhJGcG6iFP7/B9Ll6uX5gb8thM9LM+ibwErDBVDGiOgvfxqidab7fdkh893IBCXa82H9N CNwnEtcgzh+BSKK5BgvPohFMgRwjti37TSxwLu63QejRGbZWSz3OK3jMOoF63tCgn7FvABEB AAHNIkFuZHJleSBWLiBFbHN1a292IDxhZUBmcmVlYnNkLm9yZz7CwHsEEwECACUCGwMGCwkI BwMCBhUIAgkKCwQWAgMBAh4BAheABQJMB/ruAhkBAAoJEAHF6gQQyKF6MLwH/3Ri/TZl9uo0 SepYWXOnxL6EaDVXDA+dLb1eLKC4PRBBjX29ttQ0KaWapiE6y5/AfzOPmRtHLrHYHjd/aiHX GMLHcYRXD+5GvdkK8iMALrZ28X0JXyuuZa8rAxWIWmCbYHNSBy2unqWgTI04Erodk90IALgM 9JeHN9sFqTM6zalrMnTzlcmel4kcjT3lyYw3vOKgoYLtsLhKZSbJoVVVlvRlGBpHFJI5AoYJ SyfXoN0rcX6k9X7Isp2K50YjqxV4v78xluh1puhwZyC0p8IShPrmrp9Oy9JkMX90o6UAXdGU KfdExJuGJfUZOFBTtNIMNIAKfMTjhpRhxONIr0emxxDOwE0ETAEXWQEIAJ2p6l9LBoqdH/0J PEFDY2t2gTvAuzz+8zs3R03dFuHcNbOwjvWCG0aOmVpAzkRa8egn5JB4sZaFUtKPYJEQ1Iu+ LUBwgvtXf4vWpzC67zs2dDuiW4LamH5p6xkTD61aHR7mCB3bg2TUjrDWn2Jt44cvoYxj3dz4 S49U1rc9ZPgD5axCNv45j72tggWlZvpefThP7xT1OlNTUqye2gAwQravXpZkl5JG4eOqJVIU X316iE3qso0iXRUtO7OseBf0PiVmk+wCahdreHOeOxK5jMhYkPKVn7z1sZiB7W2H2TojbmcK HZC22sz7Z/H36Lhg1+/RCnGzdEcjGc8oFHXHCxUAEQEAAcLAXwQYAQIACQUCTAEXWQIbDAAK CRABxeoEEMihegkYCAC3ivGYNe2taNm/4Nx5GPdzuaAJGKWksV+w9mo7dQvU+NmI2az5w8vw 98OmX7G0OV9snxMW+6cyNqBrVFTu33VVNzz9pnqNCHxGvj5dL5ltP160JV2zw2bUwJBYsgYQ WfyJJIM7l3gv5ZS3DGqaGIm9gOK1ANxfrR5PgPzvI9VxDhlr2juEVMZYAqPLEJe+SSxbwLoz BcFCNdDAyXcaAzXsx/E02YWm1hIWNRxanAe7Vlg7OL+gvLpdtrYCMg28PNqKNyrQ87LQ49O9 50IIZDOtNFeR0FGucjcLPdS9PiEqCoH7/waJxWp6ydJ+g4OYRBYNM0EmMgy1N85JJrV1mi5i Message-ID: Date: Thu, 9 Aug 2018 11:32:53 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="AC2Ythfwcqfo4xb2mMEWBSX15yuL2L1MH" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 08:33:20 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --AC2Ythfwcqfo4xb2mMEWBSX15yuL2L1MH Content-Type: multipart/mixed; boundary="ngDeMMSE6YiFsycvmzibrGoe6MYJJ1phg"; protected-headers="v1" From: "Andrey V. Elsukov" To: "David P. Discher" Cc: freebsd-net@freebsd.org Message-ID: Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> In-Reply-To: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> --ngDeMMSE6YiFsycvmzibrGoe6MYJJ1phg Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 09.08.2018 10:00, David P. Discher wrote: > [ pts/0 sjc2 util201:~ ] > [ dpd ] > iperf3 -c 10.245.0.202 -i 8 -t 16 > Connecting to host 10.245.0.202, port 5201 > [ 5] local 10.245.0.201 port 55165 connected to 10.245.0.202 port 520= 1 > [ ID] Interval Transfer Bitrate Retr Cwnd > [ 5] 0.00-8.00 sec 887 MBytes 930 Mbits/sec 0 419 KByte= s > [ 5] 8.00-16.00 sec 898 MBytes 941 Mbits/sec 0 419 KByte= s > - - - - - - - - - - - - - - - - - - - - - - - - - > [ ID] Interval Transfer Bitrate Retr > [ 5] 0.00-16.00 sec 1.74 GBytes 936 Mbits/sec 0 = sender > [ 5] 0.00-16.01 sec 1.74 GBytes 935 Mbits/sec = receiver >=20 > iperf Done. >=20 > [ pts/0 sjc2 util201:~ ] > [ dpd ] > iperf3 -c 172.30.1.14 -i 8 -t 16 > Connecting to host 172.30.1.14, port 5201 > [ 5] local 172.30.1.13 port 41671 connected to 172.30.1.14 port 5201 > [ ID] Interval Transfer Bitrate Retr Cwnd > [ 5] 0.00-8.00 sec 166 MBytes 174 Mbits/sec 0 64.3 KByte= s > [ 5] 8.00-16.00 sec 168 MBytes 176 Mbits/sec 0 64.3 KByte= s > - - - - - - - - - - - - - - - - - - - - - - - - - > [ ID] Interval Transfer Bitrate Retr > [ 5] 0.00-16.00 sec 334 MBytes 175 Mbits/sec 0 = sender > [ 5] 0.00-16.01 sec 334 MBytes 175 Mbits/sec = receiver I did some tests and here are my results: # ifconfig ipsec0 ipsec0: flags=3D8051 metric 0 mtu 1400 tunnel inet 10.0.0.15 --> 10.0.0.25 inet 192.168.0.15 --> 192.168.0.25 netmask 0xffffff00 inet6 fe80::225:90ff:fef9:3c92%ipsec0 prefixlen 64 scopeid 0x8 nd6 options=3D23 reqid: 16385 groups: ipsec # iperf -c 10.0.0.25 -i 8 -t 16 ------------------------------------------------------------ Client connecting to 10.0.0.25, TCP port 5001 TCP window size: 35.0 KByte (default) ------------------------------------------------------------ [ 3] local 10.0.0.15 port 21371 connected with 10.0.0.25 port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0- 8.0 sec 9.09 GBytes 9.77 Gbits/sec [ 3] 8.0-16.0 sec 9.22 GBytes 9.90 Gbits/sec [ 3] 0.0-16.0 sec 18.3 GBytes 9.83 Gbits/sec # iperf -c 192.168.0.25 -i 8 -t 16 ------------------------------------------------------------ Client connecting to 192.168.0.25, TCP port 5001 TCP window size: 33.2 KByte (default) ------------------------------------------------------------ [ 3] local 192.168.0.15 port 30394 connected with 192.168.0.25 port 5001= [ ID] Interval Transfer Bandwidth [ 3] 0.0- 8.0 sec 607 MBytes 636 Mbits/sec [ 3] 8.0-16.0 sec 606 MBytes 636 Mbits/sec [ 3] 0.0-16.0 sec 1.19 GBytes 636 Mbits/sec # sysctl net.inet.ipsec.async_crypto=3D1 net.inet.ipsec.async_crypto: 0 -> 1 # iperf -c 192.168.0.25 -i 8 -t 16 ------------------------------------------------------------ Client connecting to 192.168.0.25, TCP port 5001 TCP window size: 33.2 KByte (default) ------------------------------------------------------------ [ 3] local 192.168.0.15 port 17716 connected with 192.168.0.25 port 5001= [ ID] Interval Transfer Bandwidth [ 3] 0.0- 8.0 sec 1.38 GBytes 1.48 Gbits/sec [ 3] 8.0-16.0 sec 1.40 GBytes 1.51 Gbits/sec [ 3] 0.0-16.0 sec 2.78 GBytes 1.50 Gbits/sec # kldload aesni # setkey -DF # setkey -c add 10.0.0.25 10.0.0.15 esp 10000 -m tunnel -u 16385 -E rijndael-cbc "0123456789123456"; add 10.0.0.15 10.0.0.25 esp 20000 -m tunnel -u 16385 -E rijndael-cbc "0123456789123456"; # sysctl net.inet.ipsec.async_crypto=3D0 net.inet.ipsec.async_crypto: 1 -> 0 # iperf -c 192.168.0.25 -i 8 -t 16 ------------------------------------------------------------ Client connecting to 192.168.0.25, TCP port 5001 TCP window size: 33.2 KByte (default) ------------------------------------------------------------ [ 3] local 192.168.0.15 port 57206 connected with 192.168.0.25 port 5001= [ ID] Interval Transfer Bandwidth [ 3] 0.0- 8.0 sec 1.08 GBytes 1.16 Gbits/sec [ 3] 8.0-16.0 sec 1.11 GBytes 1.19 Gbits/sec [ 3] 0.0-16.0 sec 2.19 GBytes 1.18 Gbits/sec # sysctl net.inet.ipsec.async_crypto=3D1 net.inet.ipsec.async_crypto: 0 -> 1 # ifconfig ipsec0 mtu 8000 down up # iperf -c 192.168.0.25 -i 8 -t 16 ------------------------------------------------------------ Client connecting to 192.168.0.25, TCP port 5001 TCP window size: 38.9 KByte (default) ------------------------------------------------------------ [ 3] local 192.168.0.15 port 37641 connected with 192.168.0.25 port 5001= [ ID] Interval Transfer Bandwidth [ 3] 0.0- 8.0 sec 5.64 GBytes 6.06 Gbits/sec [ 3] 8.0-16.0 sec 5.76 GBytes 6.19 Gbits/sec [ 3] 0.0-16.0 sec 11.4 GBytes 6.12 Gbits/sec --=20 WBR, Andrey V. Elsukov --ngDeMMSE6YiFsycvmzibrGoe6MYJJ1phg-- --AC2Ythfwcqfo4xb2mMEWBSX15yuL2L1MH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAltr/DUACgkQAcXqBBDI oXq4XggAi1Ps7fy/d/HQddhE78gYYey/BQelz+9cu/pfI/Fy3P7sR3K+4du0n+A3 ZqeFXca2mtXSSxkClmmEDwl6YhVO73mQmLVz/c+7y1yhmZBTujE+gu0T/y3pLGgA aDUNoSeUJ4SIVAb813AhzNPUxNtoqj+Ke0xD3AmgVKi1L0RJFy4BVcZ92YYPcLTG VHrWsF2XQIe6XsOBeYnI0ttM5G+5jgPISUAxkV5ks9sYVByyxB9vGIyR11XiH0Rz ERRRTrRdf1qHvEE2cd+OW738aO2DD4sHRMOGz/6ekhbY7kScXMKr2UCtSeH8M0r8 MJEa0IimO1AUnwk64x8/GT3jPSxIIw== =biPU -----END PGP SIGNATURE----- --AC2Ythfwcqfo4xb2mMEWBSX15yuL2L1MH-- From owner-freebsd-net@freebsd.org Thu Aug 9 08:40:39 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DB484105C7BA for ; Thu, 9 Aug 2018 08:40:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 7479F87378 for ; Thu, 9 Aug 2018 08:40:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 39B5C105C7B9; Thu, 9 Aug 2018 08:40:38 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2858A105C7B8 for ; Thu, 9 Aug 2018 08:40:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BE1E587372 for ; Thu, 9 Aug 2018 08:40:37 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id F3004166F0 for ; Thu, 9 Aug 2018 08:40:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w798eaQ9039312 for ; Thu, 9 Aug 2018 08:40:36 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w798ea07039311 for net@FreeBSD.org; Thu, 9 Aug 2018 08:40:36 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Thu, 09 Aug 2018 08:40:36 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: egypcio@googlemail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 08:40:39 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 --- Comment #12 from Vin=C3=ADcius Zavam --- (In reply to Kajetan Staszkiewicz from comment #11) as I said, the main idea was to get as closest as possible to what we get f= rom 11.2-RELEASE in order to help you (and others). with all respect, there's no such a thing like 'fixating on the fact that I have patched kernel' - you a= re really getting things too much personal. and, again, as I said: that is not the/my intention. we should be at the same page here, please. regarding the INVARIANT options, they sure might give people hints and help when it comes to debugging, but -AFAIK- they are not meant to run in produc= tion env like releng/11.2. their descriptions might confuse some. when it comes to the recommended merge that you wrote about, at the very sa= me text you mentioned that the system is passive to be "killed" (it really does not sound like fixing to me). sorry, but I did read that. BR, --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 10:11:10 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CDD37105F8EB for ; Thu, 9 Aug 2018 10:11:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 6B32E8AF44 for ; Thu, 9 Aug 2018 10:11:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 302A4105F8EA; Thu, 9 Aug 2018 10:11:10 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1F0EB105F8E9 for ; Thu, 9 Aug 2018 10:11:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B553A8AF3F for ; Thu, 9 Aug 2018 10:11:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id EBBC61737D for ; Thu, 9 Aug 2018 10:11:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w79AB8n2014496 for ; Thu, 9 Aug 2018 10:11:08 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w79AB8fa014495 for net@FreeBSD.org; Thu, 9 Aug 2018 10:11:08 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 229384] Can't remove address from carp Date: Thu, 09 Aug 2018 10:11:08 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.2-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: m.muenz@spam-fetish.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 10:11:11 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229384 Michael changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |m.muenz@spam-fetish.org --- Comment #13 from Michael --- Hi, I didn't follow the complete thread, but when I read "vtnet" devices, are y= ou using some cloud vendor? There are vendors out there pointing out that HA failover protocols are not supported via their X-Stack or whatever. I'm only a OPNsense/pfSense user and never had these issues on pyhsical hardware, can't imagine there is something with Vanilla 11.1. Michael --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 13:40:55 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5790310668DA for ; Thu, 9 Aug 2018 13:40:55 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D532973488 for ; Thu, 9 Aug 2018 13:40:54 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id w79Dejit084596 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 9 Aug 2018 06:40:45 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id w79DejrY084595; Thu, 9 Aug 2018 06:40:45 -0700 (PDT) (envelope-from jmg) Date: Thu, 9 Aug 2018 06:40:45 -0700 From: John-Mark Gurney To: "David P. Discher" Cc: "Andrey V. Elsukov" , freebsd-net@freebsd.org Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? Message-ID: <20180809134045.GN2884@funkthat.com> Mail-Followup-To: "David P. Discher" , "Andrey V. Elsukov" , freebsd-net@freebsd.org References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> X-Operating-System: FreeBSD 11.0-RELEASE-p7 amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Thu, 09 Aug 2018 06:40:45 -0700 (PDT) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 13:40:55 -0000 David P. Discher wrote this message on Thu, Aug 09, 2018 at 00:00 -0700: > > > On Aug 8, 2018, at 10:37 PM, Andrey V. Elsukov wrote: > > > > On 09.08.2018 06:57, David P. Discher wrote: > >> I???m suspecting that IPSec in FreeBSD is not leveraging AESNI on Intel. Is this correct ? > > > > IPsec uses crypto(9) framework that works by default without any > > acceleration. You need to load aesni(4) kernel module to enable > > acceleration. Also, you need to recreate security associations after > > module loading to take effect. > > Yes. I booted with AESNI loaded ??? via loader.conf. Transcript below. Two endpoint are identical hardware. You don't show what ciphers you are using. It could be that you're using CBC mode, which is known to be slow, or that you're using a slow AH that is limiting performance, and not the cipher... Need to see your setkey.conf, or at least the output of setkey -D.. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-net@freebsd.org Thu Aug 9 18:25:46 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E3E56106F4A5 for ; Thu, 9 Aug 2018 18:25:45 +0000 (UTC) (envelope-from danilogondolfo@gmail.com) Received: from mail-yw1-xc2c.google.com (mail-yw1-xc2c.google.com [IPv6:2607:f8b0:4864:20::c2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6FFDC81D36 for ; Thu, 9 Aug 2018 18:25:45 +0000 (UTC) (envelope-from danilogondolfo@gmail.com) Received: by mail-yw1-xc2c.google.com with SMTP id e23-v6so5774862ywe.13 for ; Thu, 09 Aug 2018 11:25:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=+TDpNKXyZ3HM+hd7xV393MVwwF4qYlWLJdaYemQQGbQ=; b=QLWiNJPN7jutd7TYQBDcO7CaEr9GvWGZDoom8fp8xD6p0hab118dj3rvUfqk7rIydt fa54Fvxh8nKFnfc30191DXECSscF/rF176tXGwHwGW6eXwC3s47Ku5IWndlESTRZ/PlX xHbYL9TI00UqjzcEe8vCzQFwJ9+mjoS4JcHJtfbCjxZT/usafS9BsLYxl9eYAain56Wo /Ykwa2Rqqcz/MDh7nNPotCWUHJaz6vs0Kg2QBDB/ejegKbcYirKjVoNDUv0CC2Ox8biQ 5rJL7yZL3q+1JLjitYflDsoWS1B3ze45oTjG8uXOt7bpnxce9XLAN2Q3tyAtPvCw3X/O HrMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=+TDpNKXyZ3HM+hd7xV393MVwwF4qYlWLJdaYemQQGbQ=; b=fnd2lRS/ryjWlfDg/7mlbXD07/V0zxObtnrK318CXJkPRgJ5xZ11qjoWbp3lZ6lNeE 9tldJ/kr1T4kRO4ICPWqoxJlUUtnjUh2W0GEtSJ99jMe12hCtxEGOXMpgsMH8+LUBEHD CsCTEoyH0bnFXqeCTc2ALZYlgya1Y1Ae9hiRhe9ljM3t6zveMFqBD8opZZ8EzadPFXeg nNEvIkKSW/TqLgR1fUXver5y+1dZCrtf7wsePREAKu12aojbFzcslb/fjQWB3AF2Jk02 AoUuqSl4CsVMCg3pOiblMjT3CR/JbtHR0AfJo7UOTSAfumoIg1NvVw6SIjdmK7iTQey4 A6jA== X-Gm-Message-State: AOUpUlFb9yjlaHUfTq+I7RZZ+fP+KokpqxEm5/e73e8HgI8F06PphOgU sVVLsxSsKOaJf7NYsJFUn18cPgbQRIEubajOxUQh/j/+hMQ= X-Google-Smtp-Source: AA+uWPy+I991yWw1hcaW0Ktl2e0p0DlXsYxkzmD/POW0LZfJ8oPgfP1+bzLNM9xE5Rox++NGzkGzGI2JQphFzOCO/pk= X-Received: by 2002:ab0:3141:: with SMTP id e1-v6mr2076316uam.121.1533839144483; Thu, 09 Aug 2018 11:25:44 -0700 (PDT) MIME-Version: 1.0 From: =?UTF-8?Q?Danilo_Eg=C3=AAa_Gondolfo?= Date: Thu, 9 Aug 2018 15:25:58 -0300 Message-ID: Subject: if_alloc() panic on CURRENT To: freebsd-net@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 18:25:46 -0000 Hello, I'm getting a panic when I start a vbox VM. https://bz-attachments.freebsd.org/attachment.cgi?id=196033 Any clue about what can be happening? I'm running r337378 and the virtualbox-ose-kmod was built from ports. Thanks! From owner-freebsd-net@freebsd.org Thu Aug 9 19:34:18 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3BFF910710BF for ; Thu, 9 Aug 2018 19:34:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id CD5C9843EE for ; Thu, 9 Aug 2018 19:34:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 8EDEB10710BC; Thu, 9 Aug 2018 19:34:17 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7D9C810710BB for ; Thu, 9 Aug 2018 19:34:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 206C8843E8 for ; Thu, 9 Aug 2018 19:34:17 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 67B6E1C22B for ; Thu, 9 Aug 2018 19:34:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w79JYGMT027894 for ; Thu, 9 Aug 2018 19:34:16 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w79JYGGp027893 for net@FreeBSD.org; Thu, 9 Aug 2018 19:34:16 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228108] if_ipsec drops all the icmp v4&v6 error messages Date: Thu, 09 Aug 2018 19:34:16 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: dpd@dpdtech.com X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11+ X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 19:34:18 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228108 --- Comment #12 from dpd@dpdtech.com --- Created attachment 196035 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D196035&action= =3Dedit Shell Transcript of Issue. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 19:35:44 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E77511071173 for ; Thu, 9 Aug 2018 19:35:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 84F89844A6 for ; Thu, 9 Aug 2018 19:35:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 49F6F1071171; Thu, 9 Aug 2018 19:35:43 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 38EB51071170 for ; Thu, 9 Aug 2018 19:35:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CFE70844A1 for ; Thu, 9 Aug 2018 19:35:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 23AAA1C232 for ; Thu, 9 Aug 2018 19:35:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w79JZgRF029251 for ; Thu, 9 Aug 2018 19:35:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w79JZgWw029249 for net@FreeBSD.org; Thu, 9 Aug 2018 19:35:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228108] if_ipsec drops all the icmp v4&v6 error messages Date: Thu, 09 Aug 2018 19:35:41 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: dpd@dpdtech.com X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11+ X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 19:35:44 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228108 --- Comment #13 from dpd@dpdtech.com --- I showed over here : https://lists.freebsd.org/pipermail/freebsd-net/2018-August/051301.html That it seems to work with this line removed. Attached is the shell transcript of my current observation. The Tunnel see= ms up, but no traffic is getting passed. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 20:11:33 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1CC4810721C8 for ; Thu, 9 Aug 2018 20:11:33 +0000 (UTC) (envelope-from dpd@dpdtech.com) Received: from mail-pl0-x242.google.com (mail-pl0-x242.google.com [IPv6:2607:f8b0:400e:c01::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8A1DF85960 for ; Thu, 9 Aug 2018 20:11:32 +0000 (UTC) (envelope-from dpd@dpdtech.com) Received: by mail-pl0-x242.google.com with SMTP id g6-v6so2998436plq.9 for ; Thu, 09 Aug 2018 13:11:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dpdtech.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=66zfQ4ErQzi2zdppNdISLy/4TYZ537vxk9EpkVn6B94=; b=gChNXn4Nfe4jxeI44/M5OcYoCU+9ALGQHydpAFyA0DmJDoJNHtMUONMrGi+RxaByD3 ZQTd5hURFsUjCPOM/2pPYB6aGH58LsvZP4BJt1ney9j2Vr+2fJNy00uQDGgrua4joZz8 9CkoAq0+tpuwhcikNG1twaZsoQjxOVWBmJukA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=66zfQ4ErQzi2zdppNdISLy/4TYZ537vxk9EpkVn6B94=; b=LHqHrjnlgvCSEvjbrzn0/ctnc60SX7zbHTdAY04iDaZ5AONBmBkSY8avgy3SHBX21r saY+8b+NFSF/7TZYCju22ptpbxVSHbAU5WnL7L3FTqumIo/80+HV0bC5C9d7i2WUDqP+ yZLjFZ6iL6RskU1SZej/0ZsmD8DKarLONuHLjHZNkkbZMofmrPrNbqpRDcOiaE1xn8AJ qiDThYcT00Qmg2JSV5YjE2nYfRzqhtK9A+W1bl8P+kJmyDimW/ALdWUb1jRZw7NtE7Db qr77zMhJene5rmohJkg64Ok1fU2tN2SNH5EoKRLDAy2b13DPK56bHAdNJf9+B6yvAfH7 aaCw== X-Gm-Message-State: AOUpUlHPH3IYpXq6bE797/RPXdNXdneWqyMI6x1NNPIcU0FVTZmBjg1B M6YfjboJ7mxdMnAHEUNT/ytjys8GkSs= X-Google-Smtp-Source: AA+uWPySeFgGZqxxiRMm2VoqhX9A2HK/8QAsPgzrJ7GmgoNDQ7qMwXXYB8o5v1a3aukJ9D67HQfplg== X-Received: by 2002:a17:902:728c:: with SMTP id d12-v6mr3248522pll.283.1533845491368; Thu, 09 Aug 2018 13:11:31 -0700 (PDT) Received: from ?IPv6:2620:131:c001:105:615f:2bcf:3897:8d41? ([2620:131:c001:105:615f:2bcf:3897:8d41]) by smtp.gmail.com with ESMTPSA id h130-v6sm31643078pgc.88.2018.08.09.13.11.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Aug 2018 13:11:30 -0700 (PDT) From: "David P. Discher" Message-Id: Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? Date: Thu, 9 Aug 2018 13:11:28 -0700 In-Reply-To: Cc: freebsd-net@freebsd.org To: "Andrey V. Elsukov" , John-Mark Gurney References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> X-Mailer: Apple Mail (2.3273) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 20:11:33 -0000 The documentation for using IPSec (especially if_ipsec) is really thin = for freebsd, so I pieced some of this together from various posts and = mailing lists threads. =20 Is there no need for racoon ? How in this example is the IKE/ISAKMP = setup done ? Is setkey doing this ? > On Aug 9, 2018, at 1:32 AM, Andrey V. Elsukov = wrote: >=20 > # kldload aesni > # setkey -DF > # setkey -c > add 10.0.0.25 10.0.0.15 esp 10000 -m tunnel -u 16385 -E rijndael-cbc > "0123456789123456"; > add 10.0.0.15 10.0.0.25 esp 20000 -m tunnel -u 16385 -E rijndael-cbc > "0123456789123456"; >=20 > # sysctl net.inet.ipsec.async_crypto=3D0 > net.inet.ipsec.async_crypto: 1 -> 0 This is 11.2-stable, shortly after release =E2=80=A6 I don=E2=80=99t = have this sysctl. [ pts/0 sjc2 util201:~ ] [ dpd ] > sysctl net.inet.ipsec net.inet.ipsec.def_policy: 1 net.inet.ipsec.esp_trans_deflev: 1 net.inet.ipsec.esp_net_deflev: 1 net.inet.ipsec.ah_trans_deflev: 1 net.inet.ipsec.ah_net_deflev: 1 net.inet.ipsec.ah_cleartos: 1 net.inet.ipsec.dfbit: 0 net.inet.ipsec.ecn: 0 net.inet.ipsec.debug: 0 net.inet.ipsec.filtertunnel: 0 net.inet.ipsec.natt_cksum_policy: 0 net.inet.ipsec.check_policy_history: 0 net.inet.ipsec.crypto_support: 50331648 > On Aug 9, 2018, at 6:40 AM, John-Mark Gurney wrote: >=20 >=20 > You don't show what ciphers you are using. It could be that you're > using CBC mode, which is known to be slow, or that you're using a > slow AH that is limiting performance, and not the cipher... >=20 > Need to see your setkey.conf, or at least the output of setkey -D.. racoon.conf is : sainfo anonymous { pfs_group 2; lifetime time 86400 seconds; encryption_algorithm aes; authentication_algorithm hmac_sha256; compression_algorithm deflate; } remote 10.245.0.202 [500] { passive off; my_identifier address 172.30.1.13; exchange_mode main; lifetime time 24 hour; proposal { encryption_algorithm aes; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 2;=20 }} For some reason, I don=E2=80=99t think I can use AES-GCM on the juniper = side, because of a combination of other required settings. I remember = trying, but don=E2=80=99t remember why I can=E2=80=99t. setkey.conf is : flush; spdflush; spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P out ipsec = esp/tunnel/10.245.0.201-10.245.0.202/unique:12; spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P in ipsec = esp/tunnel/10.245.0.202-10.245.0.201/unique:12; spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P out ipsec = esp/tunnel/10.245.0.201-10.245.0.203/unique:4; spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P in ipsec = esp/tunnel/10.245.0.203-10.245.0.201/unique:4; And that results in : [ pts/0 sjc2 util201:~ ] [ dpd ] > sudo setkey -D Password: 10.245.0.201 10.245.0.202 esp mode=3Dtunnel spi=3D60080461(0x0394c14d) = reqid=3D12(0x0000000c) E: rijndael-cbc 79e053a5 221c6d48 31e4c98a 3ae8c8ed A: hmac-sha2-256 9f1a4188 7849ad94 41cfd974 a5e0570a cc7c54a5 = c16f5ebc 6bb39fbb 212abce0 seq=3D0x00000011 replay=3D4 flags=3D0x00000000 state=3Dmature created: Aug 9 19:21:15 2018 current: Aug 9 19:38:13 2018 diff: 1018(s) hard: 86400(s) soft: 69120(s) last: Aug 9 19:21:16 2018 hard: 0(s) soft: 0(s) current: 2652(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 17 hard: 0 soft: 0 sadb_seq=3D1 pid=3D2441 refcnt=3D1 10.245.0.202 10.245.0.201 esp mode=3Dtunnel spi=3D170852236(0x0a2eff8c) = reqid=3D12(0x0000000c) E: rijndael-cbc 221239cf e0ddedc5 88f1f711 5e744723 A: hmac-sha2-256 bf214e0e 73b27e42 1090a067 eaed9e2a d36d3ae7 = 529a40a1 bf5ea2c9 0e3f5f27 seq=3D0x00000000 replay=3D4 flags=3D0x00000000 state=3Dmature created: Aug 9 19:21:15 2018 current: Aug 9 19:38:13 2018 diff: 1018(s) hard: 86400(s) soft: 69120(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=3D0 pid=3D2441 refcnt=3D1 [ pts/0 sjc2 util201:~ ] [ dpd ] > sudo setkey -D -P 172.30.1.12/30[any] 172.30.1.12/30[any] any in ipsec esp/tunnel/10.245.0.202-10.245.0.201/unique:12 spid=3D22 seq=3D11 pid=3D2443 scope=3Dglobal refcnt=3D1 172.30.1.4/30[any] 172.30.1.4/30[any] any in ipsec esp/tunnel/10.245.0.203-10.245.0.201/unique:4 spid=3D24 seq=3D10 pid=3D2443 scope=3Dglobal refcnt=3D1 0.0.0.0/0[any] 0.0.0.0/0[any] any in ipsec esp/tunnel/10.245.0.202-10.245.0.201/unique:12 spid=3D5 seq=3D9 pid=3D2443 scope=3Difnet ifname=3Dipsec12 refcnt=3D1 ::/0[any] ::/0[any] any in ipsec esp/tunnel/10.245.0.202-10.245.0.201/unique:12 spid=3D7 seq=3D8 pid=3D2443 scope=3Difnet ifname=3Dipsec12 refcnt=3D1 0.0.0.0/0[any] 0.0.0.0/0[any] any in ipsec esp/tunnel/10.245.0.203-10.245.0.201/unique:4 spid=3D13 seq=3D7 pid=3D2443 scope=3Difnet ifname=3Dipsec4 refcnt=3D1 ::/0[any] ::/0[any] any in ipsec esp/tunnel/10.245.0.203-10.245.0.201/unique:4 spid=3D15 seq=3D6 pid=3D2443 scope=3Difnet ifname=3Dipsec4 refcnt=3D1 172.30.1.12/30[any] 172.30.1.12/30[any] any out ipsec esp/tunnel/10.245.0.201-10.245.0.202/unique:12 spid=3D21 seq=3D5 pid=3D2443 scope=3Dglobal refcnt=3D1 172.30.1.4/30[any] 172.30.1.4/30[any] any out ipsec esp/tunnel/10.245.0.201-10.245.0.203/unique:4 spid=3D23 seq=3D4 pid=3D2443 scope=3Dglobal refcnt=3D1 0.0.0.0/0[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/10.245.0.201-10.245.0.202/unique:12 spid=3D6 seq=3D3 pid=3D2443 scope=3Difnet ifname=3Dipsec12 refcnt=3D1 ::/0[any] ::/0[any] any out ipsec esp/tunnel/10.245.0.201-10.245.0.202/unique:12 spid=3D8 seq=3D2 pid=3D2443 scope=3Difnet ifname=3Dipsec12 refcnt=3D1 0.0.0.0/0[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/10.245.0.201-10.245.0.203/unique:4 spid=3D14 seq=3D1 pid=3D2443 scope=3Difnet ifname=3Dipsec4 refcnt=3D1 ::/0[any] ::/0[any] any out ipsec esp/tunnel/10.245.0.201-10.245.0.203/unique:4 spid=3D16 seq=3D0 pid=3D2443 scope=3Difnet ifname=3Dipsec4 refcnt=3D1 -- David P. Discher=20 https://davidpdischer.com/ 408.368.3725 =E2=80=A2 dpd@dpdtech.com From owner-freebsd-net@freebsd.org Thu Aug 9 20:43:26 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9BD8F10732D5 for ; Thu, 9 Aug 2018 20:43:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 36C8A86F3E for ; Thu, 9 Aug 2018 20:43:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id EF89C10732D0; Thu, 9 Aug 2018 20:43:25 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE62410732CE for ; Thu, 9 Aug 2018 20:43:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7FCB786F36 for ; Thu, 9 Aug 2018 20:43:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id CD87A1CC18 for ; Thu, 9 Aug 2018 20:43:24 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w79KhO4k088017 for ; Thu, 9 Aug 2018 20:43:24 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w79KhOKK088016 for net@FreeBSD.org; Thu, 9 Aug 2018 20:43:24 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 228108] if_ipsec drops all the icmp v4&v6 error messages Date: Thu, 09 Aug 2018 20:43:24 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11+ X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 20:43:26 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228108 --- Comment #14 from Andrey V. Elsukov --- (In reply to dpd from comment #13) > I showed over here : > https://lists.freebsd.org/pipermail/freebsd-net/2018-August/051301.html >=20 > That it seems to work with this line removed. >=20 > Attached is the shell transcript of my current observation. The Tunnel > seems up, but no traffic is getting passed. You need to look at the output of `setkey -D`, `setkey -DP`, `netstat -sp e= sp`, `tcpdump -ni` on the network interface and check what actually is going on. Provided information is not enough for debugging. As I said this looks more like a problem with racoon, duplicate SAs, SPs or something like this. For example, in log you have two SAs with different SPI for the same direction. Before starting racoon, make sure that you have cleaned up from previous ru= n on both sides. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Thu Aug 9 20:56:31 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 48F5110737FA for ; Thu, 9 Aug 2018 20:56:31 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from forward104j.mail.yandex.net (forward104j.mail.yandex.net [IPv6:2a02:6b8:0:801:2::107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Yandex CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AD521880DA for ; Thu, 9 Aug 2018 20:56:30 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mxback5o.mail.yandex.net (mxback5o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1f]) by forward104j.mail.yandex.net (Yandex) with ESMTP id 150B543C8C; Thu, 9 Aug 2018 23:56:28 +0300 (MSK) Received: from smtp4p.mail.yandex.net (smtp4p.mail.yandex.net [2a02:6b8:0:1402::15:6]) by mxback5o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id x5nLoitqsD-uRYqvNKQ; Thu, 09 Aug 2018 23:56:28 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1533848188; bh=62mXYBMSN+wTW9jJP2HxD1Rzg1luUJDbHIyG6i0msOI=; h=Subject:To:Cc:References:From:Message-ID:Date:In-Reply-To; b=FEc7h0SUcfPR2cVzF+R0Fj3VcmhgeU1ordMrUeP57yYdE2dhi3k2UmVCe9VNaKX2t 2lHoMfGC+q1YOySo+vkv4/xbJWR2+z5za1QUK88rkV274cuifW/7GuC1u9u05GorNy 2Is7kFMNIgezaXJCf0W0xZw7GoRSH9nINqpS+nLc= Received: by smtp4p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id fqMMjMUymH-uQqOLwUf; Thu, 09 Aug 2018 23:56:26 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client certificate not present) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1533848186; bh=62mXYBMSN+wTW9jJP2HxD1Rzg1luUJDbHIyG6i0msOI=; h=Subject:To:Cc:References:From:Message-ID:Date:In-Reply-To; b=bsEaVjkvi/9K58x7O1Gmo9yoYtsLJ3MeA9JoCdoCiJ5/GO3f0EHRfPgCII3cuOLp7 XOGs4oisR+z7tw5h1kaeVcfFzhAmyedwppJAvz0zRhuvJsHvra7JEdUz3t/BaZDH6s QyLmWtJiaJuXgm1VYFkYPRjf9CcGx+aSq/0aa4VM= Authentication-Results: smtp4p.mail.yandex.net; dkim=pass header.i=@yandex.ru Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? To: "David P. Discher" , John-Mark Gurney Cc: freebsd-net@freebsd.org References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> From: "Andrey V. Elsukov" Openpgp: id=E6591E1B41DA1516F0C9BC0001C5EA0410C8A17A Autocrypt: addr=bu7cher@yandex.ru; prefer-encrypt=mutual; keydata= xsBNBEwBF1kBCADB9sXFhBEUy8qQ4X63Y8eBatYMHGEFWN9ypS5lI3RE6qQW2EYbxNk7qUC5 21YIIS1mMFVBEfvR7J9uc7yaYgFCEb6Sce1RSO4ULN2mRKGHP3/Sl0ijZEjWHV91hY1YTHEF ZW/0GYinDf56sYpDDehaBF5wkWIo1+QK5nmj3vl0DIDCMNd7QEiWpyLVwECgLX2eOAXByT8B bCqVhJGcG6iFP7/B9Ll6uX5gb8thM9LM+ibwErDBVDGiOgvfxqidab7fdkh893IBCXa82H9N CNwnEtcgzh+BSKK5BgvPohFMgRwjti37TSxwLu63QejRGbZWSz3OK3jMOoF63tCgn7FvABEB AAHNIkFuZHJleSBWLiBFbHN1a292IDxhZUBmcmVlYnNkLm9yZz7CwHsEEwECACUCGwMGCwkI BwMCBhUIAgkKCwQWAgMBAh4BAheABQJMB/ruAhkBAAoJEAHF6gQQyKF6MLwH/3Ri/TZl9uo0 SepYWXOnxL6EaDVXDA+dLb1eLKC4PRBBjX29ttQ0KaWapiE6y5/AfzOPmRtHLrHYHjd/aiHX GMLHcYRXD+5GvdkK8iMALrZ28X0JXyuuZa8rAxWIWmCbYHNSBy2unqWgTI04Erodk90IALgM 9JeHN9sFqTM6zalrMnTzlcmel4kcjT3lyYw3vOKgoYLtsLhKZSbJoVVVlvRlGBpHFJI5AoYJ SyfXoN0rcX6k9X7Isp2K50YjqxV4v78xluh1puhwZyC0p8IShPrmrp9Oy9JkMX90o6UAXdGU KfdExJuGJfUZOFBTtNIMNIAKfMTjhpRhxONIr0emxxDOwE0ETAEXWQEIAJ2p6l9LBoqdH/0J PEFDY2t2gTvAuzz+8zs3R03dFuHcNbOwjvWCG0aOmVpAzkRa8egn5JB4sZaFUtKPYJEQ1Iu+ LUBwgvtXf4vWpzC67zs2dDuiW4LamH5p6xkTD61aHR7mCB3bg2TUjrDWn2Jt44cvoYxj3dz4 S49U1rc9ZPgD5axCNv45j72tggWlZvpefThP7xT1OlNTUqye2gAwQravXpZkl5JG4eOqJVIU X316iE3qso0iXRUtO7OseBf0PiVmk+wCahdreHOeOxK5jMhYkPKVn7z1sZiB7W2H2TojbmcK HZC22sz7Z/H36Lhg1+/RCnGzdEcjGc8oFHXHCxUAEQEAAcLAXwQYAQIACQUCTAEXWQIbDAAK CRABxeoEEMihegkYCAC3ivGYNe2taNm/4Nx5GPdzuaAJGKWksV+w9mo7dQvU+NmI2az5w8vw 98OmX7G0OV9snxMW+6cyNqBrVFTu33VVNzz9pnqNCHxGvj5dL5ltP160JV2zw2bUwJBYsgYQ WfyJJIM7l3gv5ZS3DGqaGIm9gOK1ANxfrR5PgPzvI9VxDhlr2juEVMZYAqPLEJe+SSxbwLoz BcFCNdDAyXcaAzXsx/E02YWm1hIWNRxanAe7Vlg7OL+gvLpdtrYCMg28PNqKNyrQ87LQ49O9 50IIZDOtNFeR0FGucjcLPdS9PiEqCoH7/waJxWp6ydJ+g4OYRBYNM0EmMgy1N85JJrV1mi5i Message-ID: <17acb9c4-f775-04be-4903-3d022a2fa1ac@yandex.ru> Date: Thu, 9 Aug 2018 23:55:58 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="zln6R5tn9PAmv0CNAgnxzngy6q6jcr0Eh" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 20:56:31 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --zln6R5tn9PAmv0CNAgnxzngy6q6jcr0Eh Content-Type: multipart/mixed; boundary="5VmtHrHwXrkiqAoP7P7tj8lAdtIJfEVzy"; protected-headers="v1" From: "Andrey V. Elsukov" To: "David P. Discher" , John-Mark Gurney Cc: freebsd-net@freebsd.org Message-ID: <17acb9c4-f775-04be-4903-3d022a2fa1ac@yandex.ru> Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> In-Reply-To: --5VmtHrHwXrkiqAoP7P7tj8lAdtIJfEVzy Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 09.08.2018 23:11, David P. Discher wrote: > The documentation for using IPSec (especially if_ipsec) is really thin > for freebsd, so I pieced some of this together from various posts and > mailing lists threads. > =C2=A0 > Is there no need for racoon ? =C2=A0How in this example is the=C2=A0IKE= /ISAKMP > setup done ? Is setkey doing this ? > This is 11.2-stable, shortly after release =E2=80=A6 I don=E2=80=99t ha= ve this sysctl. This is manually configured tunnel between two FreeBSD 12.0-CURRENT hosts. I can suggest to try patch and config from this post: https://lists.freebsd.org/pipermail/freebsd-net/2018-May/050509.html >> Need to see your setkey.conf, or at least the output of setkey -D.. >=20 >=20 > setkey.conf is : >=20 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 flush; > =C2=A0 =C2=A0 =C2=A0 =C2=A0 spdflush; >=20 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 spdadd -4n 172.30.1.12/30 172.30.1.12/30 an= y -P out ipsec > esp/tunnel/10.245.0.201-10.245.0.202/unique:12; > =C2=A0 =C2=A0 =C2=A0 =C2=A0 spdadd -4n 172.30.1.12/30 172.30.1.12/30 an= y -P in =C2=A0ipsec > esp/tunnel/10.245.0.202-10.245.0.201/unique:12; > =C2=A0 =C2=A0 =C2=A0 =C2=A0 spdadd -4n 172.30.1.4/30 172.30.1.4/30 any = -P out ipsec > esp/tunnel/10.245.0.201-10.245.0.203/unique:4; > =C2=A0 =C2=A0 =C2=A0 =C2=A0 spdadd -4n 172.30.1.4/30 172.30.1.4/30 any = -P in =C2=A0ipsec > esp/tunnel/10.245.0.203-10.245.0.201/unique:4; You don't need to create security policies for if_ipsec interfaces. They are created by interface automatically. --=20 WBR, Andrey V. Elsukov --5VmtHrHwXrkiqAoP7P7tj8lAdtIJfEVzy-- --zln6R5tn9PAmv0CNAgnxzngy6q6jcr0Eh Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAltsql4ACgkQAcXqBBDI oXparQf9G/ci2uDj3NPlHF6kEoToCkxB35qGIPvZvnpVdUIOHNGimwTFhe+3BGr7 Bf9sczDcXu4awVkz3x6w4RmVGhu//rII3tJwVYjrQoSQUxALDpXbnCNjY94fV84q tgtLbTbstJcMpRbsrKLjIgL64OhUjibIb8adPoohNFYiB7EnhIBYBFIUoGGWV+nU +g/D1zK+1wvHnKxq6PzS8zwv5coILVdI+fuTIDGv9UgESC9Vm4oPBT21ST9q4oSq Yv6YreaxtgVMT1VV1kifyIcabDQgkXSXErbDSlp1S6RAtRtWumgIFlfPlmYlToM3 QMNG6GB7Dqizbrka6AJi8OYVoAOgdw== =ICR5 -----END PGP SIGNATURE----- --zln6R5tn9PAmv0CNAgnxzngy6q6jcr0Eh-- From owner-freebsd-net@freebsd.org Thu Aug 9 23:55:57 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 08C4210774B8 for ; Thu, 9 Aug 2018 23:55:57 +0000 (UTC) (envelope-from jim@netgate.com) Received: from mail-lf1-x136.google.com (mail-lf1-x136.google.com [IPv6:2a00:1450:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 623488E02B for ; Thu, 9 Aug 2018 23:55:56 +0000 (UTC) (envelope-from jim@netgate.com) Received: by mail-lf1-x136.google.com with SMTP id a134-v6so5337522lfe.6 for ; Thu, 09 Aug 2018 16:55:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netgate.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=olYolsple+Xfki4V7lK5mRJmU7YgkFWFDNcu+ptbQ7s=; b=qwXKEWAIoTo5BE03XHhHtiSFU4zQwkWjUX1SBn9De5SS4/Ehmf8Ct6nnQoIDxbsUJh 2XZ8GFAeeE4s+YCFBhzaTU7IfSR9+hvtG20yX/SDW4DEWsLu8mBgrhFcw07AqmXgSZoG l8MG5cHEsluOozGkRuTycdHyBKjc0OyeKDhG4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=olYolsple+Xfki4V7lK5mRJmU7YgkFWFDNcu+ptbQ7s=; b=KOUk2GhM/o+zAGGkldASrlBHD8+CJqTWaGA3Lakfm/bJEg8IY1sn/B3vKA2goDqUxF LiGNQwzWtr2A8FAG6cwgdWt3jQQZBAjpTh5ZwiFnWBhuFyMjeIuqhMAxmZhDJWsEHFQu oaAGk+DOKBVrEDP/6AK7omc+5ozcpTwz06OjJ1cxOQd7l28eXUZLvDQVhZnhSFSFQX0G 9fD6vlwCXny1YWLJUCllvGdvPqRKw8vPpQdFNvotpluQ1HeAokCSTXGGAkNDNzgI9t9B pEKUDhKT8fv0nEYw5wVRXI+MdnX3If0I6MnqCnDTomisKgtEuMueD/IFnnvvqn/CEmFq Dsxg== X-Gm-Message-State: AOUpUlHQniwyhktL4mW3NSop+WSQdEIwGIrNpzG661QuDV+F3sp40fTp BAnPwBteYduyDZ/yZ9cbyCgF+tqbz8DChIOpphtZbg== X-Google-Smtp-Source: AA+uWPzz/akF2QBMKhVrQ1f+wtJqPOIUcSqRm7gIv+p3FEjKidVmRTdMwmAmlvOGwlFfBId/SpzTDPrrh3ufo9RDz5A= X-Received: by 2002:a19:e9d7:: with SMTP id j84-v6mr2900416lfk.115.1533858954719; Thu, 09 Aug 2018 16:55:54 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a2e:5205:0:0:0:0:0 with HTTP; Thu, 9 Aug 2018 16:55:53 -0700 (PDT) In-Reply-To: <17acb9c4-f775-04be-4903-3d022a2fa1ac@yandex.ru> References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> <17acb9c4-f775-04be-4903-3d022a2fa1ac@yandex.ru> From: Jim Thompson Date: Thu, 9 Aug 2018 18:55:53 -0500 Message-ID: Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? To: "Andrey V. Elsukov" Cc: "David P. Discher" , John-Mark Gurney , "freebsd-net@freebsd.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 23:55:57 -0000 You're not running AES-GCM, you're running AES-CBC + HMAC-SHA256 > E: rijndael-cbc 221239cf e0ddedc5 88f1f711 5e744723 > A: hmac-sha2-256 bf214e0e 73b27e42 1090a067 eaed9e2a d36d3ae7 529a40a1 bf5ea2c9 0e3f5f27 Try running AES-GCM. Example (from the work that gnn@ and I did back in 2014/15): https://github.com/freebsd-net/netperf/blob/master/IPSEC/Configs/dut-aes-gc= m.conf https://github.com/freebsd-net/netperf/blob/master/IPSEC/Configs/source-aes= -gcm.conf Results on larger hardware, if you care: https://github.com/freebsd-net/netperf/blob/master/Documentation/Presentati= ons/BSDCan2015.pdf Once you have that running, see if setting net.inet.ipsec.async_crypto=3D1 helps Also, if PMTU doesn't work on your path, clamp TCP MSS to 1400 on both sides. # ipfw add # tcp-setmss 1400 or scrub on max-mss 1400 in your pf.conf That all said, I only get around 400Mbps using AES-GCM over a real 1gbps path between my house and work running a C2558 at home. I'm running pfSense (because... you know...), but you should be able to achieve similar results with a stock FreeBSD 11.2 system. If you want to go faster, we've seen 856 mbps over a pair of C3558s, using just AES-GCM w/AES-NI. This is with 'pf' on, and KPI mitigations running, btw. If anything, i'd expect routed ipsec to be a bit faster. Jim On Thu, Aug 9, 2018 at 3:55 PM, Andrey V. Elsukov wrote= : > On 09.08.2018 23:11, David P. Discher wrote: > > The documentation for using IPSec (especially if_ipsec) is really thin > > for freebsd, so I pieced some of this together from various posts and > > mailing lists threads. > > > > Is there no need for racoon ? How in this example is the IKE/ISAKMP > > setup done ? Is setkey doing this ? > > > This is 11.2-stable, shortly after release =E2=80=A6 I don=E2=80=99t ha= ve this sysctl. > > This is manually configured tunnel between two FreeBSD 12.0-CURRENT > hosts. I can suggest to try patch and config from this post: > > https://lists.freebsd.org/pipermail/freebsd-net/2018-May/050509.html > > >> Need to see your setkey.conf, or at least the output of setkey -D.. > > > > > > setkey.conf is : > > > > flush; > > spdflush; > > > > spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P out ipsec > > esp/tunnel/10.245.0.201-10.245.0.202/unique:12; > > spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P in ipsec > > esp/tunnel/10.245.0.202-10.245.0.201/unique:12; > > spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P out ipsec > > esp/tunnel/10.245.0.201-10.245.0.203/unique:4; > > spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P in ipsec > > esp/tunnel/10.245.0.203-10.245.0.201/unique:4; > > You don't need to create security policies for if_ipsec interfaces. They > are created by interface automatically. > > -- > WBR, Andrey V. Elsukov > > From owner-freebsd-net@freebsd.org Fri Aug 10 13:08:23 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C21DD106A84B for ; Fri, 10 Aug 2018 13:08:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 5EB388A255 for ; Fri, 10 Aug 2018 13:08:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 205DF106A84A; Fri, 10 Aug 2018 13:08:23 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0F148106A849 for ; Fri, 10 Aug 2018 13:08:23 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A4A038A252 for ; Fri, 10 Aug 2018 13:08:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id EA7402557D for ; Fri, 10 Aug 2018 13:08:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w7AD8Lg2036107 for ; Fri, 10 Aug 2018 13:08:21 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w7AD8LRn036106 for net@FreeBSD.org; Fri, 10 Aug 2018 13:08:21 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 218579] Wake on Lan doesn't work for bge NIC driver Date: Fri, 10 Aug 2018 13:08:21 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: needs-qa, patch, regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: nkulaga@gmail.com X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: cy@FreeBSD.org X-Bugzilla-Flags: mfc-stable10? mfc-stable11? X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Aug 2018 13:08:23 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D218579 NK changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nkulaga@gmail.com --- Comment #10 from NK --- There still have issue with WOL patch for bge driver on FreeBSD 11.2. It seems there is boot issues, see here: https://www.xigmanas.com/forums/viewtopic.php?f=3D78&t=3D13807#p85480 --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 10 19:13:55 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 73E401072666 for ; Fri, 10 Aug 2018 19:13:55 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mx0.gentlemail.de (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EB9B676CA4; Fri, 10 Aug 2018 19:13:54 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mh0.gentlemail.de (ezra.dcm1.omnilan.net [78.138.80.135]) by mx0.gentlemail.de (8.14.5/8.14.5) with ESMTP id w7AJDoG1089029; Fri, 10 Aug 2018 21:13:51 +0200 (CEST) (envelope-from freebsd@omnilan.de) Received: from titan.inop.mo1.omnilan.net (s1.omnilan.de [217.91.127.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mh0.gentlemail.de (Postfix) with ESMTPSA id CAA8F1D8; Fri, 10 Aug 2018 21:13:50 +0200 (CEST) Subject: New iflib/e1000 panic (vlan) report [Was: Re: svn commit: r333338 - in stable/11/sys: dev/bnxt kern net sys] To: Kevin Bowling Cc: Stephen Hurd , "freebsd-net@freebsd.org" References: <201805072142.w47LgN1R041002@repo.freebsd.org> <5AF16B8B.7030703@omnilan.de> <5AF17134.7020602@omnilan.de> From: Harry Schmalzbauer Organization: OmniLAN Message-ID: <0dc2b3ef-d29c-f9d3-343c-67c66a9c98c7@omnilan.de> Date: Fri, 10 Aug 2018 21:13:47 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Greylist: ACL 130 matched, not delayed by milter-greylist-4.2.7 (mx0.gentlemail.de [78.138.80.130]); Fri, 10 Aug 2018 21:13:51 +0200 (CEST) X-Milter: Spamilter (Reciever: mx0.gentlemail.de; Sender-ip: 78.138.80.135; Sender-helo: mh0.gentlemail.de; ) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Aug 2018 19:13:55 -0000 Am 08.05.2018 um 11:52 schrieb Kevin Bowling: > On Tue, May 8, 2018 at 2:43 AM, Harry Schmalzbauer wrote: >> Bezüglich Kevin Bowling's Nachricht vom 08.05.2018 11:26 (localtime): >>> iflib in stable/11 only affects bnxt at this time. >>> >>> You should try out HEAD and let us know for the rest of your questions. … >> it's more than one, I'll file a PR. >> But if the simple iflib/hw-support test with kawela+hartwell helps I'm >> happy to do. > > At this point it would be helpful, we think e1000 is nearing pretty > good shape and I need to become familiar with any outstanding bugs. FYI: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230510 Didn't know if I should add people's email to the bug "users" without their request/permission. -harry From owner-freebsd-net@freebsd.org Fri Aug 10 20:44:06 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7C9C21074C9A for ; Fri, 10 Aug 2018 20:44:06 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost2.sentex.ca (smarthost2.sentex.ca [IPv6:2607:f3e0:80:80::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smarthost2.sentex.ca", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CDBB77A7C7 for ; Fri, 10 Aug 2018 20:44:05 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (lava.sentex.ca [IPv6:2607:f3e0:0:5:0:0:0:11]) by smarthost2.sentex.ca (8.15.2/8.15.2) with ESMTPS id w7AKi4oN040614 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 10 Aug 2018 16:44:05 -0400 (EDT) (envelope-from mike@sentex.net) Received: from [192.168.43.26] (saphire3.sentex.net [192.168.43.26]) by lava.sentex.ca (8.15.2/8.15.2) with ESMTP id w7AKi2T7020372; Fri, 10 Aug 2018 16:44:02 -0400 (EDT) (envelope-from mike@sentex.net) Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? To: "David P. Discher" , "Andrey V. Elsukov" , John-Mark Gurney Cc: freebsd-net@freebsd.org References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> From: Mike Tancsa Openpgp: preference=signencrypt Autocrypt: addr=mike@sentex.net; prefer-encrypt=mutual; keydata= xsBNBEzcA24BCACpwI/iqOrs0GfQSfhA1v6Z8AcXVeGsRyKEKUpxoOYxXWc2z3vndbYlIP6E YJeifzKhS/9E+VjhhICaepLHfw865TDTUPr5D0Ed+edSsKjlnDtb6hfNJC00P7eoiuvi85TW F/gAxRY269A5d856bYrzLbkWp2lKUR3Bg6NnORtflGzx9ZWAltZbjYjjRqegPv0EQNYcHqWo eRpXilEo1ahT6nmOU8V7yEvT2j4wlLcQ6qg7w+N/vcBvyd/weiwHU+vTQ9mT61x5/wUrQhdw 2gJHeQXeDGMJV49RT2EEz+QVxaf477eyWsdQzPVjAKRMT3BVdK8WvpYAEfBAbXmkboOxABEB AAHNHG1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5jYT7CwHgEEwECACIFAkzcA24CGwMGCwkI BwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEJXHwM2kc8rX+sMH/2V6pTBKsQ5mpWWLgs6wVP2k BC+6r/YKNXv9Rw/PrC6+9hTbgA+sSjJ+8gxsCbJsOQXZrxF0x3l9oYdYfuKcwdwXFX1/FS8p HfBeDkmlH+dI709xT9wgrR4dS5aMmKp0scPrXPIAKiYVOHjOlNItcLYTEEWEFBepheEVsgmk GrNbcrHwOx/u4igUQ8vcpyXPyUki+BsftPw8ZQvBU887igh0OxaCR8AurJppQ5UQd63r81cX E1ZjoFoWCaGK/SjPb/OhpYpu5swoZIhOxQbn7OtakYPsDd5t2A5KhvjI8BMTnd5Go+2xsCmr jlIEq8Bi29gCcfQUvNiClevi13ifmnnOwE0ETNwDbgEIALWGNJHRAhpd0A4vtd3G0oRqMBcM FGThQr3qORmEBTPPEomTdBaHcn+Xl+3YUvTBD/67/mutWBwgp2R5gQOSqcM7axvgMSHbKqBL 9sd1LsLw0UT2O5AYxv3EwzhG84pwRg3XcUqvWA4lA8tIj/1q4Jzi5qOkg1zxq4W9qr9oiYK5 bBR638JUvr3eHMaz/Nz+sDVFgwHmXZj3M6aE5Ce9reCGbvrae7H5D5PPvtT3r22X8SqfVAiO TFKedCf/6jbSOedPN931FJQYopj9P6b3m0nI3ZiCDVSqeyOAIBLzm+RBUIU3brzoxDhYR8pz CJc2sK8l6YjqivPakrD86bFDff8AEQEAAcLAXwQYAQIACQUCTNwDbgIbDAAKCRCVx8DNpHPK 1+iQB/99aqNtez9ZTBWELj269La8ntuRx6gCpzfPXfn6SDIfTItDxTh1hrdRVP5QNGGF5wus N4EMwXouskva1hbFX3Pv72csYSxxEJXjW16oV8WK4KjKXoskLg2RyRP4uXqL7Mp2ezNtVY5F 9nu3fj4ydpHCSaqKy5xd70A8D50PfZsFgkrsa5gdQhPiGGEdxhq/XSeAAnZ4uVLJKarH+mj5 MEhgZPEBWkGrbDZpezl9qbFcUem/uT9x8FYT/JIztMVh9qDcdP5tzANW5J7nvgXjska+VFGY ryZK4SPDczh74mn6GI/+RBi7OUzXXPgpPBrhS5FByjwCqjjsSpTjTds+NGIY Organization: Sentex Communications Message-ID: Date: Fri, 10 Aug 2018 16:44:03 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.83 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Aug 2018 20:44:06 -0000 On 8/9/2018 4:11 PM, David P. Discher wrote: > [ pts/0 sjc2 util201:~ ] > [ dpd ] > sudo setkey -D > Password: > 10.245.0.201 10.245.0.202 > esp mode=tunnel spi=60080461(0x0394c14d) reqid=12(0x0000000c) > E: rijndael-cbc 79e053a5 221c6d48 31e4c98a 3ae8c8ed ^^^^^^^^ ^^^^^^^^ ^^^^^^^^ ^^^^^^^^ BTW, if you use a static psk, does not the above line essentially give someone with access to the ESP traffic a way to decode your traffic ? ---Mike > A: hmac-sha2-256 9f1a4188 7849ad94 41cfd974 a5e0570a cc7c54a5 c16f5ebc 6bb39fbb 212abce0 > seq=0x00000011 replay=4 flags=0x00000000 state=mature > created: Aug 9 19:21:15 2018 current: Aug 9 19:38:13 2018 > diff: 1018(s) hard: 86400(s) soft: 69120(s) > last: Aug 9 19:21:16 2018 hard: 0(s) soft: 0(s) > current: 2652(bytes) hard: 0(bytes) soft: 0(bytes) > allocated: 17 hard: 0 soft: 0 > sadb_seq=1 pid=2441 refcnt=1 > 10.245.0.202 10.245.0.201 > esp mode=tunnel spi=170852236(0x0a2eff8c) reqid=12(0x0000000c) > E: rijndael-cbc 221239cf e0ddedc5 88f1f711 5e744723 > A: hmac-sha2-256 bf214e0e 73b27e42 1090a067 eaed9e2a d36d3ae7 529a40a1 bf5ea2c9 0e3f5f27 > seq=0x00000000 replay=4 flags=0x00000000 state=mature > created: Aug 9 19:21:15 2018 current: Aug 9 19:38:13 2018 > diff: 1018(s) hard: 86400(s) soft: 69120(s) > last: hard: 0(s) soft: 0(s) > current: 0(bytes) hard: 0(bytes) soft: 0(bytes) > allocated: 0 hard: 0 soft: 0 > sadb_seq=0 pid=2441 refcnt=1 > > > > [ pts/0 sjc2 util201:~ ] > [ dpd ] > sudo setkey -D -P > 172.30.1.12/30[any] 172.30.1.12/30[any] any > in ipsec > esp/tunnel/10.245.0.202-10.245.0.201/unique:12 > spid=22 seq=11 pid=2443 scope=global > refcnt=1 > 172.30.1.4/30[any] 172.30.1.4/30[any] any > in ipsec > esp/tunnel/10.245.0.203-10.245.0.201/unique:4 > spid=24 seq=10 pid=2443 scope=global > refcnt=1 > 0.0.0.0/0[any] 0.0.0.0/0[any] any > in ipsec > esp/tunnel/10.245.0.202-10.245.0.201/unique:12 > spid=5 seq=9 pid=2443 scope=ifnet ifname=ipsec12 > refcnt=1 > ::/0[any] ::/0[any] any > in ipsec > esp/tunnel/10.245.0.202-10.245.0.201/unique:12 > spid=7 seq=8 pid=2443 scope=ifnet ifname=ipsec12 > refcnt=1 > 0.0.0.0/0[any] 0.0.0.0/0[any] any > in ipsec > esp/tunnel/10.245.0.203-10.245.0.201/unique:4 > spid=13 seq=7 pid=2443 scope=ifnet ifname=ipsec4 > refcnt=1 > ::/0[any] ::/0[any] any > in ipsec > esp/tunnel/10.245.0.203-10.245.0.201/unique:4 > spid=15 seq=6 pid=2443 scope=ifnet ifname=ipsec4 > refcnt=1 > 172.30.1.12/30[any] 172.30.1.12/30[any] any > out ipsec > esp/tunnel/10.245.0.201-10.245.0.202/unique:12 > spid=21 seq=5 pid=2443 scope=global > refcnt=1 > 172.30.1.4/30[any] 172.30.1.4/30[any] any > out ipsec > esp/tunnel/10.245.0.201-10.245.0.203/unique:4 > spid=23 seq=4 pid=2443 scope=global > refcnt=1 > 0.0.0.0/0[any] 0.0.0.0/0[any] any > out ipsec > esp/tunnel/10.245.0.201-10.245.0.202/unique:12 > spid=6 seq=3 pid=2443 scope=ifnet ifname=ipsec12 > refcnt=1 > ::/0[any] ::/0[any] any > out ipsec > esp/tunnel/10.245.0.201-10.245.0.202/unique:12 > spid=8 seq=2 pid=2443 scope=ifnet ifname=ipsec12 > refcnt=1 > 0.0.0.0/0[any] 0.0.0.0/0[any] any > out ipsec > esp/tunnel/10.245.0.201-10.245.0.203/unique:4 > spid=14 seq=1 pid=2443 scope=ifnet ifname=ipsec4 > refcnt=1 > ::/0[any] ::/0[any] any > out ipsec > esp/tunnel/10.245.0.201-10.245.0.203/unique:4 > spid=16 seq=0 pid=2443 scope=ifnet ifname=ipsec4 > refcnt=1 > > > -- > David P. Discher > https://davidpdischer.com/ > 408.368.3725 • dpd@dpdtech.com > > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > -- ------------------- Mike Tancsa, tel +1 519 651 3400 x203 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada From owner-freebsd-net@freebsd.org Fri Aug 10 21:38:55 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1C0AA1075B62 for ; Fri, 10 Aug 2018 21:38:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id A8A927C162 for ; Fri, 10 Aug 2018 21:38:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 6DF281075B5E; Fri, 10 Aug 2018 21:38:54 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5CB081075B5C for ; Fri, 10 Aug 2018 21:38:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id F00477C15B for ; Fri, 10 Aug 2018 21:38:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 43EC09C26 for ; Fri, 10 Aug 2018 21:38:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w7ALcrHt068078 for ; Fri, 10 Aug 2018 21:38:53 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w7ALcrvo068077 for net@FreeBSD.org; Fri, 10 Aug 2018 21:38:53 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 230510] iflib/vlan panic: sleeping thread Date: Fri, 10 Aug 2018 21:38:53 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: panic X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: keywords assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Aug 2018 21:38:55 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230510 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |panic Assignee|bugs@FreeBSD.org |net@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sat Aug 11 01:47:17 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5311710558AA for ; Sat, 11 Aug 2018 01:47:17 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C7287852E0 for ; Sat, 11 Aug 2018 01:47:16 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id w7B1l7tP023824 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 10 Aug 2018 18:47:07 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id w7B1l71G023823; Fri, 10 Aug 2018 18:47:07 -0700 (PDT) (envelope-from jmg) Date: Fri, 10 Aug 2018 18:47:07 -0700 From: John-Mark Gurney To: "David P. Discher" Cc: "Andrey V. Elsukov" , freebsd-net@freebsd.org Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? Message-ID: <20180811014707.GB97145@funkthat.com> Mail-Followup-To: "David P. Discher" , "Andrey V. Elsukov" , freebsd-net@freebsd.org References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 11.0-RELEASE-p7 amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Fri, 10 Aug 2018 18:47:07 -0700 (PDT) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Aug 2018 01:47:17 -0000 David P. Discher wrote this message on Thu, Aug 09, 2018 at 13:11 -0700: > The documentation for using IPSec (especially if_ipsec) is really thin for freebsd, so I pieced some of this together from various posts and mailing lists threads. > > Is there no need for racoon ? How in this example is the IKE/ISAKMP setup done ? Is setkey doing this ? Yeah, it is... A few of us have sample config files floating around.. When I was doing testing I used: https://github.com/jmgurney/ipseccfgs > > On Aug 9, 2018, at 1:32 AM, Andrey V. Elsukov wrote: > > > > # kldload aesni > > # setkey -DF > > # setkey -c > > add 10.0.0.25 10.0.0.15 esp 10000 -m tunnel -u 16385 -E rijndael-cbc > > "0123456789123456"; > > add 10.0.0.15 10.0.0.25 esp 20000 -m tunnel -u 16385 -E rijndael-cbc > > "0123456789123456"; > > > > # sysctl net.inet.ipsec.async_crypto=0 > > net.inet.ipsec.async_crypto: 1 -> 0 > > This is 11.2-stable, shortly after release ??? I don???t have this sysctl. > > [ pts/0 sjc2 util201:~ ] > [ dpd ] > sysctl net.inet.ipsec > net.inet.ipsec.def_policy: 1 > net.inet.ipsec.esp_trans_deflev: 1 > net.inet.ipsec.esp_net_deflev: 1 > net.inet.ipsec.ah_trans_deflev: 1 > net.inet.ipsec.ah_net_deflev: 1 > net.inet.ipsec.ah_cleartos: 1 > net.inet.ipsec.dfbit: 0 > net.inet.ipsec.ecn: 0 > net.inet.ipsec.debug: 0 > net.inet.ipsec.filtertunnel: 0 > net.inet.ipsec.natt_cksum_policy: 0 > net.inet.ipsec.check_policy_history: 0 > net.inet.ipsec.crypto_support: 50331648 > > > > > On Aug 9, 2018, at 6:40 AM, John-Mark Gurney wrote: > > > > > > You don't show what ciphers you are using. It could be that you're > > using CBC mode, which is known to be slow, or that you're using a > > slow AH that is limiting performance, and not the cipher... > > > > Need to see your setkey.conf, or at least the output of setkey -D.. > > racoon.conf is : > > sainfo anonymous > { > pfs_group 2; > lifetime time 86400 seconds; > encryption_algorithm aes; > authentication_algorithm hmac_sha256; > compression_algorithm deflate; > } > > remote 10.245.0.202 [500] { > passive off; > my_identifier address 172.30.1.13; > exchange_mode main; > lifetime time 24 hour; > proposal { > encryption_algorithm aes; > hash_algorithm sha1; > authentication_method pre_shared_key; > dh_group 2; > }} > > > For some reason, I don???t think I can use AES-GCM on the juniper side, because of a combination of other required settings. I remember trying, but don???t remember why I can???t. > > > setkey.conf is : > > flush; > spdflush; > > spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P out ipsec esp/tunnel/10.245.0.201-10.245.0.202/unique:12; > spdadd -4n 172.30.1.12/30 172.30.1.12/30 any -P in ipsec esp/tunnel/10.245.0.202-10.245.0.201/unique:12; > spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P out ipsec esp/tunnel/10.245.0.201-10.245.0.203/unique:4; > spdadd -4n 172.30.1.4/30 172.30.1.4/30 any -P in ipsec esp/tunnel/10.245.0.203-10.245.0.201/unique:4; > > And that results in : > > [ pts/0 sjc2 util201:~ ] > [ dpd ] > sudo setkey -D > Password: > 10.245.0.201 10.245.0.202 > esp mode=tunnel spi=60080461(0x0394c14d) reqid=12(0x0000000c) > E: rijndael-cbc xxxx > A: hmac-sha2-256 xxxx Yeah, this is AES-CBC, and will always be slow on encryption, decryption will be fast though... To get max possible speed (per core), you can run: openssl speed -evp aes-128-cbc I believe that crypto will be single threaded on output, so you could try to enable net.inet.ipsec.async_crypto and see if that helps.. This will let your sending process be on one core while handing the encryption off to another thread... If you were running HEAD, you'd also get further improvements by there being multiple threads doing processing, but it looks like that change hasn't been MFC'd yet... Switching to SHA2-512 will also improve performance on 64bit systems... Also, check to make sure that the various processes are consuming 100% usage, and likely you'll see that.. Also, try running multiple streams to see if you get better performance, you should get signifcantly better performance as that'll split the work among multiple threads... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-net@freebsd.org Sat Aug 11 01:48:52 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C379910559DC for ; Sat, 11 Aug 2018 01:48:52 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CA9C853CE for ; Sat, 11 Aug 2018 01:48:52 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id w7B1mokl023852 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 10 Aug 2018 18:48:50 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id w7B1mno5023851; Fri, 10 Aug 2018 18:48:49 -0700 (PDT) (envelope-from jmg) Date: Fri, 10 Aug 2018 18:48:49 -0700 From: John-Mark Gurney To: Mike Tancsa Cc: "David P. Discher" , "Andrey V. Elsukov" , freebsd-net@freebsd.org Subject: Re: Is if_ipsec/ipsec - AESNI accelerated ? Message-ID: <20180811014849.GC97145@funkthat.com> Mail-Followup-To: Mike Tancsa , "David P. Discher" , "Andrey V. Elsukov" , freebsd-net@freebsd.org References: <62E0C365-AD64-4383-8BA4-298AA0E292F4@dpdtech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 11.0-RELEASE-p7 amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Fri, 10 Aug 2018 18:48:50 -0700 (PDT) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Aug 2018 01:48:52 -0000 Mike Tancsa wrote this message on Fri, Aug 10, 2018 at 16:44 -0400: > On 8/9/2018 4:11 PM, David P. Discher wrote: > > [ pts/0 sjc2 util201:~ ] > > [ dpd ] > sudo setkey -D > > Password: > > 10.245.0.201 10.245.0.202 > > esp mode=tunnel spi=60080461(0x0394c14d) reqid=12(0x0000000c) > > E: rijndael-cbc xxxx > ^^^^^^^^ ^^^^^^^^ ^^^^^^^^ ^^^^^^^^ > > BTW, if you use a static psk, does not the above line essentially give > someone with access to the ESP traffic a way to decode your traffic ? Yes, this does... And the A: line gives you the ability to spoof packets as well... Hopefully there wasn't any important data encrypted w/ that key... Always X those out... > > A: hmac-sha2-256 xxx -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-net@freebsd.org Sat Aug 11 09:04:40 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B2E521063C16 for ; Sat, 11 Aug 2018 09:04:40 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 610BE727F7; Sat, 11 Aug 2018 09:04:40 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from venus.codepro.be (venus.codepro.be [IPv6:2a01:4f8:162:1127::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.codepro.be", Issuer "Gandi Standard SSL CA 2" (verified OK)) (Authenticated sender: kp) by smtp.freebsd.org (Postfix) with ESMTPSA id 130BEE6B8; Sat, 11 Aug 2018 09:04:40 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from [172.28.128.1] (p5B34BA34.dip0.t-ipconnect.de [91.52.186.52]) (Authenticated sender: kp) by venus.codepro.be (Postfix) with ESMTPSA id 684F44C4C6; Sat, 11 Aug 2018 11:04:38 +0200 (CEST) From: "Kristof Provost" To: "FreeBSD Net" Cc: mmacy@FreeBSD.org Subject: Panic during ci test run Date: Sat, 11 Aug 2018 11:04:37 +0200 X-Mailer: MailMate (2.0BETAr6116) Message-ID: <34C6043C-FDD2-4812-AFF3-C61DEF7AE435@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed; markup=markdown Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Aug 2018 09:04:41 -0000 The fibs_test:subnet_route_with_multiple_fibs_on_same_subnet test (/usr/tests/sys/netinet/) consistently provokes a panic. Note that this requires: - test_suites.FreeBSD.fibs = '1 2' in /usr/local/etc/kyua/kyua.conf - net.fibs=3 in /boot/loader.conf - sysctl net.add_addr_allfibs=0 Then: - cd /usr/tests/sys/netinet/ - sudo kyua test This results in: Fatal trap 9: general protection fault while in kernel mode cpuid = 2; apic id = 02 instruction pointer = 0x20:0xffffffff80ded4c3 stack pointer = 0x28:0xfffffe0000427860 frame pointer = 0x28:0xfffffe00004278a0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 0 (softirq_2) [ thread pid 0 tid 100021 ] Stopped at inp_gcmoptions+0xe3: movq ll+0x33f(%rax),%r9 db> bt Tracing pid 0 tid 100021 td 0xfffff80004605000 inp_gcmoptions() at inp_gcmoptions+0xe3/frame 0xfffffe00004278a0 epoch_call_task() at epoch_call_task+0x21a/frame 0xfffffe00004278f0 gtaskqueue_run_locked() at gtaskqueue_run_locked+0x139/frame 0xfffffe0000427940 gtaskqueue_thread_loop() at gtaskqueue_thread_loop+0x88/frame 0xfffffe0000427970 fork_exit() at fork_exit+0x84/frame 0xfffffe00004279b0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00004279b0 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- kgdb decodes that to: #0 __curthread () at ./machine/pcpu.h:230 #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff8043dd4b in db_dump (dummy=, dummy2=, dummy3=, dummy4=) at /usr/src/sys/ddb/db_command.c:574 #3 0xffffffff8043db19 in db_command (last_cmdp=, cmd_table=, dopager=) at /usr/src/sys/ddb/db_command.c:481 #4 0xffffffff8043d894 in db_command_loop () at /usr/src/sys/ddb/db_command.c:534 #5 0xffffffff80440abf in db_trap (type=, code=) at /usr/src/sys/ddb/db_main.c:252 #6 0xffffffff80bdef43 in kdb_trap (type=9, code=0, tf=) at /usr/src/sys/kern/subr_kdb.c:693 #7 0xffffffff8107aee1 in trap_fatal (frame=0xfffffe00004277a0, eva=0) at /usr/src/sys/amd64/amd64/trap.c:906 #8 0xffffffff8107a3bd in trap (frame=0xfffffe00004277a0) at /usr/src/sys/amd64/amd64/trap.c:203 #9 #10 inp_gcmoptions (ctx=0xfffff800142da5e0) at /usr/src/sys/netinet6/in6_mcast.c:1650 #11 0xffffffff80bd9c7a in epoch_call_task (arg=) at /usr/src/sys/kern/subr_epoch.c:507 #12 0xffffffff80bdd069 in gtaskqueue_run_locked (queue=0xfffff800040ceb00) at /usr/src/sys/kern/subr_gtaskqueue.c:332 #13 0xffffffff80bdcde8 in gtaskqueue_thread_loop (arg=) at /usr/src/sys/kern/subr_gtaskqueue.c:507 #14 0xffffffff80b53084 in fork_exit (callout=0xffffffff80bdcd60 , arg=0xfffffe0087e40038, frame=0xfffffe00004279c0) at /usr/src/sys/kern/kern_fork.c:1057 #15 It looks like the inm has been freed at that point, so we try to dereference a freed pointer, and that doesn’t go well for us: (kgdb) fr 10 #10 inp_gcmoptions (ctx=0xfffff800142da5e0) at /usr/src/sys/netinet6/in6_mcast.c:1650 1650 CURVNET_SET(ifp->if_vnet); (kgdb) p ifp $1 = (struct ifnet *) 0xdeadc0dedeadc0de (kgdb) (kgdb) l 1645 if (imf) 1646 im6f_leave(imf); 1647 inm = imo->im6o_membership[idx]; 1648 ifp = inm->in6m_ifp; 1649 if (ifp != NULL) { 1650 CURVNET_SET(ifp->if_vnet); 1651 (void)in6_leavegroup(inm, imf); 1652 CURVNET_RESTORE(); 1653 } else { 1654 (void)in6_leavegroup(inm, imf); (kgdb) p inm $2 = (struct in6_multi *) 0xfffff8001435b200 (kgdb) p *inm $3 = {in6m_addr = {__u6_addr = {__u6_addr8 = "\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255", , __u6_addr16 = {49374, 57005, 49374, 57005, 49374, 57005, 49374, 57005}, __u6_addr32 = {3735929054, 3735929054, 3735929054, 3735929054}}}, in6m_ifp = 0xdeadc0dedeadc0de, in6m_ifma = 0xdeadc0dedeadc0de, in6m_refcount = 3735929054, in6m_state = 3735929054, in6m_timer = 3735929054, in6m_mli = 0xdeadc0dedeadc0de, in6m_nrele = {sle_next = 0xdeadc0dedeadc0de}, in6m_srcs = { rbh_root = 0xdeadc0dedeadc0de}, in6m_nsrc = 16045693110842147038, in6m_scq = {mq_head = {stqh_first = 0xdeadc0dedeadc0de, stqh_last = 0xdeadc0dedeadc0de}, mq_len = -559038242, mq_maxlen = -559038242}, in6m_lastgsrtv = {tv_sec = -2401050962867404578, tv_usec = -2401050962867404578}, in6m_sctimer = 49374, in6m_scrv = 57005, in6m_st = {{iss_fmode = 49374, iss_asm = 57005, iss_ex = 49374, iss_in = 57005, iss_rec = 49374}, {iss_fmode = 57005, iss_asm = 49374, iss_ex = 57005, iss_in = 49374, iss_rec = 57005}}} (kgdb) (kgdb) p nmships $4 = 1 (kgdb) p *imf $6 = {im6f_sources = {rbh_root = 0x0}, im6f_nsrc = 0, im6f_st = "\002\001"} (kgdb) Regards, Kristof From owner-freebsd-net@freebsd.org Sat Aug 11 15:42:17 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 402071070EBD for ; Sat, 11 Aug 2018 15:42:17 +0000 (UTC) (envelope-from longwitz@incore.de) Received: from dss.incore.de (dss.incore.de [195.145.1.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CFE1484369 for ; Sat, 11 Aug 2018 15:42:16 +0000 (UTC) (envelope-from longwitz@incore.de) Received: from inetmail.dmz (inetmail.dmz [10.3.0.3]) by dss.incore.de (Postfix) with ESMTP id B924936CD for ; Sat, 11 Aug 2018 17:42:08 +0200 (CEST) X-Virus-Scanned: amavisd-new at incore.de Received: from dss.incore.de ([10.3.0.3]) by inetmail.dmz (inetmail.dmz [10.3.0.3]) (amavisd-new, port 10024) with LMTP id 9S1dvDQLYg0L for ; Sat, 11 Aug 2018 17:42:07 +0200 (CEST) Received: from mail.local.incore (fwintern.dmz [10.0.0.253]) by dss.incore.de (Postfix) with ESMTP id DBD9236CE for ; Sat, 11 Aug 2018 17:42:06 +0200 (CEST) Received: from bsdmhs.longwitz (unknown [192.168.99.6]) by mail.local.incore (Postfix) with ESMTP id C0D26189 for ; Sat, 11 Aug 2018 17:42:06 +0200 (CEST) Message-ID: <5B6F03CE.8090105@incore.de> Date: Sat, 11 Aug 2018 17:42:06 +0200 From: Andreas Longwitz User-Agent: Thunderbird 2.0.0.19 (X11/20090113) MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: natd sends wrong sequence number when a retransmitted PASV packet comes in References: <5B6B2725.9030306@incore.de> In-Reply-To: <5B6B2725.9030306@incore.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Aug 2018 15:42:17 -0000 At first I have to correct a typo in my former post: "must have sequence number 465" (not 455). In the meantime I have build a complete test environment to debug this problem and I am rather sure, there is a bug in natd. For every ftp connection natd creates a little table (struct ack_data_record ack) of size N_LINK_TCP_DATA to save the information about altered length for TCP packets. This table is filled in function AddSeq() in a circular list each time when "227 Entering Passive Mode" is sent out to the ftp client. In TcpAliasOut there is a lookup in this table by calling GetDelteSeqOut() to get the correct delta value to create the value of seq for the outgoing packet. GetDeltaSeqOut searches the table in a sequential manner and looks for the biggest ack_old value not bigger than the actual seq and returns delta from the matching table line. As long as all ack_old in the table are different, there is no problem with this procedure. But if for what reason ever one of the "227 Entering" packets must be retransmitted, then we have two entries in the table with the same value of ack_old and maybe different delta because of port numbers with different decimal lenght. In this case if the delta information of the original "227 Entering" packet is placed in the table before the information of the replayed "227 Entering" packet the function GetDeltaSeqOut() returns for the next outgoing packet the wrong old delta value and the connection to the ftp client breaks. I think the function GetDeltaSeqOut() should also treat the table in a circular manner, so we can search the table from newer to older entries. Especially if there are identical ack_new values in the table, we can take the delta value of the last entry. The following patch solved the problem for me: --- alias_db.c.orig 2015-07-03 16:40:03.000000000 +0200 +++ alias_db.c 2018-08-10 23:31:09.242105000 +0200 @@ -2031,14 +2035,18 @@ packet size was altered is searched. */ - int i; + int i, j; int delta, seq_diff_min; delta = 0; seq_diff_min = -1; - for (i = 0; i < N_LINK_TCP_DATA; i++) { + i = lnk->data.tcp->state.index; + for (j = 0; j < N_LINK_TCP_DATA; j++) { struct ack_data_record x; + if (i == 0) + i = N_LINK_TCP_DATA; + i--; x = lnk->data.tcp->ack[i]; if (x.active == 1) { int seq_diff; Please can somebody review this patch. I am not sure if the same modification should also be done in the function GetDeltaAckIn(). -- Andreas Longwitz