From owner-freebsd-net@FreeBSD.ORG Sun Jul 26 23:25:14 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CF17E1065670 for ; Sun, 26 Jul 2009 23:25:14 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from shrew.net (shrew.net [206.223.169.85]) by mx1.freebsd.org (Postfix) with ESMTP id 9EFED8FC1B for ; Sun, 26 Jul 2009 23:25:14 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from localhost (unknown [206.223.169.82]) by shrew.net (Postfix) with ESMTP id 6916379E31B; Sun, 26 Jul 2009 18:25:14 -0500 (CDT) Received: from shrew.net ([206.223.169.85]) by localhost (mx1.hub.org [206.223.169.82]) (amavisd-new, port 10024) with ESMTP id 26118-10; Sun, 26 Jul 2009 23:25:14 +0000 (UTC) Received: from hole.shrew.net (cpe-66-25-161-129.austin.res.rr.com [66.25.161.129]) by shrew.net (Postfix) with ESMTP id B97BA79E2DD; Sun, 26 Jul 2009 18:25:13 -0500 (CDT) Received: from [10.22.200.30] (elon.shrew.net [10.22.200.30]) by hole.shrew.net (8.14.3/8.14.3) with ESMTP id n6QNNQ1w016517 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 26 Jul 2009 18:23:26 -0500 (CDT) (envelope-from mgrooms@shrew.net) Message-ID: <4A6CE5D6.3020709@shrew.net> Date: Sun, 26 Jul 2009 18:25:10 -0500 From: Matthew Grooms User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: Max Laier References: <4A638E76.2060706@shrew.net> <4A63A4B3.6090500@modulus.org> <3D3254E2-4E45-4C67-84D2-DB05660D768F@shrew.net> <200907201318.08122.max@love2party.net> In-Reply-To: <200907201318.08122.max@love2party.net> Content-Type: multipart/mixed; boundary="------------030001080308090008010309" Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD + carp on VMWare ESX X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2009 23:25:15 -0000 This is a multi-part message in MIME format. --------------030001080308090008010309 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Max Laier wrote: > > There is clearly something very wrong with how the vswitch works and it's not > really FreeBSD's job to work around these issues. The patch you posted is > rather intrusive and certainly not something we want in the tree. You should > talk to VMWare's support to fix the obvious short-comings in the vswitch > design. > I agree completely. We have a support contract with VMWare and I intend to open a ticket. However I think the likelihood of them providing a fix for this just about zero. Who knows, maybe they will surprise me. > As for your patch - you want "IF_ADDR_[UN]LOCK(ifp);" around walking the > address list. Don't forget to unlock before the return. > Thanks for the help. Here is an updated patch against 7.2 if anyone else has a VMWare + FreeBSD + CARP problem child and needs a fix today ... http://www.shrew.net/static/patches/esx-carp.diff The IPv6 code path is untested. Also, the changes were placed under a sysctl conditional so the following is required in /etc/sysctl.conf to enable it at boot time ... net.inet.carp.drop_echoed=1 Thanks again, -Matthew --------------030001080308090008010309 Content-Type: text/plain; name="esx-carp.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="esx-carp.diff" Index: ip_carp.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_carp.c,v retrieving revision 1.52.2.3 diff -u -r1.52.2.3 ip_carp.c --- ip_carp.c 9 May 2009 00:35:38 -0000 1.52.2.3 +++ ip_carp.c 26 Jul 2009 22:46:19 -0000 @@ -143,6 +143,8 @@ &carp_opts[CARPCTL_LOG], 0, "log bad carp packets"); SYSCTL_INT(_net_inet_carp, CARPCTL_ARPBALANCE, arpbalance, CTLFLAG_RW, &carp_opts[CARPCTL_ARPBALANCE], 0, "balance arp responses"); +SYSCTL_INT(_net_inet_carp, CARPCTL_DROPECHOED, drop_echoed, CTLFLAG_RW, + &carp_opts[CARPCTL_DROPECHOED], 0, "drop packets echoed to sender"); SYSCTL_INT(_net_inet_carp, OID_AUTO, suppress_preempt, CTLFLAG_RD, &carp_suppress_preempt, 0, "Preemption is suppressed"); @@ -552,6 +554,28 @@ return; } + /* + * verify that the source address is not valid + * for the interface it was received on. this + * tends to happen with VMWare ESX vSwitches. + */ + if (carp_opts[CARPCTL_DROPECHOED]) { + struct ifnet *ifp = m->m_pkthdr.rcvif; + struct ifaddr *ifa; + IF_ADDR_LOCK(ifp); + TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { + struct in_addr in4; + in4 = ifatoia(ifa)->ia_addr.sin_addr; + if (ifa->ifa_addr->sa_family == AF_INET && + in4.s_addr == ip->ip_src.s_addr) { + IF_ADDR_UNLOCK(ifp); + m_freem(m); + return; + } + } + IF_ADDR_UNLOCK(ifp); + } + /* verify that the IP TTL is 255. */ if (ip->ip_ttl != CARP_DFLTTL) { carpstats.carps_badttl++; @@ -644,6 +668,28 @@ return (IPPROTO_DONE); } + /* + * verify that the source address is not valid + * for the interface it was received on. this + * tends to happen with VMWare ESX vSwitches. + */ + if (carp_opts[CARPCTL_DROPECHOED]) { + struct ifnet *ifp = m->m_pkthdr.rcvif; + struct ifaddr *ifa; + IF_ADDR_LOCK(ifp); + TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { + struct in6_addr in6; + in6 = ifatoia6(ifa)->ia_addr.sin6_addr; + if (ifa->ifa_addr->sa_family == AF_INET6 && + memcmp(&in6, &ip6->ip6_src, sizeof(in6)) == 0) { + IF_ADDR_UNLOCK(ifp); + m_freem(m); + return (IPPROTO_DONE); + } + } + IF_ADDR_UNLOCK(ifp); + } + /* verify that the IP TTL is 255 */ if (ip6->ip6_hlim != CARP_DFLTTL) { carpstats.carps_badttl++; Index: ip_carp.h =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_carp.h,v retrieving revision 1.3 diff -u -r1.3 ip_carp.h --- ip_carp.h 1 Dec 2006 18:37:41 -0000 1.3 +++ ip_carp.h 26 Jul 2009 22:46:19 -0000 @@ -140,7 +140,8 @@ #define CARPCTL_LOG 3 /* log bad packets */ #define CARPCTL_STATS 4 /* statistics (read-only) */ #define CARPCTL_ARPBALANCE 5 /* balance arp responses */ -#define CARPCTL_MAXID 6 +#define CARPCTL_DROPECHOED 6 /* drop packets echoed to the sender */ +#define CARPCTL_MAXID 7 #define CARPCTL_NAMES { \ { 0, 0 }, \ --------------030001080308090008010309-- From owner-freebsd-net@FreeBSD.ORG Sun Jul 26 23:29:46 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4C4451065670; Sun, 26 Jul 2009 23:29:46 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id 09C7F8FC14; Sun, 26 Jul 2009 23:29:45 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 76CB33BC2CD; Sun, 26 Jul 2009 19:29:45 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Sun, 26 Jul 2009 19:29:45 -0400 X-Sasl-enc: +1BIe/eZTEKYlZHUTR/SXT3fJUtsKGwlje09A+N88E+9 1248650985 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id DBF54CCB8; Sun, 26 Jul 2009 19:29:44 -0400 (EDT) Message-ID: <4A6CE6E4.3010106@incunabulum.net> Date: Mon, 27 Jul 2009 00:29:40 +0100 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: iprebeg@freebsd.org References: <20090725130424.GA24589@valeria.zesoi.fer.hr> In-Reply-To: <20090725130424.GA24589@valeria.zesoi.fer.hr> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong multicast destination IP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2009 23:29:46 -0000 Hi, It sounds as though you are in fact running into a regression in the ARP cache code. Please see recent threads on current@, this is a known issue. Unfortunately I can't assist other than providing advice, I am very busy at the moment. iprebeg@freebsd.org wrote: > In recent current kernel, it appears that IGMPv2 reports (not IGMPv3) > are sent to wrong multicast address. I'm trying to setup mcast routing > in this way: > ... > mrouted is started on mr with configuration containing only one line: > I wouldn't rely on mrouted for anything, DVMRP is quite obsolete. mrouted does not support IGMPv3 to the best of my knowledge. It embeds its own IGMPv2 router control, and will act as a querier. This is why your boxes are reverting to IGMPv2 when mrouted is running. I would recommend ports/net/mcast-tools for exercising the multicast forwarding plane. There is a tool in there called 'mfc' which will let you temporarily install entries in the Multicast Forwarding Cache. Please don't use 'mfc' in a production environment -- there is no loop detection. The last time I fully tested multicast forwarding on the -CURRENT track was in March, right after the IGMPv3 drop went in, and right after MROUTING was cleaned up. I'm not aware of any regressions on that track, apart from the ARP cache regression which Xin Li was looking into. One chap on current@ reported that one of Xin Li's interim patches fixed his multicast issues, I believe I Cc'd you on that thread. Unfortunately Xin Li himself is also tied up at the moment. > ... > 1) No packets are forwarded. I hope that reason is problem stated in 2). > Anyway, I'd be happy if someone can confirm that I'm doing everything > right. It would be also cool if someone could post XORP configuration > that I can use for this configuration. I can see UDP packets reach em2 > iface on mr. > There is a config in XORP's tree called multicast4.boot, which is a basic example of PIM config. > 2) Even all machines support IGMPv3, after I start mrouted, network > converges to IGMPv2. What I see in tcpdump is that DIP of IGMPv2 > packets isn't in IGMP-CONTROL range (224.0.0.X), but it is set to IP > of group that it tries to join ( 235.0.0.1 in this case ). This is > not cast with IGMP leave or IGMPv3 reports which are generated by > same commands after I kill mrouted and network again converges to > IGMPv3. > These are not regressions at all -- you are seeing entirely standards conformant behaviour. The behaviour you report is entirely correct for IGMPv2 control traffic. Joins are always sent to the group itself. Leaves are sent to the fast-leave group 224.0.0.2. To the best of my knowledge, this behaviour has not regressed (at least at layer 3) in the network stack. I did have a set of automated QEMU and PCS based regression tests for IGMP. Unfortunately, due to broken serial behaviour, this does not work with FreeBSD 8-CURRENT, however it has worked with prior versions of FreeBSD. I'm sorry, I am very tied up with $DAYJOB at the moment and can't really be of further help. I can try to answer technical questions in email about the code, but I can't set aside any free time at the moment to test or debug. A good reference for multicast deployment is the book 'Interdomain Multicast Routing', I found it very helpful. Hopefully this is enough information to get you started on the right track. thanks, BMS From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 11:06:59 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 793791065673 for ; Mon, 27 Jul 2009 11:06:59 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 65D408FC34 for ; Mon, 27 Jul 2009 11:06:59 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6RB6xkn019039 for ; Mon, 27 Jul 2009 11:06:59 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6RB6w4k019035 for freebsd-net@FreeBSD.org; Mon, 27 Jul 2009 11:06:58 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 27 Jul 2009 11:06:58 GMT Message-Id: <200907271106.n6RB6w4k019035@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-net@FreeBSD.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 11:06:59 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/137089 net [lagg] lagg falsely triggers IPv6 duplicate address de o bin/136994 net [patch] ifconfig(8) print carp mac address o kern/136943 net [wpi] [lor] wpi0_com_lock / wpi0 o kern/136911 net [netgraph] [panic] system panic on kldload ng_bpf.ko t o kern/136876 net [bge] bge will not resume properly after suspend o kern/136836 net [ath] atheros card stops functioning after about 12 ho o kern/136803 net [sctp] [panic] Kernel panic and hanging on using SCTP o kern/136618 net [pf][stf] panic on cloning interface without unit numb o kern/136482 net [age] Attansic L1 Gigabit Ethernet recieves multicasts o kern/136168 net [em] em driver initialization fails on Intel 5000PSL m o kern/135836 net [bce] bce BCM5709 Watchdog after warm boot - ok after o kern/135502 net [periodic] Warning message raised by rtfree function i o kern/135222 net [igb] low speed routing between two igb interfaces o kern/135067 net [patch] [fib] Incorrect KASSERTs in sys/net/route.c o kern/134931 net [route] [fib] Route messages sent to all socket listen o kern/134658 net [bce] bce driver fails on PowerEdge m610 blade. o kern/134583 net [hang] Machine with jail freezes after random amount o o kern/134531 net [route] [panic] kernel crash related to routes/zebra o kern/134401 net [msk] [panic] Kernel Fatal trap 12: page fault while i o kern/134369 net [route] [ip6] IPV6 in Head broken for routing table up o kern/134168 net [ral] ral driver problem on RT2525 2.4GHz transceiver o kern/134157 net [dummynet] dummynet loads cpu for 100% and make a syst o kern/134079 net [em] "em0: Invalid MAC address" in FreeBSD-Current ( 8 o kern/133969 net [dummynet] [panic] Fatal trap 12: page fault while in o kern/133968 net [dummynet] [panic] dummynet kernel panic o kern/133902 net [tun] Killing tun0 iface ssh tunnel causes Panic Strin o kern/133736 net [udp] ip_id not protected ... o kern/133613 net [wpi] [panic] kernel panic in wpi(4) o kern/133595 net [panic] Kernel Panic at pcpu.h:195 o kern/133572 net [ppp] [hang] incoming PPTP connection hangs the system o kern/133490 net [bpf] [panic] 'kmem_map too small' panic on Dell r900 o kern/133328 net [bge] [panic] Kernel panics with Windows7 client o kern/133235 net [netinet] [patch] Process SIOCDLIFADDR command incorre o kern/133218 net [carp] [hang] use of carp(4) causes system to freeze o kern/133204 net [msk] msk driver timeouts o kern/133060 net [ipsec] [pfsync] [panic] Kernel panic with ipsec + pfs o kern/132991 net [bge] if_bge low performance problem f bin/132911 net ip6fw(8): argument type of fill_icmptypes is wrong and o kern/132889 net [ndis] [panic] NDIS kernel crash on load BCM4321 AGN d o kern/132885 net [wlan] 802.1x broken after SVN rev 189592 o conf/132851 net [fib] [patch] allow to setup fib for service running f o kern/132832 net [netinet] [patch] tcp_output() might generate invalid o bin/132798 net [patch] ggatec(8): ggated/ggatec connection slowdown p o kern/132734 net [ifmib] [panic] panic in net/if_mib.c o kern/132722 net [ath] Wifi ath0 associates fine with AP, but DHCP or I o kern/132705 net [libwrap] [patch] libwrap - infinite loop if hosts.all o kern/132672 net [ndis] [panic] ndis with rt2860.sys causes kernel pani o kern/132669 net [xl] 3c905-TX send DUP! in reply on ping (sometime) o kern/132625 net [iwn] iwn drivers don't support setting country o kern/132554 net [ipl] There is no ippool start script/ipfilter magic t o kern/132354 net [nat] Getting some packages to ipnat(8) causes crash o kern/132285 net [carp] alias gives incorrect hash in dmesg o kern/132277 net [crypto] [ipsec] poor performance using cryptodevice f o conf/132179 net [patch] /etc/network.subr: ipv6 rtsol on incorrect wla o kern/132107 net [carp] carp(4) advskew setting ignored when carp IP us o kern/131781 net [ndis] ndis keeps dropping the link o kern/131776 net [wi] driver fails to init o kern/131753 net [altq] [panic] kernel panic in hfsc_dequeue o bin/131567 net [socket] [patch] Update for regression/sockets/unix_cm o kern/131549 net ifconfig(8) can't clear 'monitor' mode on the wireless o kern/131536 net [netinet] [patch] kernel does allow manipulation of su o bin/131365 net route(8): route add changes interpretation of network o kern/131162 net [ath] Atheros driver bugginess and kernel crashes o kern/131153 net [iwi] iwi doesn't see a wireless network f kern/131087 net [ipw] [panic] ipw / iwi - no sent/received packets; iw f kern/130820 net [ndis] wpa_supplicant(8) returns 'no space on device' o kern/130628 net [nfs] NFS / rpc.lockd deadlock on 7.1-R o conf/130555 net [rc.d] [patch] No good way to set ipfilter variables a o kern/130525 net [ndis] [panic] 64 bit ar5008 ndisgen-erated driver cau o kern/130311 net [wlan_xauth] [panic] hostapd restart causing kernel pa o kern/130109 net [ipfw] Can not set fib for packets originated from loc f kern/130059 net [panic] Leaking 50k mbufs/hour o kern/129750 net [ath] Atheros AR5006 exits on "cannot map register spa f kern/129719 net [nfs] [panic] Panic during shutdown, tcp_ctloutput: in o kern/129580 net [ndis] Netgear WG311v3 (ndis) causes kenel trap at boo o kern/129517 net [ipsec] [panic] double fault / stack overflow o kern/129508 net [carp] [panic] Kernel panic with EtherIP (may be relat o kern/129352 net [xl] [patch] xl0 watchdog timeout o kern/129219 net [ppp] Kernel panic when using kernel mode ppp o kern/129197 net [panic] 7.0 IP stack related panic o kern/129135 net [vge] vge driver on a VIA mini-ITX not working o bin/128954 net ifconfig(8) deletes valid routes o kern/128917 net [wpi] [panic] if_wpi and wpa+tkip causing kernel panic o kern/128884 net [msk] if_msk page fault while in kernel mode o kern/128840 net [igb] page fault under load with igb/LRO o bin/128602 net [an] wpa_supplicant(8) crashes with an(4) o kern/128598 net [bluetooth] WARNING: attempt to net_add_domain(bluetoo o kern/128448 net [nfs] 6.4-RC1 Boot Fails if NFS Hostname cannot be res o conf/128334 net [request] use wpa_cli in the "WPA DHCP" situation o bin/128295 net [patch] ifconfig(8) does not print TOE4 or TOE6 capabi o bin/128001 net wpa_supplicant(8), wlan(4), and wi(4) issues o kern/127928 net [tcp] [patch] TCP bandwidth gets squeezed every time t o kern/127834 net [ixgbe] [patch] wrong error counting o kern/127826 net [iwi] iwi0 driver has reduced performance and connecti o kern/127815 net [gif] [patch] if_gif does not set vlan attributes from o kern/127724 net [rtalloc] rtfree: 0xc5a8f870 has 1 refs f bin/127719 net [arp] arp: Segmentation fault (core dumped) s kern/127587 net [bge] [request] if_bge(4) doesn't support BCM576X fami f kern/127528 net [icmp]: icmp socket receives icmp replies not owned by o bin/127192 net routed(8) removes the secondary alias IP of interface f kern/127145 net [wi]: prism (wi) driver crash at bigger traffic o kern/127102 net [wpi] Intel 3945ABG low throughput o kern/127057 net [udp] Unable to send UDP packet via IPv6 socket to IPv o kern/127050 net [carp] ipv6 does not work on carp interfaces [regressi o kern/126945 net [carp] CARP interface destruction with ifconfig destro o kern/126924 net [an] [patch] printf -> device_printf and simplify prob o kern/126895 net [patch] [ral] Add antenna selection (marked as TBD) o kern/126874 net [vlan]: Zebra problem if ifconfig vlanX destroy o bin/126822 net wpa_supplicant(8): WPA PSK does not work in adhoc mode o kern/126714 net [carp] CARP interface renaming makes system no longer o kern/126695 net rtfree messages and network disruption upon use of if_ o kern/126688 net [ixgbe] [patch] 1.4.7 ixgbe driver panic with 4GB and o kern/126475 net [ath] [panic] ath pcmcia card inevitably panics under o kern/126339 net [ipw] ipw driver drops the connection o kern/126214 net [ath] txpower problem with Atheros wifi card o kern/126075 net [inet] [patch] internet control accesses beyond end of o bin/125922 net [patch] Deadlock in arp(8) o kern/125920 net [arp] Kernel Routing Table loses Ethernet Link status o kern/125845 net [netinet] [patch] tcp_lro_rx() should make use of hard o kern/125816 net [carp] [if_bridge] carp stuck in init when using bridg f kern/125502 net [ral] ifconfig ral0 scan produces no output unless in o kern/125258 net [socket] socket's SO_REUSEADDR option does not work o kern/125239 net [gre] kernel crash when using gre o kern/124767 net [iwi] Wireless connection using iwi0 driver (Intel 220 o kern/124753 net [ieee80211] net80211 discards power-save queue packets o kern/124341 net [ral] promiscuous mode for wireless device ral0 looses o kern/124160 net [libc] connect(2) function loops indefinitely o kern/124127 net [msk] watchdog timeout (missed Tx interrupts) -- recov o kern/124021 net [ip6] [panic] page fault in nd6_output() o kern/123968 net [rum] [panic] rum driver causes kernel panic with WPA. p kern/123961 net [vr] [patch] Allow vr interface to handle vlans o kern/123892 net [tap] [patch] No buffer space available o kern/123890 net [ppp] [panic] crash & reboot on work with PPP low-spee o kern/123858 net [stf] [patch] stf not usable behind a NAT o kern/123796 net [ipf] FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not o bin/123633 net ifconfig(8) doesn't set inet and ether address in one f kern/123617 net [tcp] breaking connection when client downloading file o kern/123603 net [tcp] tcp_do_segment and Received duplicate SYN o kern/123559 net [iwi] iwi periodically disassociates/associates [regre o bin/123465 net [ip6] route(8): route add -inet6 -interfac o kern/123463 net [ipsec] [panic] repeatable crash related to ipsec-tool o kern/123429 net [nfe] [hang] "ifconfig nfe up" causes a hard system lo o kern/123347 net [bge] bge1: watchdog timeout -- linkstate changed to D o conf/123330 net [nsswitch.conf] Enabling samba wins in nsswitch.conf c o kern/123256 net [wpi] panic: blockable sleep lock with wpi(4) f kern/123172 net [bce] Watchdog timeout problems with if_bce o kern/123160 net [ip] Panic and reboot at sysctl kern.polling.enable=0 o kern/122989 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/122954 net [lagg] IPv6 EUI64 incorrectly chosen for lagg devices o kern/122928 net [em] interface watchdog timeouts and stops receiving p f kern/122839 net [multicast] FreeBSD 7 multicast routing problem p kern/122794 net [lagg] Kernel panic after brings lagg(8) up if NICs ar o kern/122780 net [lagg] tcpdump on lagg interface during high pps wedge o kern/122772 net [em] em0 taskq panic, tcp reassembly bug causes radix o kern/122743 net [mbuf] [panic] vm_page_unwire: invalid wire count: 0 o kern/122697 net [ath] Atheros card is not well supported o kern/122685 net It is not visible passing packets in tcpdump(1) o kern/122551 net [bge] Broadcom 5715S no carrier on HP BL460c blade usi o kern/122319 net [wi] imposible to enable ad-hoc demo mode with Orinoco o kern/122290 net [netgraph] [panic] Netgraph related "kmem_map too smal f kern/122252 net [ipmi] [bge] IPMI problem with BCM5704 (does not work o kern/122195 net [ed] Alignment problems in if_ed o kern/122058 net [em] [panic] Panic on em1: taskq o kern/122033 net [ral] [lor] Lock order reversal in ral0 at bootup [reg o bin/121895 net [patch] rtsol(8)/rtsold(8) doesn't handle managed netw o kern/121872 net [wpi] driver fails to attach on a fujitsu-siemens s711 s kern/121774 net [swi] [panic] 6.3 kernel panic in swi1: net o kern/121706 net [netinet] [patch] "rtfree: 0xc4383870 has 1 refs" emit o kern/121624 net [em] [regression] Intel em WOL fails after upgrade to o kern/121555 net [panic] Fatal trap 12: current process = 12 (swi1: net o kern/121443 net [gif] [lor] icmp6_input/nd6_lookup o kern/121437 net [vlan] Routing to layer-2 address does not work on VLA o bin/121359 net [patch] ppp(8): fix local stack overflow in ppp o kern/121298 net [em] [panic] Fatal trap 12: page fault while in kernel o kern/121257 net [tcp] TSO + natd -> slow outgoing tcp traffic o kern/121181 net [panic] Fatal trap 3: breakpoint instruction fault whi o kern/121080 net [bge] IPv6 NUD problem on multi address config on bge0 o kern/120966 net [rum] kernel panic with if_rum and WPA encryption p docs/120945 net [patch] ip6(4) man page lacks documentation for TCLASS o kern/120566 net [request]: ifconfig(8) make order of arguments more fr o kern/120304 net [netgraph] [patch] netgraph source assumes 32-bit time o kern/120266 net [udp] [panic] gnugk causes kernel panic when closing U o kern/120232 net [nfe] [patch] Bring in nfe(4) to RELENG_6 o kern/120130 net [carp] [panic] carp causes kernel panics in any conste o bin/120060 net routed(8) deletes link-level routes in the presence of o kern/119945 net [rum] [panic] rum device in hostap mode, cause kernel o kern/119791 net [nfs] UDP NFS mount of aliased IP addresses from a Sol o kern/119617 net [nfs] nfs error on wpa network when reseting/shutdown f kern/119516 net [ip6] [panic] _mtx_lock_sleep: recursed on non-recursi o kern/119432 net [arp] route add -host -iface causes arp e o kern/119225 net [wi] 7.0-RC1 no carrier with Prism 2.5 wifi card [regr a bin/118987 net ifconfig(8): ifconfig -l (address_family) does not wor o sparc/118932 net [panic] 7.0-BETA4/sparc-64 kernel panic in rip_output a kern/118879 net [bge] [patch] bge has checksum problems on the 5703 ch o kern/118727 net [netgraph] [patch] [request] add new ng_pf module a kern/118238 net [bce] [patch] bce driver shows "no carrier" on Intel S s kern/117717 net [panic] Kernel panic with Bittorrent client. o kern/117448 net [carp] 6.2 kernel crash [regression] o kern/117423 net [vlan] Duplicate IP on different interfaces o bin/117339 net [patch] route(8): loading routing management commands o kern/117271 net [tap] OpenVPN TAP uses 99% CPU on releng_6 when if_tap o kern/117043 net [em] Intel PWLA8492MT Dual-Port Network adapter EEPROM o kern/116837 net [tun] [panic] [patch] ifconfig tunX destroy: panic o kern/116747 net [ndis] FreeBSD 7.0-CURRENT crash with Dell TrueMobile o bin/116643 net [patch] [request] fstat(1): add INET/INET6 socket deta o kern/116328 net [bge]: Solid hang with bge interface o kern/116185 net [iwi] if_iwi driver leads system to reboot o kern/115239 net [ipnat] panic with 'kmem_map too small' using ipnat o kern/115019 net [netgraph] ng_ether upper hook packet flow stops on ad o kern/115002 net [wi] if_wi timeout. failed allocation (busy bit). ifco o kern/114915 net [patch] [pcn] pcn (sys/pci/if_pcn.c) ethernet driver f o kern/113895 net [xl] xl0 fails on 6.2-RELEASE but worked fine on 5.5-R o kern/112722 net [ipsec] [udp] IP v4 udp fragmented packet reject o kern/112686 net [patm] patm driver freezes System (FreeBSD 6.2-p4) i38 o kern/112570 net [bge] packet loss with bge driver on BCM5704 chipset o bin/112557 net [patch] ppp(8) lock file should not use symlink name o kern/112528 net [nfs] NFS over TCP under load hangs with "impossible p o kern/111457 net [ral] ral(4) freeze o kern/110140 net [ipw] ipw fails under load o kern/109733 net [bge] bge link state issues [regression] o kern/109470 net [wi] Orinoco Classic Gold PC Card Can't Channel Hop o kern/109308 net [pppd] [panic] Multiple panics kernel ppp suspected [r o kern/109251 net [re] [patch] if_re cardbus card won't attach o bin/108895 net pppd(8): PPPoE dead connections on 6.2 [regression] o kern/108542 net [bce] Huge network latencies with 6.2-RELEASE / STABLE o kern/107944 net [wi] [patch] Forget to unlock mutex-locks o kern/107850 net [bce] bce driver link negotiation is faulty o conf/107035 net [patch] bridge(8): bridge interface given in rc.conf n o kern/106438 net [ipf] ipfilter: keep state does not seem to allow repl o kern/106316 net [dummynet] dummynet with multipass ipfw drops packets o kern/106243 net [nve] double fault panic in if_nve.c on high loads o kern/105945 net Address can disappear from network interface s kern/105943 net Network stack may modify read-only mbuf chain copies o bin/105925 net problems with ifconfig(8) and vlan(4) [regression] o kern/105348 net [ath] ath device stopps TX o kern/104851 net [inet6] [patch] On link routes not configured when usi o kern/104751 net [netgraph] kernel panic, when getting info about my tr o kern/104485 net [bge] Broadcom BCM5704C: Intermittent on newer chip ve o kern/103191 net Unpredictable reboot o kern/103135 net [ipsec] ipsec with ipfw divert (not NAT) encodes a pac o conf/102502 net [netgraph] [patch] ifconfig name does't rename netgrap o kern/102035 net [plip] plip networking disables parallel port printing o kern/101948 net [ipf] [panic] Kernel Panic Trap No 12 Page Fault - cau o kern/100709 net [libc] getaddrinfo(3) should return TTL info o kern/100519 net [netisr] suggestion to fix suboptimal network polling o kern/98978 net [ipf] [patch] ipfilter drops OOW packets under 6.1-Rel o kern/98597 net [inet6] Bug in FreeBSD 6.1 IPv6 link-local DAD procedu o bin/98218 net wpa_supplicant(8) blacklist not working f bin/97392 net ppp(8) hangs instead terminating o kern/97306 net [netgraph] NG_L2TP locks after connection with failed f kern/96268 net [socket] TCP socket performance drops by 3000% if pack o kern/96030 net [bfe] [patch] Install hangs with Broadcomm 440x NIC in o kern/95519 net [ral] ral0 could not map mbuf o kern/95288 net [pppd] [tty] [panic] if_ppp panic in sys/kern/tty_subr o kern/95277 net [netinet] [patch] IP Encapsulation mask_match() return o kern/95267 net packet drops periodically appear s kern/94863 net [bge] [patch] hack to get bge(4) working on IBM e326m o kern/94162 net [bge] 6.x kenel stale with bge(4) o kern/93886 net [ath] Atheros/D-Link DWL-G650 long delay to associate f kern/93378 net [tcp] Slow data transfer in Postfix and Cyrus IMAP (wo o kern/93019 net [ppp] ppp and tunX problems: no traffic after restarti o kern/92880 net [libc] [patch] almost rewritten inet_network(3) functi f kern/92552 net A serious bug in most network drivers from 5.X to 6.X s kern/92279 net [dc] Core faults everytime I reboot, possible NIC issu o kern/92090 net [bge] bge0: watchdog timeout -- resetting o kern/91859 net [ndis] if_ndis does not work with Asus WL-138 s kern/91777 net [ipf] [patch] wrong behaviour with skip rule inside an o kern/91594 net [em] FreeBSD > 5.4 w/ACPI fails to detect Intel Pro/10 o kern/91364 net [ral] [wep] WF-511 RT2500 Card PCI and WEP o kern/91311 net [aue] aue interface hanging o kern/90890 net [vr] Problems with network: vr0: tx shutdown timeout s kern/90086 net [hang] 5.4p8 on supermicro P8SCT hangs during boot if f kern/88082 net [ath] [panic] cts protection for ath0 causes panic o kern/87521 net [ipf] [panic] using ipfilter "auth" keyword leads to k o kern/87506 net [vr] [patch] Fix alias support on vr interfaces s kern/86920 net [ndis] ifconfig: SIOCS80211: Invalid argument [regress o kern/86103 net [ipf] Illegal NAT Traversal in IPFilter o kern/85780 net 'panic: bogus refcnt 0' in routing/ipv6 o bin/85445 net ifconfig(8): deprecated keyword to ifconfig inoperativ o kern/85266 net [xe] [patch] xe(4) driver does not recognise Xircom XE o kern/84202 net [ed] [patch] Holtek HT80232 PCI NIC recognition on Fre o bin/82975 net route change does not parse classfull network as given o kern/82497 net [vge] vge(4) on AMD64 only works when loaded late, not f kern/81644 net [vge] vge(4) does not work properly when loaded as a K s kern/81147 net [net] [patch] em0 reinitialization while adding aliase o kern/80853 net [ed] [patch] add support for Compex RL2000/ISA in PnP o kern/79895 net [ipf] 5.4-RC2 breaks ipfilter NAT when using netgraph f kern/79262 net [dc] Adaptec ANA-6922 not fully supported o bin/79228 net [patch] extend arp(8) to be able to create blackhole r o kern/78090 net [ipf] ipf filtering on bridged packets doesn't work if p kern/77913 net [wi] [patch] Add the APDL-325 WLAN pccard to wi(4) o kern/77341 net [ip6] problems with IPV6 implementation o kern/77273 net [ipf] ipfilter breaks ipv6 statefull filtering on 5.3 s kern/77195 net [ipf] [patch] ipfilter ioctl SIOCGNATL does not match o kern/75873 net Usability problem with non-RFC-compliant IP spoof prot s kern/75407 net [an] an(4): no carrier after short time f kern/73538 net [bge] problem with the Broadcom BCM5788 Gigabit Ethern o kern/71469 net default route to internet magically disappears with mu o kern/70904 net [ipf] ipfilter ipnat problem with h323 proxy support o kern/64556 net [sis] if_sis short cable fix problems with NetGear FA3 s kern/60293 net [patch] FreeBSD arp poison patch o kern/54383 net [nfs] [patch] NFS root configurations without dynamic f i386/45773 net [bge] Softboot causes autoconf failure on Broadcom 570 s bin/41647 net ifconfig(8) doesn't accept lladdr along with inet addr s kern/39937 net ipstealth issue a kern/38554 net [patch] changing interface ipaddress doesn't seem to w o kern/35442 net [sis] [patch] Problem transmitting runts in if_sis dri o kern/34665 net [ipf] [hang] ipfilter rcmd proxy "hangs". o kern/31647 net [libc] socket calls can return undocumented EINVAL o kern/30186 net [libc] getaddrinfo(3) does not handle incorrect servna o kern/27474 net [ipf] [ppp] Interactive use of user PPP and ipfilter c o conf/23063 net [arp] [patch] for static ARP tables in rc.network 312 problems total. From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 14:34:50 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 652EB106564A for ; Mon, 27 Jul 2009 14:34:50 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.freebsd.org (Postfix) with ESMTP id B11958FC1E for ; Mon, 27 Jul 2009 14:34:49 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from [195.208.252.154] (brain.cc.rsu.ru [195.208.252.154]) (authenticated bits=0) by mail.r61.net (8.14.3/8.14.1) with ESMTP id n6REHIbM097053 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 27 Jul 2009 18:17:18 +0400 (MSD) (envelope-from os@sfedu.ru) X-Authentication-Warning: asterix.r61.net: Host brain.cc.rsu.ru [195.208.252.154] claimed to be [195.208.252.154] From: Oleg Sharoyko To: freebsd-net@freebsd.org Content-Type: text/plain Date: Mon, 27 Jul 2009 18:17:17 +0400 Message-Id: <1248704237.96833.127.camel@brain.cc.rsu.ru> Mime-Version: 1.0 X-Mailer: Evolution 2.24.5 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Subject: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 14:34:50 -0000 Hello! I'm having a trouble with multiple routing tables (FreeBSD 7.2 release). Either I'm missing something in my setup or packets for daemons started with setfib are being sent out via the wrong interface. What I'd like to implement: em0 - internal management network with ip address 10.2.5.2/24 and default route 10.2.5.1 em1 - public interface to be used in jail with ip address 195.208.245.229/27 and default route 195.208.245.225 Here are my routing tables: r61net-fbsdhost-1, / # setfib -0 netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 10.2.5.1 UGS 0 350 em0 10.2.5.0/24 link#1 UC 0 0 em0 10.2.5.1 00:1e:4a:b4:ea:c0 UHLW 2 0 em0 1182 127.0.0.1 127.0.0.1 UH 0 30 lo0 r61net-fbsdhost-1, / # setfib -1 netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 195.208.245.225 UGS 0 0 em1 195.208.245.224/27 link#2 UC 0 0 em1 195.208.245.225 link#2 UHLW 2 0 em1 Firewall: r61net-fbsdhost-1, / # ipfw show 00001 0 0 setfib 1 ip from any to any in recv em1 00010 0 0 count ip from any to any dst-port 2222 fib 0 00011 0 0 count ip from any 2222 to any fib 0 00012 0 0 count ip from any to any dst-port 2222 fib 1 00013 0 0 count ip from any 2222 to any fib 1 00100 0 0 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 30 2648 allow ip from any to any 65535 0 0 deny ip from any to any With this setup almost everything works as I expect. For example ICMP echo requests and responses are being received and sent via em1. Both when ping runs on this host as "setfib 1 ping other_host" and when other host pings ip address of em1. Connection attempts (setfib 1 telnet other_host) are also being sent out of the right interface. But when it comes to the daemons I run into troubles. I use sshd for tests (have also tried other daemons with no luck): r61net-fbsdhost-1, / # setfib 1 /usr/sbin/sshd -o 'ListenAddress 195.208.245.229:2222' -D sshd is bound only to ip address of em1: r61net-fbsdhost-1, / # sockstat | grep 2222 root sshd 839 3 tcp4 195.208.245.229:2222 *:* While doing telnet 195.208.249.229 2222 from another host I got following packet traces: r61net-fbsdhost-1, / # tcpdump -i em0 port 2222 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes 17:39:34.872475 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: S 2590499299:2590499299(0) ack 3939022576 win 65535 17:39:34.902622 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: P 1:41(40) ack 1 win 8326 17:39:37.572271 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: P 41:60(19) ack 7 win 8326 17:39:37.572293 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: F 60:60(0) ack 7 win 8326 17:39:37.572986 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: . ack 8 win 8325 r61net-fbsdhost-1, / # tcpdump -i em1 port 2222 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em1, link-type EN10MB (Ethernet), capture size 96 bytes 17:39:34.872370 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: S 3939022575:3939022575(0) win 65535 17:39:34.872803 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: . ack 2590499300 win 8326 17:39:35.002882 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: . ack 41 win 8326 17:39:37.571659 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: P 0:6(6) ack 41 win 8326 17:39:37.572923 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: . ack 61 win 8323 17:39:37.572945 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: F 6:6(0) ack 61 win 8326 And firewall counters: r61net-fbsdhost-1, / # ipfw show 00001 6 326 setfib 1 ip from any to any in recv em1 00010 0 0 count ip from any to any dst-port 2222 fib 0 00011 5 327 count ip from any 2222 to any fib 0 00012 6 326 count ip from any to any dst-port 2222 fib 1 00013 0 0 count ip from any 2222 to any fib 1 00100 0 0 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 60 5057 allow ip from any to any 65535 0 0 deny ip from any to any So the packets, generated by sshd are being sent out via em0 instead of em1. With ipfw add 2 setfib 1 ip from 195.208.245.229 to any outgoing packets are being tagged with correct fib, but still sent via em0. With ipfw add 60003 fwd 195.208.245.225 src-ip me src-ip 195.208.245.224/27 not dst-ip 195.208.245.224/27 first SYN packet from 195.208.245.229 is being sent correctly via em1, but I cannot see any further packets at all: r61net-fbsdhost-1, / # tcpdump -i em1 port 2222 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em1, link-type EN10MB (Ethernet), capture size 96 bytes 18:01:56.665341 IP brain.cc.rsu.ru.50435 > stat.r61.net.2222: S 2484180116:2484180116(0) win 65535 18:01:56.665463 IP stat.r61.net.2222 > brain.cc.rsu.ru.50435: S 3905497961:3905497961(0) ack 2484180117 win 65535 18:01:56.665798 IP brain.cc.rsu.ru.50435 > stat.r61.net.2222: . ack 1 win 8326 and no packets at em0. TCP connection establishes but no data packets come from daemon which is rather weird. I would appreciate any help with this issue. -- Oleg Sharoyko. Software and Network Engineer Computer Center of Rostov State University. From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 17:02:12 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DE5E7106566B; Mon, 27 Jul 2009 17:02:12 +0000 (UTC) (envelope-from raffaele.delorenzo@libero.it) Received: from cp-out8.libero.it (cp-out8.libero.it [212.52.84.108]) by mx1.freebsd.org (Postfix) with ESMTP id 58B7E8FC0A; Mon, 27 Jul 2009 17:02:11 +0000 (UTC) (envelope-from raffaele.delorenzo@libero.it) Received: from [10.0.0.2] (151.49.32.246) by cp-out8.libero.it (8.5.107) id 4A5EF7510128692E; Mon, 27 Jul 2009 19:02:10 +0200 Message-Id: <11956F97-0C87-456F-A769-70BEDBA351BE@libero.it> From: Raffaele De Lorenzo To: Willem Jan Withagen In-Reply-To: <4A672C79.3000006@digiware.nl> Content-Type: multipart/mixed; boundary=Apple-Mail-18--176010067 Mime-Version: 1.0 (Apple Message framework v935.3) Date: Mon, 27 Jul 2009 19:02:09 +0200 References: <3164304.442981248256119643.JavaMail.defaultUser@defaultHost> <4A672C79.3000006@digiware.nl> X-Mailer: Apple Mail (2.935.3) X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-ipfw@freebsd.org, net@freebsd.org Subject: Re: R: IPv6 and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 17:02:13 -0000 --Apple-Mail-18--176010067 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Hi all, I attached a patch that solve this problem. I will send a PR as soon as possible. Instructions: Patch the follow files: /usr/src/sbin/ipfw/ipfw2.c (patch is ipfw2.c.diff) /usr/src/sbin/ipfw/ipfw2.h (patch is ipfw2.h.diff) /usr/src/sbin/ipfw/ipv6.c (patch is ipv6.c.diff) This patch was tested on FreeBSD 8 Beta 2 AMD64 and official FreeBSD 8 BETA 2 Sources. Let me know any suggestion or problem. Regards Raffaele On Jul 22, 2009, at 5:12 PM, Willem Jan Withagen wrote: > Reply below, and an also reorganised the yours... > raffaele.delorenzo@libero.it wrote: >>> Hi, >>> >>> Running 7.2 I tried to insert >> this into my IPFW rules >>> # ipfw add allow udp from any to 2001:xxx:3:: --Apple-Mail-18--176010067 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit >> 113,2001:xxxx:3::116 \ >>> dst-port 10001-10100 keep-state >>> ipfw: bad netmask >> ``xxxx:3::113'' >>> also: >>> # ipfw add allow udp from any to trixbox.ip6 dst-port >> 10001-10100 keep-state >>> ipfw: hostname ``trixbox.ip6'' unknown >>> Exit 68 >>> # host >> trixbox.ip6 >>> trixbox.ip6.digiware.nl has IPv6 address 2001:4cb8:3::116 >>> >>> So it >> looks like what is in the manual is overly optimistic: >>> ---- >>> addr6-list: >> ip6-addr[,addr6-list] >>> ip6-addr: >>> A host or subnet >> specified one of the following ways: >>> numeric-ip | hostname >>> Matches a single IPv6 address as allowed by >>> inet_pton(3) >>> or a hostname. Hostnames are resolved at the >>> time the >>> rule is added to the firewall list. >>> >>> >> addr/masklen >>> Matches all IPv6 addresses with base addr >> (specified as >>> allowed by inet_pton or a hostname) and >> mask width of >>> masklen bits. >>> >>> No support >> for sets of IPv6 addresses is provided because IPv6 >>> addresses >> are typically random past the initial prefix. >>> ---- >>> >>> Anybody else ran into >> this? >>> Or should I file this as a PR. > > > Hi all, > > You has found a parser bug. > > When the protocol is "ipv6" and you are a > > comma separated ipv6 addresses, the parser work fine because the > "add_srcip6" > > function is called and recognize all addresses. > > When the protocol is "!=ipv6" > > (like TCP,UDP,ICMP6) the "add_src" fuction is called and it cause > troubles > > because the "inet_pton()" fails and erroneously is called the > "add_srcip" > > function (see the code below). > > > > (from "ipfw2.c") > > add_src(ipfw_insn *cmd, char > > *av, u_char proto) > > { > > struct in6_addr a; > > char *host, *ch; > > ipfw_insn *ret = > > NULL; > > > > if ((host = strdup(av)) == NULL) > > return NULL; > > if ((ch = strrchr > > (host, '/')) != NULL) > > *ch = '\0'; > > > > if (proto == IPPROTO_IPV6 || strcmp(av, > > "me6") == 0 || > > inet_pton(AF_INET6, host, &a)) > > ret = add_srcip6(cmd, av); > > > > /* XXX: should check for IPv4, not !IPv6 */ > > if (ret == NULL && (proto == > > IPPROTO_IP || strcmp(av, "me") == 0 || > > !inet_pton(AF_INET6, host, &a))) > > > > ret = add_srcip(cmd, av); > > if (ret == NULL && strcmp(av, "any") != 0) > > ret = > > cmd; > > > > free(host); > > return ret; > > } > > > > I think that possibles solutions are the > > follows: > > > > 1) Create a new protocols types UPD6,TCP6 only for IPv6 rules to > > avoid parser confusions, and check about this protocol inside the > "add_src" > > fuction (easy to implement). > > 2) Check the comma separated ip/ipv6 addresses > > inside the "add_src" function (a little too hard to implement). > > > > I appreciate > > suggestions from the community experts about this problem. > > I would prefer not to make seperate tcp6 and udp6 items, since what > i would like to do is things like: > > hostlist="a.b.c.d,A:B:C:D::F" > > and then in the firewall something like > ipfw add allow tcp from any to ${hostlist} dst-port 80 setup > > and if tcp now goes into tcp and tcp6 I need to double my rules etc. > > Which raises one other point: > using a FQDN with more A and AAAA records also just inserts the > first reply in the list. > Now I don't use FQDN since most of the time in the Firewall DNS > is not quite up yet. > > --WjW > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw- > unsubscribe@freebsd.org" --Apple-Mail-18--176010067-- From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 17:26:43 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D02C1065688 for ; Mon, 27 Jul 2009 17:26:43 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outO.internet-mail-service.net (outo.internet-mail-service.net [216.240.47.238]) by mx1.freebsd.org (Postfix) with ESMTP id 0D6D78FC19 for ; Mon, 27 Jul 2009 17:26:42 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id CBF05CD35; Mon, 27 Jul 2009 10:26:42 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 56B722D6018; Mon, 27 Jul 2009 10:26:42 -0700 (PDT) Message-ID: <4A6DE356.6040006@elischer.org> Date: Mon, 27 Jul 2009 10:26:46 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> In-Reply-To: <1248704237.96833.127.camel@brain.cc.rsu.ru> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 17:26:48 -0000 Oleg Sharoyko wrote: > Hello! > > I'm having a trouble with multiple routing tables (FreeBSD 7.2 release). > Either I'm missing something in my setup or packets for daemons started > with setfib are being sent out via the wrong interface. > > What I'd like to implement: > > em0 - internal management network with ip address 10.2.5.2/24 and > default route 10.2.5.1 > > em1 - public interface to be used in jail with ip address > 195.208.245.229/27 and default route 195.208.245.225 > > Here are my routing tables: > > r61net-fbsdhost-1, / # setfib -0 netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default 10.2.5.1 UGS 0 350 em0 > 10.2.5.0/24 link#1 UC 0 0 em0 > 10.2.5.1 00:1e:4a:b4:ea:c0 UHLW 2 0 em0 1182 > 127.0.0.1 127.0.0.1 UH 0 30 lo0 > > r61net-fbsdhost-1, / # setfib -1 netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default 195.208.245.225 UGS 0 0 em1 > 195.208.245.224/27 link#2 UC 0 0 em1 > 195.208.245.225 link#2 UHLW 2 0 em1 so far, all looks correct. > > Firewall: > > r61net-fbsdhost-1, / # ipfw show > 00001 0 0 setfib 1 ip from any to any in recv em1 good > 00010 0 0 count ip from any to any dst-port 2222 fib 0 > 00011 0 0 count ip from any 2222 to any fib 0 > 00012 0 0 count ip from any to any dst-port 2222 fib 1 > 00013 0 0 count ip from any 2222 to any fib 1 > 00100 0 0 allow ip from any to any via lo0 > 00200 0 0 deny ip from any to 127.0.0.0/8 > 00300 0 0 deny ip from 127.0.0.0/8 to any > 65000 30 2648 allow ip from any to any > 65535 0 0 deny ip from any to any > > > With this setup almost everything works as I expect. For example ICMP > echo requests and responses are being received and sent via em1. Both > when ping runs on this host as "setfib 1 ping other_host" and when other > host pings ip address of em1. Connection attempts (setfib 1 telnet > other_host) are also being sent out of the right interface. But when it > comes to the daemons I run into troubles. > > I use sshd for tests (have also tried other daemons with no luck): > > r61net-fbsdhost-1, / # setfib 1 /usr/sbin/sshd -o 'ListenAddress 195.208.245.229:2222' -D Are you running this from inetd?. (doesnt look like it) btw is it 1 or -1? or -F 1? I can't remember if I supported just '1'. > > sshd is bound only to ip address of em1: > > r61net-fbsdhost-1, / # sockstat | grep 2222 > root sshd 839 3 tcp4 195.208.245.229:2222 *:* > > While doing telnet 195.208.249.229 2222 from another host I got following packet traces: > > r61net-fbsdhost-1, / # tcpdump -i em0 port 2222 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes > 17:39:34.872475 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: S 2590499299:2590499299(0) ack 3939022576 win 65535 > 17:39:34.902622 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: P 1:41(40) ack 1 win 8326 > 17:39:37.572271 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: P 41:60(19) ack 7 win 8326 > 17:39:37.572293 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: F 60:60(0) ack 7 win 8326 > 17:39:37.572986 IP stat.r61.net.2222 > brain.cc.rsu.ru.49293: . ack 8 win 8325 > > r61net-fbsdhost-1, / # tcpdump -i em1 port 2222 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on em1, link-type EN10MB (Ethernet), capture size 96 bytes > 17:39:34.872370 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: S 3939022575:3939022575(0) win 65535 > 17:39:34.872803 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: . ack 2590499300 win 8326 > 17:39:35.002882 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: . ack 41 win 8326 > 17:39:37.571659 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: P 0:6(6) ack 41 win 8326 > 17:39:37.572923 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: . ack 61 win 8323 > 17:39:37.572945 IP brain.cc.rsu.ru.49293 > stat.r61.net.2222: F 6:6(0) ack 61 win 8326 > > And firewall counters: > > r61net-fbsdhost-1, / # ipfw show > 00001 6 326 setfib 1 ip from any to any in recv em1 > 00010 0 0 count ip from any to any dst-port 2222 fib 0 > 00011 5 327 count ip from any 2222 to any fib 0 > 00012 6 326 count ip from any to any dst-port 2222 fib 1 > 00013 0 0 count ip from any 2222 to any fib 1 > 00100 0 0 allow ip from any to any via lo0 > 00200 0 0 deny ip from any to 127.0.0.0/8 > 00300 0 0 deny ip from 127.0.0.0/8 to any > 65000 60 5057 allow ip from any to any > 65535 0 0 deny ip from any to any > > So the packets, generated by sshd are being sent out via em0 instead of > em1. > > With > > ipfw add 2 setfib 1 ip from 195.208.245.229 to any > > outgoing packets are being tagged with correct fib, but still sent via > em0. yes becasue on outgoing packets the firewall is too late to influence that. > > With > > ipfw add 60003 fwd 195.208.245.225 src-ip me src-ip 195.208.245.224/27 not dst-ip 195.208.245.224/27 > > first SYN packet from 195.208.245.229 is being sent correctly via em1, > but I cannot see any further packets at all: > > r61net-fbsdhost-1, / # tcpdump -i em1 port 2222 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on em1, link-type EN10MB (Ethernet), capture size 96 bytes > 18:01:56.665341 IP brain.cc.rsu.ru.50435 > stat.r61.net.2222: S 2484180116:2484180116(0) win 65535 > 18:01:56.665463 IP stat.r61.net.2222 > brain.cc.rsu.ru.50435: S 3905497961:3905497961(0) ack 2484180117 win 65535 > 18:01:56.665798 IP brain.cc.rsu.ru.50435 > stat.r61.net.2222: . ack 1 win 8326 > > and no packets at em0. TCP connection establishes but no data packets > come from daemon which is rather weird. > > I would appreciate any help with this issue. try adding a '-' on the command and get back to me. > From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 18:13:17 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E0362106564A for ; Mon, 27 Jul 2009 18:13:17 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.freebsd.org (Postfix) with ESMTP id 582C78FC17 for ; Mon, 27 Jul 2009 18:13:15 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mind.local (os.adsl.r61.net [195.208.243.95]) (authenticated bits=0) by mail.r61.net (8.14.3/8.14.1) with ESMTP id n6RID9tH015473 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 27 Jul 2009 22:13:10 +0400 (MSD) (envelope-from os@sfedu.ru) X-Authentication-Warning: asterix.r61.net: Host os.adsl.r61.net [195.208.243.95] claimed to be mind.local Message-ID: <4A6DEE30.6000108@sfedu.ru> Date: Mon, 27 Jul 2009 22:13:04 +0400 From: Oleg Sharoyko User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Julian Elischer References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> In-Reply-To: <4A6DE356.6040006@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 18:13:18 -0000 Julian Elischer wrote: >> r61net-fbsdhost-1, / # setfib 1 /usr/sbin/sshd -o 'ListenAddress >> 195.208.245.229:2222' -D > > Are you running this from inetd?. (doesnt look like it) No, I run this from shell merely for test purposes. First I tried to start sshd in a usual way in a jail, but came to this simple test example. > btw is it 1 or -1? or -F 1? > I can't remember if I supported just '1'. According to manual page it works either way and it does indeed. > try adding a '-' on the command > and get back to me. The same results. -- Oleg From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 19:27:26 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 877DD106564A for ; Mon, 27 Jul 2009 19:27:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outQ.internet-mail-service.net (outq.internet-mail-service.net [216.240.47.240]) by mx1.freebsd.org (Postfix) with ESMTP id 6F5E58FC1C for ; Mon, 27 Jul 2009 19:27:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 0E278B0CFA; Mon, 27 Jul 2009 12:27:26 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id BCBA22D600F; Mon, 27 Jul 2009 12:27:25 -0700 (PDT) Message-ID: <4A6DFFA1.1010709@elischer.org> Date: Mon, 27 Jul 2009 12:27:29 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> In-Reply-To: <4A6DEE30.6000108@sfedu.ru> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 19:27:26 -0000 Oleg Sharoyko wrote: > > Julian Elischer wrote: > >>> r61net-fbsdhost-1, / # setfib 1 /usr/sbin/sshd -o 'ListenAddress >>> 195.208.245.229:2222' -D >> >> Are you running this from inetd?. (doesnt look like it) > > No, I run this from shell merely for test purposes. First I tried to > start sshd in a usual way in a jail, but came to this simple test example. > >> btw is it 1 or -1? or -F 1? >> I can't remember if I supported just '1'. > > According to manual page it works either way and it does indeed. > >> try adding a '-' on the command >> and get back to me. > > The same results. just thought I'd check the easy thing before I looked at the hard ones :-) (the syntax changed so I wasn't sure whether it was changed in 7 and how much). does it still fail if you run it in foreground mode (no daemonizing)? > > -- > Oleg From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 19:34:04 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 218F41065670 for ; Mon, 27 Jul 2009 19:34:04 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.freebsd.org (Postfix) with ESMTP id 784038FC17 for ; Mon, 27 Jul 2009 19:34:03 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mind.local (os.adsl.r61.net [195.208.243.95]) (authenticated bits=0) by mail.r61.net (8.14.3/8.14.1) with ESMTP id n6RJXwAq021622 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 27 Jul 2009 23:33:58 +0400 (MSD) (envelope-from os@sfedu.ru) X-Authentication-Warning: asterix.r61.net: Host os.adsl.r61.net [195.208.243.95] claimed to be mind.local Message-ID: <4A6E0121.2020004@sfedu.ru> Date: Mon, 27 Jul 2009 23:33:53 +0400 From: Oleg Sharoyko User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Julian Elischer References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> In-Reply-To: <4A6DFFA1.1010709@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 19:34:04 -0000 Julian Elischer wrote: > does it still fail if you run it in foreground mode (no daemonizing)? Yes. I actually test sshd in foreground mode (-D tells sshd to not go into background). I have also checked a very simple client/server where server called setsockopt(SO_SETFIB, 1) and got the same results. -- Oleg From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 19:52:39 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6AB4C106566C for ; Mon, 27 Jul 2009 19:52:39 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outQ.internet-mail-service.net (outq.internet-mail-service.net [216.240.47.240]) by mx1.freebsd.org (Postfix) with ESMTP id 522148FC08 for ; Mon, 27 Jul 2009 19:52:39 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 2D95D2324; Mon, 27 Jul 2009 12:52:39 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id C9E4A2D6022; Mon, 27 Jul 2009 12:52:38 -0700 (PDT) Message-ID: <4A6E058A.6060004@elischer.org> Date: Mon, 27 Jul 2009 12:52:42 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> In-Reply-To: <4A6DFFA1.1010709@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 19:52:39 -0000 So there are two possible ways a daemon might assign a fib to a socket that it is accepting: 1/ the accept socket could take the FIB of the process. 2/ the accept socket could take the fib of the incoming SYN packet. I chose #1, but it is possible something in changes between 6 and 7 broke the "chain of custody" for the fib. This code is in production in 6.x based systems but was only introduced to FreeBSD in 7.x. The process makes a socket which inherits the fib from it. The socket includes an INET PCB (Protocol Control Block) which gets a copy too.. when "listen() is called and a syn comes in, a new entry is made in the syncache code and this includes a new connection block which is supposed to inherrit the fib number from the originating listen socket. Eventually a new socket is created and it is supposed to inherit teh fibnum from the syncache entry, and to copy it to the inpcb attached to it. It's possible that somewhere this has been broken by changes. but I don't see it right at the moment. From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 19:54:17 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 50CF2106567A for ; Mon, 27 Jul 2009 19:54:17 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outF.internet-mail-service.net (outf.internet-mail-service.net [216.240.47.229]) by mx1.freebsd.org (Postfix) with ESMTP id 35C738FC0A for ; Mon, 27 Jul 2009 19:54:17 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 207952324; Mon, 27 Jul 2009 12:54:17 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id A61D02D600F; Mon, 27 Jul 2009 12:54:16 -0700 (PDT) Message-ID: <4A6E05EC.8050401@elischer.org> Date: Mon, 27 Jul 2009 12:54:20 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> In-Reply-To: <4A6E0121.2020004@sfedu.ru> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 19:54:23 -0000 Oleg Sharoyko wrote: > > Julian Elischer wrote: > >> does it still fail if you run it in foreground mode (no daemonizing)? > > Yes. I actually test sshd in foreground mode (-D tells sshd to not go > into background). I have also checked a very simple client/server where > server called setsockopt(SO_SETFIB, 1) and got the same results. > > -- > Oleg great.. in your simple server, can you do the sockopt on the socket AFTER you did the listen()? (just as a test). From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 20:14:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AC471106564A for ; Mon, 27 Jul 2009 20:14:13 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.freebsd.org (Postfix) with ESMTP id 282698FC08 for ; Mon, 27 Jul 2009 20:14:12 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mind.local (os.adsl.r61.net [195.208.243.95]) (authenticated bits=0) by mail.r61.net (8.14.3/8.14.1) with ESMTP id n6RKE8rG023973 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 28 Jul 2009 00:14:09 +0400 (MSD) (envelope-from os@sfedu.ru) X-Authentication-Warning: asterix.r61.net: Host os.adsl.r61.net [195.208.243.95] claimed to be mind.local Message-ID: <4A6E0A8B.5000103@sfedu.ru> Date: Tue, 28 Jul 2009 00:14:03 +0400 From: Oleg Sharoyko User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Julian Elischer References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> In-Reply-To: <4A6E05EC.8050401@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 20:14:13 -0000 Julian Elischer wrote: > great.. in your simple server, can you do the sockopt on the socket > AFTER you did the listen()? > (just as a test). Doesn't help. I have also tried to add setsockopt() after accept() (for a new socket) and in this case the only packet that is being sent out via wrong interface is the SYN+ACK from server. I'll try to look into the kernel code tomorrow and will report any findings. -- Oleg From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 20:32:36 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 18616106568C for ; Mon, 27 Jul 2009 20:32:36 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outA.internet-mail-service.net (outa.internet-mail-service.net [216.240.47.224]) by mx1.freebsd.org (Postfix) with ESMTP id F02D98FC1D for ; Mon, 27 Jul 2009 20:32:35 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id B74202324; Mon, 27 Jul 2009 13:32:35 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 6D35E2D6004; Mon, 27 Jul 2009 13:32:35 -0700 (PDT) Message-ID: <4A6E0EE7.2070103@elischer.org> Date: Mon, 27 Jul 2009 13:32:39 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E058A.6060004@elischer.org> In-Reply-To: <4A6E058A.6060004@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 20:32:36 -0000 Julian Elischer wrote: > So there are two possible ways a daemon might assign a fib to a socket > that it is accepting: > > 1/ the accept socket could take the FIB of the process. > 2/ the accept socket could take the fib of the incoming SYN packet. > > I chose #1, but it is possible something in changes between 6 > and 7 broke the "chain of custody" for the fib. > This code is in production in 6.x based systems but was only introduced > to FreeBSD in 7.x. > > The process makes a socket which inherits the fib from it. > The socket includes an INET PCB (Protocol Control Block) > which gets a copy too.. > when "listen() is called and a syn comes in, a new entry is made in the > syncache code and this includes a new connection block which is supposed > to inherrit the fib number from the originating listen socket. > > Eventually a new socket is created and it is supposed to inherit teh > fibnum from the syncache entry, and to copy it to the inpcb attached to it. > > It's possible that somewhere this has been broken by changes. > but I don't see it right at the moment. found one place in kern/ipc_socket.c in sonewconn() ------ so->so_linger = head->so_linger; so->so_state = head->so_state | SS_NOFDREF; so->so_proto = head->so_proto; so->so_fibnum = head->so_fibnum; <------ Add this so->so_cred = crhold(head->so_cred); #ifdef MAC SOCK_LOCK(head); mac_create_socket_from_socket(head, so); SOCK_UNLOCK(head); #endif -------- and in netinet/tcp_syncache.c in syncache_socket() change the following: ------ inp = sotoinpcb(so); inp->inp_inc.inc_fibnum = so->so_fibnum; INP_WLOCK(inp); /* Insert new socket into PCB hash list. */ ------ and see if this helps (it may not, there may be another code path I'm missing). > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 20:34:21 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3679D10656BF for ; Mon, 27 Jul 2009 20:34:21 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outR.internet-mail-service.net (outr.internet-mail-service.net [216.240.47.241]) by mx1.freebsd.org (Postfix) with ESMTP id 1C70D8FC24 for ; Mon, 27 Jul 2009 20:34:21 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id D7C782324; Mon, 27 Jul 2009 13:34:20 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 7EFC82D6012; Mon, 27 Jul 2009 13:34:20 -0700 (PDT) Message-ID: <4A6E0F50.1010504@elischer.org> Date: Mon, 27 Jul 2009 13:34:24 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> In-Reply-To: <4A6E0A8B.5000103@sfedu.ru> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 20:34:21 -0000 Oleg Sharoyko wrote: > > Julian Elischer wrote: > >> great.. in your simple server, can you do the sockopt on the socket >> AFTER you did the listen()? >> (just as a test). > > Doesn't help. I have also tried to add setsockopt() after accept() (for > a new socket) and in this case the only packet that is being sent out > via wrong interface is the SYN+ACK from server. this is very important. it means I'm not setting the fibnum in the syncache code correctly. > > I'll try to look into the kernel code tomorrow and will report any > findings. > > -- > Oleg From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 22:12:51 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1ABDC1065674 for ; Mon, 27 Jul 2009 22:12:51 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outT.internet-mail-service.net (outt.internet-mail-service.net [216.240.47.243]) by mx1.freebsd.org (Postfix) with ESMTP id 012948FC08 for ; Mon, 27 Jul 2009 22:12:50 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id BFC68CB05; Mon, 27 Jul 2009 15:12:50 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 8C7642D600D; Mon, 27 Jul 2009 15:12:50 -0700 (PDT) Message-ID: <4A6E2666.2040906@elischer.org> Date: Mon, 27 Jul 2009 15:12:54 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> In-Reply-To: <4A6E0A8B.5000103@sfedu.ru> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 22:12:51 -0000 Oleg Sharoyko wrote: > > Julian Elischer wrote: > >> great.. in your simple server, can you do the sockopt on the socket >> AFTER you did the listen()? >> (just as a test). > > Doesn't help. I have also tried to add setsockopt() after accept() (for > a new socket) and in this case the only packet that is being sent out > via wrong interface is the SYN+ACK from server. > > I'll try to look into the kernel code tomorrow and will report any > findings. > > -- > Oleg in addition to the patches already sent you might like to add the following line to netinet/tcp_input.c } inc.inc_fport = th->th_sport; inc.inc_lport = th->th_dport; inc.inc_fibnum = so->so_fibnum; <------------- /* * Check for an existing connection attempt in syncache if * the flag is only ACK. A successful lookup creates a new * socket appended to the listen queue in SYN_RECEIVED state. */ From owner-freebsd-net@FreeBSD.ORG Mon Jul 27 23:24:48 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B85F106566B for ; Mon, 27 Jul 2009 23:24:48 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outP.internet-mail-service.net (outp.internet-mail-service.net [216.240.47.239]) by mx1.freebsd.org (Postfix) with ESMTP id 713A08FC14 for ; Mon, 27 Jul 2009 23:24:48 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 1DEEEDC2F; Mon, 27 Jul 2009 16:24:48 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id B4EB42D6010; Mon, 27 Jul 2009 16:24:47 -0700 (PDT) Message-ID: <4A6E3743.7050708@elischer.org> Date: Mon, 27 Jul 2009 16:24:51 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> In-Reply-To: <4A6E2666.2040906@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2009 23:24:48 -0000 Julian Elischer wrote: > Oleg Sharoyko wrote: >> >> Julian Elischer wrote: >> >>> great.. in your simple server, can you do the sockopt on the socket >>> AFTER you did the listen()? >>> (just as a test). >> >> Doesn't help. I have also tried to add setsockopt() after accept() >> (for a new socket) and in this case the only packet that is being sent >> out via wrong interface is the SYN+ACK from server. >> >> I'll try to look into the kernel code tomorrow and will report any >> findings. >> >> -- >> Oleg > > > in addition to the patches already sent you might like to add the > following line to netinet/tcp_input.c > > } > inc.inc_fport = th->th_sport; > inc.inc_lport = th->th_dport; > inc.inc_fibnum = so->so_fibnum; <------------- > /* > * Check for an existing connection attempt in syncache if > * the flag is only ACK. A successful lookup creates a new > * socket appended to the listen queue in SYN_RECEIVED > state. > */ in fact you might try just this on its own > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 13:38:19 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 76C88106568C for ; Tue, 28 Jul 2009 13:38:19 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.freebsd.org (Postfix) with ESMTP id E44CB8FC13 for ; Tue, 28 Jul 2009 13:38:18 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from [195.208.252.154] (brain.cc.rsu.ru [195.208.252.154]) (authenticated bits=0) by mail.r61.net (8.14.3/8.14.1) with ESMTP id n6SDcCFT012087 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 28 Jul 2009 17:38:13 +0400 (MSD) (envelope-from os@sfedu.ru) X-Authentication-Warning: asterix.r61.net: Host brain.cc.rsu.ru [195.208.252.154] claimed to be [195.208.252.154] From: Oleg Sharoyko To: Julian Elischer In-Reply-To: <4A6E3743.7050708@elischer.org> References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> <4A6E3743.7050708@elischer.org> Content-Type: text/plain Date: Tue, 28 Jul 2009 17:38:12 +0400 Message-Id: <1248788292.71222.10.camel@brain.cc.rsu.ru> Mime-Version: 1.0 X-Mailer: Evolution 2.24.5 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 13:38:19 -0000 On Mon, 2009-07-27 at 16:24 -0700, Julian Elischer wrote: > > in addition to the patches already sent you might like to add the > > following line to netinet/tcp_input.c > > > > } > > inc.inc_fport = th->th_sport; > > inc.inc_lport = th->th_dport; > > inc.inc_fibnum = so->so_fibnum; <------------- > > /* > > * Check for an existing connection attempt in syncache if > > * the flag is only ACK. A successful lookup creates a new > > * socket appended to the listen queue in SYN_RECEIVED > > state. > > */ > > in fact you might try just this on its own With this patch alone all the packets but SYN+ACK are being sent out correctly. SYN+ACK still uses wrong interface. ip_output() uses struct inpcb *inp argument to set fib. But when syncache_respond() sends SYN+ACK, ip_output() is being called without inp (from netinet/tcp_syncache.c, syncache_respond()): error = ip_output(m, sc->sc_ipopts, NULL, 0, NULL, NULL); It I add M_SETFIB(m, sc->sc_inc.inc_fibnum); before the call to ip_output(), then SYN+ACK goes the right way. -- Oleg Sharoyko. Software and Network Engineer Computer Center of Rostov State University. From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 15:46:59 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B9670106566B for ; Tue, 28 Jul 2009 15:46:59 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outM.internet-mail-service.net (outm.internet-mail-service.net [216.240.47.236]) by mx1.freebsd.org (Postfix) with ESMTP id 9E9848FC2E for ; Tue, 28 Jul 2009 15:46:59 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 6376AB755C; Tue, 28 Jul 2009 08:46:59 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id C6A152D6019; Tue, 28 Jul 2009 08:46:58 -0700 (PDT) Message-ID: <4A6F1D76.7040806@elischer.org> Date: Tue, 28 Jul 2009 08:47:02 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> <4A6E3743.7050708@elischer.org> <1248788292.71222.10.camel@brain.cc.rsu.ru> In-Reply-To: <1248788292.71222.10.camel@brain.cc.rsu.ru> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 15:47:00 -0000 Oleg Sharoyko wrote: > On Mon, 2009-07-27 at 16:24 -0700, Julian Elischer wrote: > >>> in addition to the patches already sent you might like to add the >>> following line to netinet/tcp_input.c >>> >>> } >>> inc.inc_fport = th->th_sport; >>> inc.inc_lport = th->th_dport; >>> inc.inc_fibnum = so->so_fibnum; <------------- >>> /* >>> * Check for an existing connection attempt in syncache if >>> * the flag is only ACK. A successful lookup creates a new >>> * socket appended to the listen queue in SYN_RECEIVED >>> state. >>> */ >> in fact you might try just this on its own > > With this patch alone all the packets but SYN+ACK are being sent out > correctly. SYN+ACK still uses wrong interface. > > ip_output() uses struct inpcb *inp argument to set fib. But when > syncache_respond() sends SYN+ACK, ip_output() is being called without > inp (from netinet/tcp_syncache.c, syncache_respond()): > > error = ip_output(m, sc->sc_ipopts, NULL, 0, NULL, NULL); > > It I add > M_SETFIB(m, sc->sc_inc.inc_fibnum); excellent! I'll get that checked in! > > before the call to ip_output(), then SYN+ACK goes the right way. > From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 16:15:13 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8C371106564A for ; Tue, 28 Jul 2009 16:15:13 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outT.internet-mail-service.net (outt.internet-mail-service.net [216.240.47.243]) by mx1.freebsd.org (Postfix) with ESMTP id 6B2EB8FC08 for ; Tue, 28 Jul 2009 16:15:13 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 782288ED2B; Tue, 28 Jul 2009 09:15:13 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 9DB982D6010; Tue, 28 Jul 2009 09:15:12 -0700 (PDT) Message-ID: <4A6F2414.2080203@elischer.org> Date: Tue, 28 Jul 2009 09:15:16 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> <4A6E3743.7050708@elischer.org> <1248788292.71222.10.camel@brain.cc.rsu.ru> In-Reply-To: <1248788292.71222.10.camel@brain.cc.rsu.ru> Content-Type: multipart/mixed; boundary="------------040106090200020104060101" Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 16:15:13 -0000 This is a multi-part message in MIME format. --------------040106090200020104060101 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Oleg Sharoyko wrote: > On Mon, 2009-07-27 at 16:24 -0700, Julian Elischer wrote: > >>> in addition to the patches already sent you might like to add the >>> following line to netinet/tcp_input.c >>> >>> } >>> inc.inc_fport = th->th_sport; >>> inc.inc_lport = th->th_dport; >>> inc.inc_fibnum = so->so_fibnum; <------------- >>> /* >>> * Check for an existing connection attempt in syncache if >>> * the flag is only ACK. A successful lookup creates a new >>> * socket appended to the listen queue in SYN_RECEIVED >>> state. >>> */ >> in fact you might try just this on its own > > With this patch alone all the packets but SYN+ACK are being sent out > correctly. SYN+ACK still uses wrong interface. > > ip_output() uses struct inpcb *inp argument to set fib. But when > syncache_respond() sends SYN+ACK, ip_output() is being called without > inp (from netinet/tcp_syncache.c, syncache_respond()): > > error = ip_output(m, sc->sc_ipopts, NULL, 0, NULL, NULL); > > It I add > M_SETFIB(m, sc->sc_inc.inc_fibnum); > > before the call to ip_output(), then SYN+ACK goes the right way. > ok so here's my final patch. This is taken against -current. so it may not patch exactly cleanly. it's not quite minimal as I'm cleaning up something too, but could you check it works? if you have ipv6 it might be nice to check that ipv6 doesn't crash with this patch too (ipv6 doesn't support Multiple routing tables yet). --------------040106090200020104060101 Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0"; name="accept.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="accept.diff" Index: sys/kern/uipc_socket.c =================================================================== --- sys/kern/uipc_socket.c (revision 195859) +++ sys/kern/uipc_socket.c (working copy) @@ -438,6 +438,7 @@ so->so_options = head->so_options &~ SO_ACCEPTCONN; so->so_linger = head->so_linger; so->so_state = head->so_state | SS_NOFDREF; + so->so_fibnum = head->so_fibnum; so->so_proto = head->so_proto; so->so_cred = crhold(head->so_cred); #ifdef MAC Index: sys/netinet/tcp_input.c =================================================================== --- sys/netinet/tcp_input.c (revision 195859) +++ sys/netinet/tcp_input.c (working copy) @@ -758,6 +758,7 @@ } inc.inc_fport = th->th_sport; inc.inc_lport = th->th_dport; + inc.inc_fibnum = so->so_fibnum; /* * Check for an existing connection attempt in syncache if Index: sys/netinet/tcp_syncache.c =================================================================== --- sys/netinet/tcp_syncache.c (revision 195859) +++ sys/netinet/tcp_syncache.c (working copy) @@ -642,8 +642,7 @@ #endif inp = sotoinpcb(so); - inp->inp_inc.inc_fibnum = sc->sc_inc.inc_fibnum; - so->so_fibnum = sc->sc_inc.inc_fibnum; + inp->inp_inc.inc_fibnum = so->so_fibnum; INP_WLOCK(inp); /* Insert new socket into PCB hash list. */ @@ -1128,8 +1127,6 @@ sc->sc_cred = cred; cred = NULL; sc->sc_ipopts = ipopts; - /* XXX-BZ this fib assignment is just useless. */ - sc->sc_inc.inc_fibnum = inp->inp_inc.inc_fibnum; bcopy(inc, &sc->sc_inc, sizeof(struct in_conninfo)); #ifdef INET6 if (!(inc->inc_flags & INC_ISIPV6)) @@ -1403,6 +1400,7 @@ } else optlen = 0; + M_SETFIB(m, sc->sc_inc.inc_fibnum); #ifdef INET6 if (sc->sc_inc.inc_flags & INC_ISIPV6) { th->th_sum = 0; --------------040106090200020104060101-- From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 16:18:15 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 397F21065670 for ; Tue, 28 Jul 2009 16:18:15 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.freebsd.org (Postfix) with ESMTP id A7F428FC18 for ; Tue, 28 Jul 2009 16:18:14 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mind.local (os.adsl.r61.net [195.208.243.95]) (authenticated bits=0) by mail.r61.net (8.14.3/8.14.1) with ESMTP id n6SGI8Ef022623 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 28 Jul 2009 20:18:09 +0400 (MSD) (envelope-from os@sfedu.ru) X-Authentication-Warning: asterix.r61.net: Host os.adsl.r61.net [195.208.243.95] claimed to be mind.local Message-ID: <4A6F24BB.7050907@sfedu.ru> Date: Tue, 28 Jul 2009 20:18:03 +0400 From: Oleg Sharoyko User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Julian Elischer References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> <4A6E3743.7050708@elischer.org> <1248788292.71222.10.camel@brain.cc.rsu.ru> <4A6F1D76.7040806@elischer.org> In-Reply-To: <4A6F1D76.7040806@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 16:18:15 -0000 Julian Elischer wrote: > I'll get that checked in! Please, also take a look at _syncache_add() in tcp_syncache.c There is some code which looks strange, at least at first sight. Won't bcopy() overwrite assigned value of sc->sc_inc.inc_fibnum ? /* XXX-BZ this fib assignment is just useless. */ sc->sc_inc.inc_fibnum = inp->inp_inc.inc_fibnum; bcopy(inc, &sc->sc_inc, sizeof(struct in_conninfo)); -- Oleg From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 16:20:00 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0933D1065674 for ; Tue, 28 Jul 2009 16:20:00 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outF.internet-mail-service.net (outf.internet-mail-service.net [216.240.47.229]) by mx1.freebsd.org (Postfix) with ESMTP id E1A908FC08 for ; Tue, 28 Jul 2009 16:19:59 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id E30428ED2B; Tue, 28 Jul 2009 09:19:59 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 54B042D6017; Tue, 28 Jul 2009 09:19:59 -0700 (PDT) Message-ID: <4A6F2533.4050007@elischer.org> Date: Tue, 28 Jul 2009 09:20:03 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Oleg Sharoyko References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> <4A6E3743.7050708@elischer.org> <1248788292.71222.10.camel@brain.cc.rsu.ru> <4A6F1D76.7040806@elischer.org> <4A6F24BB.7050907@sfedu.ru> In-Reply-To: <4A6F24BB.7050907@sfedu.ru> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 16:20:00 -0000 Oleg Sharoyko wrote: > Julian Elischer wrote: > >> I'll get that checked in! > > Please, also take a look at > > _syncache_add() in tcp_syncache.c > > There is some code which looks strange, at least at first sight. Won't > bcopy() overwrite assigned value of sc->sc_inc.inc_fibnum ? > > /* XXX-BZ this fib assignment is just useless. */ > sc->sc_inc.inc_fibnum = inp->inp_inc.inc_fibnum; > bcopy(inc, &sc->sc_inc, sizeof(struct in_conninfo)); the bcopy just writes teh same vlue in again I've removed this in the patch. > > -- > Oleg From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 17:24:53 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 080E3106566B; Tue, 28 Jul 2009 17:24:53 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by mx1.freebsd.org (Postfix) with ESMTP id E0B0E8FC14; Tue, 28 Jul 2009 17:24:52 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from bcs-mail03.internal.cacheflow.com ([10.2.2.95]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id n6SHMox5017994; Tue, 28 Jul 2009 10:22:50 -0700 (PDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Tue, 28 Jul 2009 10:22:04 -0700 Message-ID: In-Reply-To: <4A61544E.2050208@delphij.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: multicast transmission (was: CARP broken on -CURRENT?) Thread-Index: AcoHY226PcQ+csWnS8mgcUOA8hbRMAIQ8tCw References: <4A5F8010.7050504@delphij.net><4A5F7540.7070201@delphij.net> <4A5EF889.6040604@delphij.net> <4A61544E.2050208@delphij.net> From: "Li, Qing" To: , "Ian FREISLICH" Cc: freebsd-net@freebsd.org, FreeBSD Current Subject: multicast transmission (was: CARP broken on -CURRENT?) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 17:24:53 -0000 The problem appears to be contained in ether_output(). A slightly modified version of Xin's patch has been committed. Please sync to r195921. Please let us know if the patch resolves your issues and report new problems if any. Thanks, -- Qing > -----Original Message----- > From: owner-freebsd-current@freebsd.org [mailto:owner-freebsd- > current@freebsd.org] On Behalf Of Xin LI > Sent: Friday, July 17, 2009 9:49 PM > To: Ian FREISLICH > Cc: FreeBSD Current; d@delphij.net > Subject: Re: CARP broken on -CURRENT? >=20 > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 > I got it. It was the cached llentry that preventing ether_output() to > choose the right broadcast/multicast address and use the default > gateway's L2 address. Here is a proposed patch. >=20 > Cheers, > - -- > Xin LI http://www.delphij.net/ > FreeBSD - The Power to Serve! > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.12 (FreeBSD) >=20 > iEYEARECAAYFAkphVE0ACgkQi+vbBBjt66CghgCeOeqa4vLb+oW1qiZCKAggSdKM > O7wAoIF/JL1DNQ/EcuOi8TkNPofJyGLN > =3DhP2w > -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 20:15:10 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1114310656B1 for ; Tue, 28 Jul 2009 20:15:10 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mail.r61.net (mail.r61.net [195.208.245.249]) by mx1.freebsd.org (Postfix) with ESMTP id 7DE4C8FC1A for ; Tue, 28 Jul 2009 20:15:08 +0000 (UTC) (envelope-from os@sfedu.ru) Received: from mind.local (os.adsl.r61.net [195.208.243.95]) (authenticated bits=0) by mail.r61.net (8.14.3/8.14.1) with ESMTP id n6SKF2LS034246 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 29 Jul 2009 00:15:03 +0400 (MSD) (envelope-from os@sfedu.ru) X-Authentication-Warning: asterix.r61.net: Host os.adsl.r61.net [195.208.243.95] claimed to be mind.local Message-ID: <4A6F5C41.3050009@sfedu.ru> Date: Wed, 29 Jul 2009 00:14:57 +0400 From: Oleg Sharoyko User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Julian Elischer References: <1248704237.96833.127.camel@brain.cc.rsu.ru> <4A6DE356.6040006@elischer.org> <4A6DEE30.6000108@sfedu.ru> <4A6DFFA1.1010709@elischer.org> <4A6E0121.2020004@sfedu.ru> <4A6E05EC.8050401@elischer.org> <4A6E0A8B.5000103@sfedu.ru> <4A6E2666.2040906@elischer.org> <4A6E3743.7050708@elischer.org> <1248788292.71222.10.camel@brain.cc.rsu.ru> <4A6F2414.2080203@elischer.org> In-Reply-To: <4A6F2414.2080203@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Wrong outgoing interface with multiple routing tables X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 20:15:10 -0000 Julian Elischer wrote: > ok so here's my final patch. > This is taken against -current. so it may not patch exactly cleanly. > > it's not quite minimal as I'm cleaning up something too, but > could you check it works? Works with 7.2. Thanks! > if you have ipv6 it might be nice to check that ipv6 doesn't crash > with this patch too (ipv6 doesn't support Multiple routing tables > yet). It took me some time to setup a test IPv6 network and it also works, no crashes with v6 here. -- Oleg From owner-freebsd-net@FreeBSD.ORG Tue Jul 28 21:52:56 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 442A9106566C for ; Tue, 28 Jul 2009 21:52:56 +0000 (UTC) (envelope-from bob@veznat.com) Received: from mail.ttora.com (mail.ttora.com [208.75.243.236]) by mx1.freebsd.org (Postfix) with ESMTP id F19598FC16 for ; Tue, 28 Jul 2009 21:52:55 +0000 (UTC) (envelope-from bob@veznat.com) DomainKey-Signature: s=two; d=veznat.com; c=nofws; q=dns; h=X-MID:X-IronPort-AV:X-IronPort-AV:Received:User-Agent: Date:Subject:From:To:CC:Message-ID:Thread-Topic: Thread-Index:In-Reply-To:Mime-version:Content-type: Content-transfer-encoding; b=c0jHbxGnhntsQ4FSoAD0Sy3zhSYig59vmEdHsGpRUc0lltVsFzUSst+J II+aoMTTv3i3qCpV+9O41g0FcKne+hMLNXmvUSP0lhjVgZzsxS9IgMugt kwyVwut2IxshSFUDKYlsXYoINaL0omj+iRNBLG0cC4vUlXg0Dm/uhDyir w=; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=veznat.com; i=bob@veznat.com; q=dns/txt; s=one; t=1248817976; x=1280353976; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Bob=20Van=20Zant=20|Subject:=20R e:=20IPv6=20traffic=20between=20two=20hosts=20not=20flowi ng|Date:=20Tue,=2028=20Jul=202009=2014:52:52=20-0700 |Message-ID:=20|To:=20Juli an=20Elischer=20|CC:=20|Mime-version:=201.0 |Content-transfer-encoding:=207bit|In-Reply-To:=20<4A6939 5B.4020604@elischer.org>; bh=/12ZhzvFWGnU5LWRdukhOvreZgKN1lGRwFJs1PSim2s=; b=kq1iqSwNGPOrdI8naC6LmGeheNY2jSyqEqNQpJNleXBoRe4+1S1B0I2d hyKvpnCHTy6R+wZ9mBYOOFnDFHtyCq5WTf/sCmRGupkslauwlZiWiab2j guhJ1E0Fs03aLEsODep7hRXbTBbSMsgq4uPZYk3Y9u9GoAlthfWFgI02t o=; X-MID: 1950820 X-IronPort-AV: E=McAfee;i="5300,2777,5691"; a="1950820" X-IronPort-AV: E=Sophos;i="4.43,284,1246863600"; d="scan'208";a="1950820" Received: from nat.ironport.com (HELO [173.37.10.6]) ([63.251.108.100]) by mail.ttora.com with ESMTP/TLS/DES-CBC3-SHA; 28 Jul 2009 14:52:54 -0700 User-Agent: Microsoft-Entourage/12.12.0.080729 Date: Tue, 28 Jul 2009 14:52:52 -0700 From: Bob Van Zant To: Julian Elischer Message-ID: Thread-Topic: IPv6 traffic between two hosts not flowing Thread-Index: AcoPzcFYrKMZlGLf20OBBupQi4aCFw== In-Reply-To: <4A69395B.4020604@elischer.org> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: IPv6 traffic between two hosts not flowing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2009 21:52:56 -0000 The problem ended up being a semi-broken em (yes, em, bge wasn't the problem like I originally thought) driver in 6.2. The driver wasn't bringing in ethernet multicast frames (required for ndp to work) and without ndp things weren't working. If the interface was put into promiscuous mode for a few seconds ndp could take place and everything worked fine. Upgrading the kernel to 6.3 made the problem go away. Just in case it's useful to anyone, these are the 3 em devices I had on this machine (a Dell 2850): em0@pci6:7:0: class=0x020000 card=0x016d1028 chip=0x10768086 rev=0x05 hdr=0x00 em1@pci7:8:0: class=0x020000 card=0x016d1028 chip=0x10768086 rev=0x05 hdr=0x00 em2@pci9:4:0: class=0x020000 card=0x10028086 chip=0x10268086 rev=0x04 hdr=0x00 em2 was the only device functioning properly on 6.2. -Bob On 7/23/09 9:32 PM, "Julian Elischer" wrote: > Bob Van Zant wrote: >> I have 2 FreeBSD machines each with 3 ethernet interfaces each with an IPv6 >> address. >> >> Here's a table showing how the two machines are connected. To try to blame >> the switch or its configuration I have tried directly connecting the >> machines. The results were the same. >> >> 6.3 4948 6.2 >> --- ---- --- >> fxp0 em2 >> fc00:dada::47 fc00:dada::2 >> >> bge0 em0 >> fc00:dada:1::47 fc00:dada:1::2 >> >> bge1 em1 >> fc00:dada:2::47 fc00:dada:2::2 >> >> Traffic from fxp0 to em2 works fine. >> bge0 to em0 and bge1 to em1 doesn't work as I'll explain below and is the >> reason I'm writing to the list. >> >> >> This host is able to communicate with it's IPv6 neighbor over the fxp0 >> interface, however, neither of the bge interfaces are able to communicate >> with their peers. >> >> ndp(8) output on the 6.3 machine (with bge interfaces) seems to highlight >> something weird. In addition to the errors occurring, the Netif column for >> fc00:dada:1::47 shows fxp0. ifconfig shows that address on bge0. The same is >> true for fc00:dada:2::47; in ndp it shows up on fxp0 but ifconfig thinks >> it's on bge1 (it should be). The linklayer address being "(incomplete)" also >> seems weird given that this is a normal ethernet interface on the local >> machine. > > I'm going to guess that if the other connections were disconnected, > the 2nd and 3rd pairs would work. > > I'm also guessing that if you closely look at the data between the 2nd > and 3rd pairs you will somewhere see the addresses of the first pair > in there. FreeBSD has often suffered when trying to run connections in > parallel, even in IPV4. > > I believe this has been fixed in 8.x to some extent.. > > > >> >> >> $ ndp -an >> Neighbor Linklayer Address Netif Expire S >> Flags >> fc00:dada::2 0:e:c:b4:13:8f fxp0 22h38m10s S R >> fc00:dada::47 0:2:b3:e7:4a:56 fxp0 permanent R >> ndp: ioctl(SIOCGNBRINFO_IN6): Invalid argument >> ndp: failed to get neighbor information >> fc00:dada:1::47 (incomplete) fxp0 >> ndp: ioctl(SIOCGNBRINFO_IN6): Invalid argument >> ndp: failed to get neighbor information >> fc00:dada:2::47 (incomplete) fxp0 >> fe80::20d:56ff:fe70:a9ae%bge0 0:d:56:70:a9:ae bge0 permanent R >> fe80::20d:56ff:fe70:a9af%bge1 0:d:56:70:a9:af bge1 permanent R >> fe80::202:b3ff:fee7:4a56%fxp0 0:2:b3:e7:4a:56 fxp0 permanent R >> >> >> Output from ifmcstat looks correct to me (mostly the same as fxp0 but with >> the appropriate addresses different). >> >> I did find this message in the logfile at least once: >> >> nd6_storelladdr: sdl_alen == 0 >> >> >> If I do a ping6 in between the two hosts and then run tcpdump on either of >> the bge interfaces I can see neighbor discovery traffic going back and >> forth. > > but not correct probably or it would be stored in the Link Level tables. > >> >> If the ping is from the bge interface to the corresponding em interface then >> all I ever see is the NDP traffic. >> >> If the ping is from the em interface to the corresponding bge interface then >> I see a normal solicitation and advertisement followed by ICMP echo requests >> (there are never any replies). The 6.2 machine's ndp cache looks correct. >> The 6.3 machine's ndp cache is the one pasted above. >> >> >> I feel like I'm just rambling here and not necessarily putting together a >> sane question. If this is making sense to anyone and it isn't immediately >> obvious what's going on please ask me some follow up questions. >> >> In addition to all of this, after what appears to be about an hour of >> sending ping packets that go nowhere and pulling interfaces in and out of >> promiscuous mode (tcpdump) the system appears to deadlock. I don't have any >> proof that it's deadlock other than a completely unresponsive box that needs >> to have the power cable removed. It's happened twice so far this afternoon. >> >> Thanks for reading this far, > > if you had an 8.x image, you might try it there.. > and a 6.2<->6.2 and 6.3<->6.3 boot as well > probably the person you want to actually speak with is Qing Li > >> >> Bob >> >> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Wed Jul 29 01:55:47 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8532B106564A; Wed, 29 Jul 2009 01:55:47 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 5B3638FC16; Wed, 29 Jul 2009 01:55:47 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6T1tl4a053309; Wed, 29 Jul 2009 01:55:47 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6T1tlwp053305; Wed, 29 Jul 2009 01:55:47 GMT (envelope-from linimon) Date: Wed, 29 Jul 2009 01:55:47 GMT Message-Id: <200907290155.n6T1tlwp053305@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/137170: [ath] atheros AR9285 not recognised X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2009 01:55:47 -0000 Old Synopsis: atheros AR9285 not recognised New Synopsis: [ath] atheros AR9285 not recognised Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Wed Jul 29 01:55:24 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=137170 From owner-freebsd-net@FreeBSD.ORG Wed Jul 29 10:29:28 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3C24C106566B for ; Wed, 29 Jul 2009 10:29:28 +0000 (UTC) (envelope-from ap00@mail.ru) Received: from mx4.mail.ru (mx4.mail.ru [94.100.176.18]) by mx1.freebsd.org (Postfix) with ESMTP id E30F98FC1A for ; Wed, 29 Jul 2009 10:29:27 +0000 (UTC) (envelope-from ap00@mail.ru) Received: from mx48.mail.ru (mx48.mail.ru [94.100.176.62]) by mx4.mail.ru (mPOP.Fallback_MX) with ESMTP id CDE518223E5 for ; Wed, 29 Jul 2009 14:15:06 +0400 (MSD) Received: from [91.190.115.253] (port=49549 helo=pstation) by mx48.mail.ru with asmtp id 1MW6BQ-000JWf-00 for freebsd-net@freebsd.org; Wed, 29 Jul 2009 14:14:52 +0400 Date: Wed, 29 Jul 2009 14:17:08 +0400 From: Anthony Pankov X-Mailer: The Bat! (v1.51) Personal X-Priority: 3 (Normal) Message-ID: <98265976953.20090729141708@mail.ru> To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mras: Ok Subject: TCP initial window size X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Anthony Pankov List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2009 10:29:28 -0000 Can anybody explain me about initial TCP window sent to the client (in syn/ack packet), please. Is it unmanageable and always set to net.inet.tcp.recvspace? (Due to use of syncache and syncache code is (tcp_syncache.c): /* Initial receive window: clip sbspace to [0 .. TCP_MAXWIN] */ win = sbspace(&so->so_rcv); win = imax(win, 0); win = imin(win, TCP_MAXWIN); sc->sc_wnd = win; ) If it is, then what bad things will happen if i replace code above by code like this: if (tcp_do_rfc3390) sc->sc_wnd = min(4*(sc->sc_peer_mss ? sc->sc_peer_mss:tcp_mssdflt ), max(2 * (sc->sc_peer_mss ? sc->sc_peer_mss:tcp_mssdflt), 4380)); else sc->sc_wnd = (sc->sc_peer_mss ? sc->sc_peer_mss:tcp_mssdflt) * ss_fltsz; Also, does local connection use syncache? System: FreeBSD 6.2-RELEASE-p9 -- Best regards, Anthony mailto:ap00@mail.ru From owner-freebsd-net@FreeBSD.ORG Wed Jul 29 10:44:32 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C453F106566C; Wed, 29 Jul 2009 10:44:32 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from mail.digiware.nl (mail.ip6.digiware.nl [IPv6:2001:4cb8:1:106::2]) by mx1.freebsd.org (Postfix) with ESMTP id 6180F8FC34; Wed, 29 Jul 2009 10:44:32 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from localhost (localhost.digiware.nl [127.0.0.1]) by mail.digiware.nl (Postfix) with ESMTP id 50136153433; Wed, 29 Jul 2009 12:44:31 +0200 (CEST) X-Virus-Scanned: amavisd-new at digiware.nl Received: from mail.digiware.nl ([127.0.0.1]) by localhost (rack1.digiware.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wxu3qgymh98m; Wed, 29 Jul 2009 12:44:29 +0200 (CEST) Received: from [192.168.10.67] (opteron [192.168.10.67]) by mail.digiware.nl (Postfix) with ESMTP id 447CD153434; Wed, 29 Jul 2009 12:44:29 +0200 (CEST) Message-ID: <4A702885.5080803@digiware.nl> Date: Wed, 29 Jul 2009 12:46:29 +0200 From: Willem Jan Withagen Organization: Digiware User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: Raffaele De Lorenzo References: <3164304.442981248256119643.JavaMail.defaultUser@defaultHost> <4A672C79.3000006@digiware.nl> <11956F97-0C87-456F-A769-70BEDBA351BE@libero.it> In-Reply-To: <11956F97-0C87-456F-A769-70BEDBA351BE@libero.it> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org, net@freebsd.org Subject: Re: R: IPv6 and ipfw X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2009 10:44:33 -0000 Raffaele De Lorenzo wrote: > Hi all, > I attached a patch that solve this problem. I will send a PR as soon as > possible. > > Instructions: > > Patch the follow files: > > /usr/src/sbin/ipfw/ipfw2.c (patch is ipfw2.c.diff) > /usr/src/sbin/ipfw/ipfw2.h (patch is ipfw2.h.diff) > /usr/src/sbin/ipfw/ipv6.c (patch is ipv6.c.diff) > > This patch was tested on FreeBSD 8 Beta 2 AMD64 and official FreeBSD 8 > BETA 2 Sources. > > Let me know any suggestion or problem. Patch worked fine on 7.2-stable as well. Multiple ipv6 addresses are now accepted in one go. But it still does not really works as well as I would like ;): ipfw add 11101 allow udp from any to 192.168.10.67,2001:dddd:c::67 dst-port 45457 keep-state ipfw: bad netmask ``dddd:c::67'' Which from your comment seems correct: + * Pre-Check multi address rules to avoid parser confusion about IPv4/IPv6 addresses. + * XXX I assume the first know address is the reference address (You cannot use both IPv4/IPv6 addresses inside + * a multi-addresses rule). But looking at the code, why not fist parse chunks seperated by ',' and then test them for all possible variants, because as far as I understand there are no ',''s allowed in the adresspec. Thanx for the work thusfar, --WjW From owner-freebsd-net@FreeBSD.ORG Wed Jul 29 16:26:16 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0AEF1106566B for ; Wed, 29 Jul 2009 16:26:16 +0000 (UTC) (envelope-from tuexen@freebsd.org) Received: from mail-n.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) by mx1.freebsd.org (Postfix) with ESMTP id 9BA648FC22 for ; Wed, 29 Jul 2009 16:26:15 +0000 (UTC) (envelope-from tuexen@freebsd.org) Received: from [IPv6:2001:df8::16:224:36ff:feef:67d1] (unknown [IPv6:2001:df8:0:16:224:36ff:feef:67d1]) by mail-n.franken.de (Postfix) with ESMTP id 448E41C0B0005; Wed, 29 Jul 2009 18:26:13 +0200 (CEST) Message-Id: <30F5F8DF-111B-4931-8AA3-DDD18B3A5AB9@freebsd.org> From: Michael Tuexen To: FreeBSD net mailing list Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Wed, 29 Jul 2009 18:26:11 +0200 X-Mailer: Apple Mail (2.935.3) Cc: Bruce Simpson Subject: mld_mtx lock order reversal X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2009 16:26:16 -0000 Dear all, when doing a ifconfig gif0 down ifconfig gif0 -tunnel ifconfig gif0 destroy I got a the following message on the last command. Is this a false positive? Best regards Michael --- syscall (304, FreeBSD ELF64, kldload), rip = 0x8006923ac, rsp = 0x7fffffffed38, rbp = 0 --- lock order reversal: 1st 0xffffff0002995bc8 if_afdata (if_afdata) @ net/if.c:830 2nd 0xffffffff80de59c0 mld_mtx (mld_mtx) @ netinet6/mld6.c:570 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2a _witness_debugger() at _witness_debugger+0x2e witness_checkorder() at witness_checkorder+0x81e _mtx_lock_flags() at _mtx_lock_flags+0x78 mld_domifdetach() at mld_domifdetach+0x24 in6_domifdetach() at in6_domifdetach+0x11 if_detach() at if_detach+0x6ed gif_clone_destroy() at gif_clone_destroy+0xda ifc_simple_destroy() at ifc_simple_destroy+0x2a if_clone_destroyif() at if_clone_destroyif+0xc0 ifioctl() at ifioctl+0x6f5 kern_ioctl() at kern_ioctl+0xc5 ioctl() at ioctl+0xfd syscall() at syscall+0x1af Xfast_syscall() at Xfast_syscall+0xe1 From owner-freebsd-net@FreeBSD.ORG Wed Jul 29 19:46:40 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C872A1065708 for ; Wed, 29 Jul 2009 19:46:40 +0000 (UTC) (envelope-from merketing.e@email.it) Received: from davidovitch.com (mail.davidovitch.com [84.16.96.22]) by mx1.freebsd.org (Postfix) with ESMTP id 50BE88FC25 for ; Wed, 29 Jul 2009 19:46:40 +0000 (UTC) (envelope-from merketing.e@email.it) Received: from kas30pipe.localhost (localhost [127.0.0.1]) by davidovitch.com (Postfix) with ESMTP id 8D74510A36B for ; Wed, 29 Jul 2009 21:22:20 +0200 (CEST) Received: from computer-c09676 (unknown [87.13.135.38]) by davidovitch.com (Postfix) with ESMTP id 6374310A355 for ; Wed, 29 Jul 2009 21:22:18 +0200 (CEST) mime-version: 1.0 from: "M. Lorona" to: freebsd-net@freebsd.org date: 29 Jul 2009 21:22:19 +0200 content-type: multipart/mixed; boundary=--boundary_53726_78d701a1-7909-42f1-9dd6-f165fa62c645 Message-Id: <20090729192219.6374310A355@davidovitch.com> X-SpamTest-Envelope-From: merketing.e@email.it X-SpamTest-Group-ID: 00000000 X-SpamTest-Info: Profiles 9193 [Jul 29 2009] X-SpamTest-Info: helo_type=3 X-SpamTest-Method: none X-SpamTest-Rate: 0 X-SpamTest-SPF: none X-SpamTest-Status: Not detected X-SpamTest-Status-Extended: not_detected X-SpamTest-Version: SMTP-Filter Version 3.0.0 [0284], KAS30/Release X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Richiesta X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2009 19:46:42 -0000 ----boundary_53726_78d701a1-7909-42f1-9dd6-f165fa62c645 content-type: text/plain; charset=utf-8 content-transfer-encoding: base64 PGh0bWw+DQo8VEFCTEU+DQo8VFI+DQo8VEQ+DQo8Yj5TT0ZUV0FSRSBQRVIgTCcgRU1BSUwt TUFSS0VUSU5HPC9iPg0KPC9URD4NCjwvVFI+DQo8dHI+PHRkPjxocj48L3RkPjwvdHI+DQo8 VFI+PFREPg0KPExJPlNvZnR3YXJlIGNoZSBlc3RyYXBvbGEgZGF0aSBkYWxsZSBQYWdpbmUg R2lhbGxlIGUgQmlhbmNoZS48YnI+DQo8TEk+U29mdHdhcmUgcGVyIGNyZWFyZSBsZSBlbWFp bCBpbmZvQCBkYSByaWNlcmNoZSBvbiBsaW5lIHN1IG1vdG9yaQ0KPGxpPlNvZnR3YXJlIEdl c3Rpb25hbGUgcGVyIGludmlhcmUgbmV3c2xldHRlcg0KPGxpPjgwMCBzZXJ2ZXIgc210cCBw ZXIgaW52aWFyZSBsZSB0dWUgbmV3c2xldHRlciAoMTAuMDAwIHBlciBvcmEpPGJyPg0KcHM6 IGlsIHNlcnZpemlvIHNtdHAgbm9uIMOoIHNvZ2dldHRvIGEgc29zcGVuc2lvbmkgZGVsIHNl cnZpemlvIHBlciBzZWduYWxhemlvbmUgZGkgdGVyemkuPGJyPg0KQ3JlYXJlIGFwcHVudGFt ZW50aSBpbmJvdW5kIGluIHBvY28gdGVtcG8gc2kgcHXDsiwgY29zYSBhc3BldHRpLCBub2kg dGkgZGlhbW8gZ2xpIHN0cnVtZW50aS4NCjwvdGQ+DQo8L3RyPg0KPHRyPjx0ZD48aHI+PC90 ZD48L3RyPg0KPHRyPg0KPHRkPg0Kc2Ugc2VpIGludGVyZXNzYXRvIGFsbCdhY3F1aXN0byBj bGljY2EgaWwgbGluayBzb3R0b3N0YW50ZS4NCjwvVEQ+PC9UUj4NCjx0cj4NCjx0ZCBiZ2Nv bG9yPWdyZWVuIGhlaWdodD0xPjwvdGQ+PC90cj4NCjx0cj4NCjx0ZCBhbGlnbj1jZW50ZXI+ PGEgaHJlZj0ibWFpbHRvOmVtYWlsLm1hcmtldGluZy5zcGFAZ21haWwuY29tP3N1YmplY3Q9 UmljaGllc3RhIGluZm8mQm9keT1JbmRpY2hpOiUwQVJhZ2lvbmUlMjBTb2NpYWxlJTBBTm9t ZSUwQUNvZ29tZSUwQVRlbGVmb25vJTBBcXVhbnRpJTIwdmVuZGl0b3JpJTIwbGF2b3Jhbm8l MjBwZXIlMjB2b2kiPjxiPkNsaWNjYSBwZXIgdWx0ZXJpb3JpIGNoaWFyaW1lbnRpPC9iPjwv YT48L3RkPjwvdHI+DQo8dGQgYmdjb2xvcj1ncmVlbiBoZWlnaHQ9MT48L3RkPjwvdHI+DQo8 dHI+PHRkPlNlIG5vbiByaWVzY2kgYWQgYXByaXJlIGlsIGxpbmsgc2NyaXZpIHVuYSBlLW1h aWwgZW1haWwubWFya2V0aW5nLnNwYUBnbWFpbC5jb208L3RkPjwvdHI+ ----boundary_53726_78d701a1-7909-42f1-9dd6-f165fa62c645-- From owner-freebsd-net@FreeBSD.ORG Thu Jul 30 01:26:16 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 089BB106564A for ; Thu, 30 Jul 2009 01:26:16 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by mx1.freebsd.org (Postfix) with ESMTP id CE5758FC14 for ; Thu, 30 Jul 2009 01:26:15 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute2.internal (compute2.internal [10.202.2.42]) by out1.messagingengine.com (Postfix) with ESMTP id 307393BCEF3; Wed, 29 Jul 2009 21:26:15 -0400 (EDT) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute2.internal (MEProxy); Wed, 29 Jul 2009 21:26:15 -0400 X-Sasl-enc: SabJIqKddWXCX1v6f7w3AnL3MhGxFi3bKM0WvlBLq23q 1248917164 Received: from anglepoise.lon.incunabulum.net (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id DD27F20FD1; Wed, 29 Jul 2009 21:26:03 -0400 (EDT) Message-ID: <4A70F65D.1040201@incunabulum.net> Date: Thu, 30 Jul 2009 02:24:45 +0100 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.22 (X11/20090725) MIME-Version: 1.0 To: Michael Tuexen References: <30F5F8DF-111B-4931-8AA3-DDD18B3A5AB9@freebsd.org> In-Reply-To: <30F5F8DF-111B-4931-8AA3-DDD18B3A5AB9@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD net mailing list Subject: Re: mld_mtx lock order reversal X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2009 01:26:16 -0000 Michael Tuexen wrote: > Dear all, > > when doing a > ifconfig gif0 down > ifconfig gif0 -tunnel > ifconfig gif0 destroy > I got a the following message on the last command. > Is this a false positive? See comments in mld6.c. Some LOR warnings are unavoidable at the moment because of INET6 locking; the worst culprit is the SCOPE6 lock. Unfortunately I can't do anything about this right now. The LORs themselves should be pretty benign. From owner-freebsd-net@FreeBSD.ORG Thu Jul 30 20:15:04 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A9B59106566C for ; Thu, 30 Jul 2009 20:15:04 +0000 (UTC) (envelope-from prvs=146232ce52=killing@multiplay.co.uk) Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23]) by mx1.freebsd.org (Postfix) with ESMTP id 395B18FC1D for ; Thu, 30 Jul 2009 20:15:04 +0000 (UTC) (envelope-from prvs=146232ce52=killing@multiplay.co.uk) DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=multiplay.co.uk; s=Multiplay; t=1248984251; x=1249589051; q=dns/txt; h=Received: Message-ID:From:To:References:Subject:Date:MIME-Version: Content-Type:Content-Transfer-Encoding; bh=atFLxg24nMarDn7/b9AnF v90B3dxg5riiqi8GtWDu2E=; b=oDKWjD4+sEuFbx4ZuOQc+s/vbIwqDAqwbLYLg n5GadurRKqaK0r+Iy8rcs31AAUiFtWhRpBw4zE/hy+b9O9hd816FxId+/fLcbqrs KSxN5LdTL+3E6gu9HkR5aWAsYGtZSNuRy9bjI3Qa4/vO+JkkrTvKrm8zNjprAEtp y9MGZI= X-MDAV-Processed: mail1.multiplay.co.uk, Thu, 30 Jul 2009 21:04:11 +0100 Received: from r2d2 by mail1.multiplay.co.uk (MDaemon PRO v10.0.4) with ESMTP id md50007974696.msg for ; Thu, 30 Jul 2009 21:04:11 +0100 X-Spam-Processed: mail1.multiplay.co.uk, Thu, 30 Jul 2009 21:04:11 +0100 (not processed: message from trusted or authenticated source) X-Authenticated-Sender: Killing@multiplay.co.uk X-MDRemoteIP: 213.123.247.160 X-Return-Path: prvs=146232ce52=killing@multiplay.co.uk X-Envelope-From: killing@multiplay.co.uk X-MDaemon-Deliver-To: freebsd-net@FreeBSD.org Message-ID: <5CC0D128FDDD4BFBA815E2D8D388B2DF@multiplay.co.uk> From: "Steven Hartland" To: "DutchDaemon" , References: <200906011450.n51Eo3Wp095320@freefall.freebsd.org> Date: Thu, 30 Jul 2009 21:04:10 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="Windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 Cc: Subject: Re: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2009 20:15:05 -0000 Anyone point me in the right direction on how to add the phy to support these machine? Seems like its just a matter of adding the PHY details to miidevs but how do I find out the specifics of that? Regards Steve ----- Original Message ----- From: "DutchDaemon" > The following reply was made to PR kern/134658; it has been noted by GNATS. > > From: DutchDaemon > To: bug-followup@FreeBSD.org, harald_jensas@dell.com > Cc: > Subject: Re: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. > Date: Mon, 01 Jun 2009 16:21:59 +0200 > > http://forums.freebsd.org/showthread.php?t=3804 ================================================ This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmaster@multiplay.co.uk. From owner-freebsd-net@FreeBSD.ORG Thu Jul 30 21:42:52 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 13AC5106564A for ; Thu, 30 Jul 2009 21:42:52 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.delphij.net (delphij-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:2c9::2]) by mx1.freebsd.org (Postfix) with ESMTP id 99DAE8FC0C for ; Thu, 30 Jul 2009 21:42:51 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.geekcn.org (tarsier.geekcn.org [211.166.10.233]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tarsier.delphij.net (Postfix) with ESMTPS id 12F025C024 for ; Fri, 31 Jul 2009 05:42:50 +0800 (CST) Received: from localhost (tarsier.geekcn.org [211.166.10.233]) by tarsier.geekcn.org (Postfix) with ESMTP id D785E55CD997; Fri, 31 Jul 2009 05:42:44 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([211.166.10.233]) by localhost (mail.geekcn.org [211.166.10.233]) (amavisd-new, port 10024) with ESMTP id jkuJ5lTctQim; Fri, 31 Jul 2009 05:41:50 +0800 (CST) Received: from charlie.delphij.net (adsl-76-237-33-62.dsl.pltn13.sbcglobal.net [76.237.33.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTPSA id 02C3D55CD9A9; Fri, 31 Jul 2009 05:41:43 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:cc:subject:references:in-reply-to: x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=obM9qS3Yw0WFZxsPacV/E2GUuDI1BrK+DQoF4LJNEdRmUGlJ4x/OL6jIlwHGihsjq QMyfmr4xUEjw5tVdXWxZA== Message-ID: <4A721381.2060602@delphij.net> Date: Thu, 30 Jul 2009 14:41:21 -0700 From: Xin LI Organization: The FreeBSD Project User-Agent: Thunderbird 2.0.0.22 (X11/20090701) MIME-Version: 1.0 To: Steven Hartland References: <200906011450.n51Eo3Wp095320@freefall.freebsd.org> <5CC0D128FDDD4BFBA815E2D8D388B2DF@multiplay.co.uk> In-Reply-To: <5CC0D128FDDD4BFBA815E2D8D388B2DF@multiplay.co.uk> X-Enigmail-Version: 0.95.7 OpenPGP: id=18EDEBA0; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Cc: freebsd-net@FreeBSD.org, DutchDaemon Subject: Re: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2009 21:42:52 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Steven, Try this patch: http://people.freebsd.org/~delphij/misc/bce-5709phy.diff (You need to rebuild the whole kernel) Another thing that may need attention: http://www.mavetju.org/mail/view_message.php?list=freebsd-drivers&id=2977317 Steven Hartland wrote: > Anyone point me in the right direction on how to add the phy to support > these machine? > > Seems like its just a matter of adding the PHY details to miidevs but how > do I find out the specifics of that? > > Regards > Steve > > ----- Original Message ----- From: "DutchDaemon" > > >> The following reply was made to PR kern/134658; it has been noted by >> GNATS. >> >> From: DutchDaemon >> To: bug-followup@FreeBSD.org, harald_jensas@dell.com >> Cc: Subject: Re: kern/134658: [bce] bce driver fails on PowerEdge >> m610 blade. >> Date: Mon, 01 Jun 2009 16:21:59 +0200 >> >> http://forums.freebsd.org/showthread.php?t=3804 > > > ================================================ > This e.mail is private and confidential between Multiplay (UK) Ltd. and > the person or entity to whom it is addressed. In the event of > misdirection, the recipient is prohibited from using, copying, printing > or otherwise disseminating it or any information contained in it. > In the event of misdirection, illegible or incomplete transmission > please telephone +44 845 868 1337 > or return the E.mail to postmaster@multiplay.co.uk. > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) iEYEARECAAYFAkpyE4EACgkQi+vbBBjt66CVzACfUvBEXu06kGoJfnUwYDnOYU9q /U8Anj8tPvqDniFUtr8SZEpS188jDyDv =I5zq -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Fri Jul 31 04:45:09 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1FAB7106564A; Fri, 31 Jul 2009 04:45:09 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E96078FC16; Fri, 31 Jul 2009 04:45:08 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6V4j89k088563; Fri, 31 Jul 2009 04:45:08 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6V4j8eS088559; Fri, 31 Jul 2009 04:45:08 GMT (envelope-from linimon) Date: Fri, 31 Jul 2009 04:45:08 GMT Message-Id: <200907310445.n6V4j8eS088559@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/137279: [bge] [panic] Page fault (fatal trap 12) NFS server w/Broadcom BCM5704 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2009 04:45:09 -0000 Old Synopsis: Page fault (fatal trap 12) NFS server w/Broadcom BCM5704 New Synopsis: [bge] [panic] Page fault (fatal trap 12) NFS server w/Broadcom BCM5704 Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Fri Jul 31 04:44:05 UTC 2009 Responsible-Changed-Why: seems to be in the bge_intr routine. http://www.freebsd.org/cgi/query-pr.cgi?pr=137279 From owner-freebsd-net@FreeBSD.ORG Fri Jul 31 08:47:09 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4361C106566C for ; Fri, 31 Jul 2009 08:47:09 +0000 (UTC) (envelope-from prvs=1463147095=killing@multiplay.co.uk) Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23]) by mx1.freebsd.org (Postfix) with ESMTP id CA8BE8FC1B for ; Fri, 31 Jul 2009 08:47:08 +0000 (UTC) (envelope-from prvs=1463147095=killing@multiplay.co.uk) DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=multiplay.co.uk; s=Multiplay; t=1249029374; x=1249634174; q=dns/txt; h=Received: Message-ID:From:To:Cc:References:Subject:Date:MIME-Version: Content-Type:Content-Transfer-Encoding; bh=bM/WoAfcNWhuIX/mQeWTx 8gf4A1kirsJG8I3GxozSzc=; b=GdWUGVjR3932MnU7o/tEsq/iPrA9tvgLboPkP 2Gnwv0XDnDx62HoYIWpN2RqQRKr4ZT9YRAo9uLROk1aFGbi3PwECZr4RcXOfuwCn my7MWj4bB0EeMHtRm3B/FPH1Vy5/cW+b1aNeqtny50WBE3Md5meJB65IajDbuqvL 2LeeDA= X-MDAV-Processed: mail1.multiplay.co.uk, Fri, 31 Jul 2009 09:36:14 +0100 Received: from r2d2 by mail1.multiplay.co.uk (MDaemon PRO v10.0.4) with ESMTP id md50007976180.msg for ; Fri, 31 Jul 2009 09:36:12 +0100 X-Spam-Processed: mail1.multiplay.co.uk, Fri, 31 Jul 2009 09:36:12 +0100 (not processed: message from trusted or authenticated source) X-Authenticated-Sender: Killing@multiplay.co.uk X-MDRemoteIP: 213.123.247.160 X-Return-Path: prvs=1463147095=killing@multiplay.co.uk X-Envelope-From: killing@multiplay.co.uk X-MDaemon-Deliver-To: freebsd-net@FreeBSD.org Message-ID: <7F616135EE574E40A8F88E643FA744A3@multiplay.co.uk> From: "Steven Hartland" To: References: <200906011450.n51Eo3Wp095320@freefall.freebsd.org> <5CC0D128FDDD4BFBA815E2D8D388B2DF@multiplay.co.uk> <4A721381.2060602@delphij.net> Date: Fri, 31 Jul 2009 09:36:10 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="Windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 Cc: freebsd-net@FreeBSD.org, DutchDaemon Subject: Re: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2009 08:47:09 -0000 This already appears to be in the 8.0 BETA2 source that we are running, no go :( Regards Steve ----- Original Message ----- From: "Xin LI" To: "Steven Hartland" Cc: "DutchDaemon" ; Sent: Thursday, July 30, 2009 10:41 PM Subject: Re: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, Steven, > > Try this patch: > > http://people.freebsd.org/~delphij/misc/bce-5709phy.diff > > (You need to rebuild the whole kernel) > > Another thing that may need attention: > http://www.mavetju.org/mail/view_message.php?list=freebsd-drivers&id=2977317 ================================================ This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmaster@multiplay.co.uk. From owner-freebsd-net@FreeBSD.ORG Fri Jul 31 14:09:34 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6060710656B6 for ; Fri, 31 Jul 2009 14:09:34 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from smtp2.dlr.de (smtp1.dlr.de [129.247.252.32]) by mx1.freebsd.org (Postfix) with ESMTP id EBD498FC1D for ; Fri, 31 Jul 2009 14:09:33 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from exbe5.intra.dlr.de ([172.21.106.15]) by smtp2.dlr.de with Microsoft SMTPSVC(6.0.3790.3959); Fri, 31 Jul 2009 15:57:28 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Fri, 31 Jul 2009 15:57:29 +0200 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: TCP RST question Thread-Index: AcoR5tdfKx2OG8CZQemPIwWwtae0WA== From: To: X-OriginalArrivalTime: 31 Jul 2009 13:57:28.0843 (UTC) FILETIME=[D77575B0:01CA11E6] Cc: Subject: TCP RST question X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2009 14:09:34 -0000 Hi all, I'm looking at our TCP stack and found a change that was introduced with the syncache. The original BSD code did send an RST segment when the connection timed out in SYN-RECEIVED. The TCP would retransmit the SYN+ACK several times and then give up and RST the peer. With syncache, however, our TCP doesn't send the RST anymore. It just silently discards local state. So the question is whether TCP is supposed to RST or not. Looking at RFC793 I found nothing useful. It talks about sending RSTs as response to incoming segments and it looks like TCP is never supposed to give up retransmitting. The state diagram has no line from SYN-RECEIVED to CLOSED. Stevens, on the other hand, has this line and it is labeled 'send: RST'. So the questions are: - is TCP supposed to send an RST when it times out in SYN-RECEIVED? - why was this changed (I suppose it is just one of the regressions introduced with the syn-cache). harti NB: does anybody know a good mailing list where this kind of questions can be discussed? From owner-freebsd-net@FreeBSD.ORG Fri Jul 31 16:09:05 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 792CB1065670; Fri, 31 Jul 2009 16:09:05 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4E5E68FC0A; Fri, 31 Jul 2009 16:09:05 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6VG95kx036320; Fri, 31 Jul 2009 16:09:05 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6VG95MU036316; Fri, 31 Jul 2009 16:09:05 GMT (envelope-from linimon) Date: Fri, 31 Jul 2009 16:09:05 GMT Message-Id: <200907311609.n6VG95MU036316@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/137309: [ipsec] sequence number in a SADB_X_SPDGET response is set to zero X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2009 16:09:05 -0000 Synopsis: [ipsec] sequence number in a SADB_X_SPDGET response is set to zero Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Fri Jul 31 16:08:55 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=137309 From owner-freebsd-net@FreeBSD.ORG Fri Jul 31 16:41:38 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 39805106566B for ; Fri, 31 Jul 2009 16:41:38 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outW.internet-mail-service.net (outw.internet-mail-service.net [216.240.47.246]) by mx1.freebsd.org (Postfix) with ESMTP id 21F568FC23 for ; Fri, 31 Jul 2009 16:41:38 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 4E1E7B4EAF; Fri, 31 Jul 2009 09:27:06 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 027DF2D6004; Fri, 31 Jul 2009 09:27:05 -0700 (PDT) Message-ID: <4A731B5F.6060301@elischer.org> Date: Fri, 31 Jul 2009 09:27:11 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Hartmut.Brandt@dlr.de References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: net@freebsd.org Subject: Re: TCP RST question X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2009 16:41:38 -0000 Hartmut.Brandt@dlr.de wrote: > Hi all, > > I'm looking at our TCP stack and found a change that was introduced with > the syncache. The original BSD code did send an RST segment when the > connection timed out in SYN-RECEIVED. The TCP would retransmit the > SYN+ACK several times and then give up and RST the peer. > > With syncache, however, our TCP doesn't send the RST anymore. It just > silently discards local state. > > So the question is whether TCP is supposed to RST or not. Looking at > RFC793 I found nothing useful. It talks about sending RSTs as response > to incoming segments and it looks like TCP is never supposed to give up > retransmitting. The state diagram has no line from SYN-RECEIVED to > CLOSED. Stevens, on the other hand, has this line and it is labeled > 'send: RST'. > > So the questions are: > > - is TCP supposed to send an RST when it times out in SYN-RECEIVED? > - why was this changed (I suppose it is just one of the regressions > introduced with the syn-cache). maybe something to do with avoiding DOS or something? > harti > > NB: does anybody know a good mailing list where this kind of questions > can be discussed? > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Fri Jul 31 21:41:45 2009 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B3333106566B for ; Fri, 31 Jul 2009 21:41:45 +0000 (UTC) (envelope-from Michael.Tuexen@lurchi.franken.de) Received: from mail-n.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) by mx1.freebsd.org (Postfix) with ESMTP id 4E19A8FC12 for ; Fri, 31 Jul 2009 21:41:45 +0000 (UTC) (envelope-from Michael.Tuexen@lurchi.franken.de) Received: from [192.168.1.100] (p508FE6D1.dip.t-dialin.net [80.143.230.209]) by mail-n.franken.de (Postfix) with ESMTP id 950101C0B4607; Fri, 31 Jul 2009 23:41:43 +0200 (CEST) Message-Id: From: =?ISO-8859-1?Q?Michael_T=FCxen?= To: In-Reply-To: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Fri, 31 Jul 2009 23:41:42 +0200 References: X-Mailer: Apple Mail (2.935.3) Cc: net@freebsd.org Subject: Re: TCP RST question X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2009 21:41:45 -0000 On Jul 31, 2009, at 3:57 PM, wrote: > Hi all, > > I'm looking at our TCP stack and found a change that was introduced > with > the syncache. The original BSD code did send an RST segment when the > connection timed out in SYN-RECEIVED. The TCP would retransmit the > SYN+ACK several times and then give up and RST the peer. > > With syncache, however, our TCP doesn't send the RST anymore. It just > silently discards local state. > > So the question is whether TCP is supposed to RST or not. Looking at > RFC793 I found nothing useful. It talks about sending RSTs as response > to incoming segments and it looks like TCP is never supposed to give > up > retransmitting. The state diagram has no line from SYN-RECEIVED to > CLOSED. Stevens, on the other hand, has this line and it is labeled > 'send: RST'. > > So the questions are: > > - is TCP supposed to send an RST when it times out in SYN-RECEIVED? > - why was this changed (I suppose it is just one of the regressions > introduced with the syn-cache). > > harti > > NB: does anybody know a good mailing list where this kind of questions > can be discussed? tsvwg@ietf.org tcpm@ietf.org Best reagrds Michael > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > From owner-freebsd-net@FreeBSD.ORG Fri Jul 31 23:52:15 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7FF90106566B; Fri, 31 Jul 2009 23:52:14 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 55AE98FC0A; Fri, 31 Jul 2009 23:52:14 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n6VNqE9l015823; Fri, 31 Jul 2009 23:52:14 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n6VNqEge015819; Fri, 31 Jul 2009 23:52:14 GMT (envelope-from linimon) Date: Fri, 31 Jul 2009 23:52:14 GMT Message-Id: <200907312352.n6VNqEge015819@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-net@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/137317: [tcp] logs full of syncache problems X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2009 23:52:16 -0000 Old Synopsis: logs full of syncache problems New Synopsis: [tcp] logs full of syncache problems Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Fri Jul 31 23:51:52 UTC 2009 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=137317 From owner-freebsd-net@FreeBSD.ORG Sat Aug 1 01:27:48 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5FD74106564A for ; Sat, 1 Aug 2009 01:27:48 +0000 (UTC) (envelope-from davidch@broadcom.com) Received: from MMS3.broadcom.com (mms3.broadcom.com [216.31.210.19]) by mx1.freebsd.org (Postfix) with ESMTP id 3B5AA8FC0C for ; Sat, 1 Aug 2009 01:27:48 +0000 (UTC) (envelope-from davidch@broadcom.com) Received: from [10.9.200.133] by MMS3.broadcom.com with ESMTP (Broadcom SMTP Relay (Email Firewall v6.3.2)); Fri, 31 Jul 2009 18:25:22 -0700 X-Server-Uuid: B55A25B1-5D7D-41F8-BC53-C57E7AD3C201 Received: from IRVEXCHCCR01.corp.ad.broadcom.com ([10.252.49.30]) by IRVEXCHHUB02.corp.ad.broadcom.com ([10.9.200.133]) with mapi; Fri, 31 Jul 2009 18:26:47 -0700 From: "David Christensen" To: "Steven Hartland" , DutchDaemon , "freebsd-net@FreeBSD.org" Date: Fri, 31 Jul 2009 18:25:20 -0700 Thread-Topic: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. Thread-Index: AcoRUo5CQPkIpUjzRCej3BbFpgYSVQA89uOA Message-ID: <5D267A3F22FD854F8F48B3D2B523819339EC2B524E@IRVEXCHCCR01.corp.ad.broadcom.com> References: <200906011450.n51Eo3Wp095320@freefall.freebsd.org> <5CC0D128FDDD4BFBA815E2D8D388B2DF@multiplay.co.uk> In-Reply-To: <5CC0D128FDDD4BFBA815E2D8D388B2DF@multiplay.co.uk> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US MIME-Version: 1.0 X-WSS-ID: 666D460860061937978-01-01 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Cc: Subject: RE: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Aug 2009 01:27:48 -0000 > Anyone point me in the right direction on how to add the phy=20 > to support these machine? >=20 > Seems like its just a matter of adding the PHY details to=20 > miidevs but how do I find out the specifics of that? Sorry, this is the 5709S and I haven't had an opportunity to implement this PHY yet. Unfortunately it's more than just a change to miidevs since the SerDes is actually an IEEE clause 45 compliant device (instead of the more common Clause 22=20 devices found in 1GbE controllers). The registers are=20 diffrerent so the effort is more substantial. No estimate yet on when I can get to it. =20 Dave From owner-freebsd-net@FreeBSD.ORG Sat Aug 1 02:53:01 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 26E06106564A for ; Sat, 1 Aug 2009 02:53:01 +0000 (UTC) (envelope-from aragon@phat.za.net) Received: from mail.geek.sh (decoder.geek.sh [196.36.198.81]) by mx1.freebsd.org (Postfix) with ESMTP id BBF998FC08 for ; Sat, 1 Aug 2009 02:53:00 +0000 (UTC) (envelope-from aragon@phat.za.net) Received: from igor.geek.sh (unknown [196.209.243.49]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.geek.sh (Postfix) with ESMTPSA id C8FDC39827 for ; Sat, 1 Aug 2009 04:52:58 +0200 (SAST) Message-ID: <4A73AE00.2050702@phat.za.net> Date: Sat, 01 Aug 2009 04:52:48 +0200 From: Aragon Gouveia User-Agent: Thunderbird 2.0.0.21 (X11/20090331) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: anyone know libalias(3) well? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Aug 2009 02:53:01 -0000 Hi, In sys/netinet/libalias/alias_db.c, SetStateIn() and SetStateOut() reference ALIAS_TCP_STATE_CONNECTED and ALIAS_TCP_STATE_DISCONNECTED. Does anyone know where/how these macros are defined? Thanks, Aragon From owner-freebsd-net@FreeBSD.ORG Sat Aug 1 08:51:55 2009 Return-Path: Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D639106564A; Sat, 1 Aug 2009 08:51:55 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id D0FEC8FC14; Sat, 1 Aug 2009 08:51:54 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from freefall.freebsd.org (bz@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n718psx3061533; Sat, 1 Aug 2009 08:51:54 GMT (envelope-from bz@freefall.freebsd.org) Received: (from bz@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n718psbF061529; Sat, 1 Aug 2009 08:51:54 GMT (envelope-from bz) Date: Sat, 1 Aug 2009 08:51:54 GMT Message-Id: <200908010851.n718psbF061529@freefall.freebsd.org> To: bz@FreeBSD.org, freebsd-net@FreeBSD.org, bz@FreeBSD.org From: bz@FreeBSD.org Cc: Subject: Re: kern/137309: [ipsec] sequence number in a SADB_X_SPDGET response is set to zero X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Aug 2009 08:51:55 -0000 Synopsis: [ipsec] sequence number in a SADB_X_SPDGET response is set to zero Responsible-Changed-From-To: freebsd-net->bz Responsible-Changed-By: bz Responsible-Changed-When: Sat Aug 1 08:51:39 UTC 2009 Responsible-Changed-Why: Take this one. http://www.freebsd.org/cgi/query-pr.cgi?pr=137309 From owner-freebsd-net@FreeBSD.ORG Sat Aug 1 09:15:26 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D1321106566B for ; Sat, 1 Aug 2009 09:15:26 +0000 (UTC) (envelope-from marius@nuenneri.ch) Received: from mail-bw0-f206.google.com (mail-bw0-f206.google.com [209.85.218.206]) by mx1.freebsd.org (Postfix) with ESMTP id 68F3E8FC14 for ; Sat, 1 Aug 2009 09:15:26 +0000 (UTC) (envelope-from marius@nuenneri.ch) Received: by bwz2 with SMTP id 2so1501952bwz.43 for ; Sat, 01 Aug 2009 02:15:25 -0700 (PDT) MIME-Version: 1.0 Received: by 10.103.138.19 with SMTP id q19mr2070406mun.56.1249116701277; Sat, 01 Aug 2009 01:51:41 -0700 (PDT) In-Reply-To: <4A73AE00.2050702@phat.za.net> References: <4A73AE00.2050702@phat.za.net> Date: Sat, 1 Aug 2009 10:51:41 +0200 Message-ID: From: =?ISO-8859-1?Q?Marius_N=FCnnerich?= To: Aragon Gouveia Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: anyone know libalias(3) well? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Aug 2009 09:15:27 -0000 On Sat, Aug 1, 2009 at 04:52, Aragon Gouveia wrote: > Hi, > > In sys/netinet/libalias/alias_db.c, SetStateIn() and SetStateOut() reference > ALIAS_TCP_STATE_CONNECTED and ALIAS_TCP_STATE_DISCONNECTED. Does anyone know > where/how these macros are defined? > > > Thanks, > Aragon http://fxr.watson.org/fxr/source/netinet/libalias/alias_local.h?im=bigexcerpts#L367 From owner-freebsd-net@FreeBSD.ORG Sat Aug 1 13:32:20 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 32CA2106564A for ; Sat, 1 Aug 2009 13:32:20 +0000 (UTC) (envelope-from alexpalias-bsdnet@yahoo.com) Received: from web56404.mail.re3.yahoo.com (web56404.mail.re3.yahoo.com [216.252.111.83]) by mx1.freebsd.org (Postfix) with SMTP id DFC918FC1C for ; Sat, 1 Aug 2009 13:32:19 +0000 (UTC) (envelope-from alexpalias-bsdnet@yahoo.com) Received: (qmail 30369 invoked by uid 60001); 1 Aug 2009 13:05:38 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1249131938; bh=f5oyXtGrZo6sYzXnQWVB1ksFlp76Hd+hhqQW7SejQv0=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=aXEumyvgVueCviSLoDPbY8cNmSM2NFTRbomgwgkyDcHJFfpZu5183Qi/bLGrF5kL2nXOnCpzxJzdvtVcVKE006slcQOToire9xwiNPzE4mMGzM1RjiZ9LnhoPgbbpdVjhtodIHluS0AfUDNuvjbvxolk8K9kzsvXlAIRLomNjrw= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=1dvQ5chKW30wE1OH2wo24PRiTdNMLiBdXw4H4NHKyAOkaqrP5BQe0KMQjGOBk9ktP3L3j3jmCYCnJ62sKnAI21F/k2zE2wy94LKeughUiM5VuKthi0yBKR4Dezmxym1lpfYiqKYmtqmsYoYmlt3PdpSn4t7sN0wA3yojkAxqHA0=; Message-ID: <11420.28890.qm@web56404.mail.re3.yahoo.com> X-YMail-OSG: ZBd.LP0VM1kQGzgMZ_FGbzRIfrqlsR6wKO7iq9MwARLdBdbGh5O3WxxHmTZE38Om5slOGlv9J_8sESilCkvKLN073bkBJc34iz_nwyrjST_E0EP.5fTv_bn.aq8wFD5FIjbXkliO3vwvyHS9C.yEGnnlIXV.KC3m762fqua0G3JSRAh2lfq8H4EnDUaaFDKisAKD1_Dnmh8EDfMXf0_6cqgvTgCc8giYQikMjWnQzzazfezsESnYbm2.ZtltgTF1d31h09bq6vAi_usNf_LQCqNcfbEdMVX0UCbNCXzmug-- Received: from [89.136.169.205] by web56404.mail.re3.yahoo.com via HTTP; Sat, 01 Aug 2009 06:05:37 PDT X-Mailer: YahooMailClassic/6.0.19 YahooMailWebService/0.7.338.2 Date: Sat, 1 Aug 2009 06:05:37 -0700 (PDT) From: alexpalias-bsdnet@yahoo.com To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Subject: em driver input errors X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: alexpalias-bsdnet@yahoo.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Aug 2009 13:32:20 -0000 Good day=0A=0AI'm running a FreeBSD 7.2 router and I am seeing a lot of inp= ut errors on one of the em interfaces (em0), coupled with (at approximately= the same times) much fewer errors on em1 and em2.=A0 Monitoring is done wi= th SNMP from another machine, and the CPU load as reported via SNMP is most= ly below 30%, with a couple of spikes up to 35%.=0A=0ASoftware description:= =0A=0A- FreeBSD 7.2-RELEASE-p2, amd64=0A- bsnmpd with modules: hostres and = (from ports) snmp_ucd=0A- quagga 0.99.12 (running only zebra and bgpd)=0A- = netgraph (ng_ether and ng_netflow)=0A=0AHardware description:=0A=0A- Dell m= achine, dual Xeon 3.20 GHz, 4 GB RAM=0A- 2 x built-in gigabit interfaces (e= m0, em1)=0A- 1 x dual-port gigabit interface, PCI-X (em2, em3) [see pciconf= near the end]=0A=0A=0AThe machine receives the global routing table ("nets= tat -nr | wc -l" gives 289115 currently).=0A=0AAll of the em interfaces are= just configured "up", with various vlan interfaces on them.=A0 Note that I= use "kpps" to mean "thousands of packets per second", sorry if that's the = wrong shorthand.=0A=0A- em0 sees a traffic of 10...22 kpps in, and 15...35 = kpps out.=A0 In bits, it's 30...120Mbits/s in, and 100...210Mbits/s out.=A0= Vlans configured are vlan100 and vlan200, and most of the traffic is on vl= an100 (vlan200 sees 4kpps in / 0.5kpps out maximum, with the average at abo= ut one third of this).=A0 em0 is the external interface, and its traffic co= rresponds to the sum of traffic through em1 and em2=0A=0A- em1 has 5 vlans,= and sees about 22kpps in / 11kpps out (maximum)=0A=0A- em2 has a single VL= AN, and sees about 4...13kpps both in and out (almost equal in/out during m= ost of the day)=0A=0A- em3 is a backup interface, with 2 VLANS, and is the = only one which has seen no errors.=0A=0AOnly the vlans on em0 are analyzed = by ng_netflow, and the errors I'm seeing have started appearing days before= netgraph was even loaded in the kernel.=0A=0ATuning done:=0A=0A/boot/loade= r.conf:=0Ahw.em.rxd=3D4096=0Ahw.em.txd=3D4096=0A=0AWitout the above we were= seeing way more errors, now they are reduced, but still come in bursts of = over 1000 errors on em0.=0A=0A/etc/sysctl.conf:=0Anet.inet.ip.fastforwardin= g=3D1=0Adev.em.0.rx_processing_limit=3D300=0Adev.em.1.rx_processing_limit= =3D300=0Adev.em.2.rx_processing_limit=3D300=0Adev.em.3.rx_processing_limit= =3D300=0A=0AStill seeing errros, after some searching the mailing lists we = also added:=0A=0A# the four lines below are repeated for em1, em2, em3=0Ade= v.em.0.rx_int_delay=3D0=0Adev.em.0.rx_abs_int_delay=3D0=0Adev.em.0.tx_int_d= elay=3D0=0Adev.em.0.tx_abs_int_delay=3D0=0A=0AStill getting errors, so I al= so added:=0A=0Anet.inet.ip.intr_queue_maxlen=3D4096=0Anet.route.netisr_maxq= len=3D1024=0A=0Aand=0A=0Akern.ipc.nmbclusters=3D655360=0A=0A=0AAlso tried w= ith rx_processing_limit set to -1 on all em interfaces, still getting error= s.=0A=0ALooking at the shape of the error and packet graphs, there seems to= be a correlation between the number of packets per second on em0 and the h= eight of the error "spikes" on the error graph.=A0 These spikes are spread = throughout the day, with spaces (zones with no errors) of various lengths (= 10 minutes ... 2 hours spaces within the last 24 hours), but sometimes ther= e are errors even in the lowest kpps times of the day.=0A=0Aem0 and em1 err= or times are correlated, with all errors on the graph for em0 having a smal= ler corresponding error spike on em1 at the same time, and sometimes an err= or spike on em2.=0A=0AThe old router was seeing about the same traffic, and= had em0, em1, re0 and re1 network cards, and was only seeing errors on the= em cards.=A0 It was running 7.2-PRERELEASE/i386=0A=0A=0AAny suggestions wo= uld be greatly appreciated.=A0 Please note that this is a live router, and = I can't reboot it (unless absolutely necessary).=A0 Tuning that can be appl= ied without rebooting will be tried first.=0A=0AHere are some more details:= =0A=0ATrimmed output of netstat -ni (sorry if there are line breaks):=0ANam= e=A0 =A0 Mtu Network=A0 =A0 =A0=A0=A0Address=A0 =A0 =A0 =A0 =A0 =A0 =A0 Ipk= ts Ierrs=A0 =A0 Opkts Oerrs=A0 Coll=0Aem0=A0 =A0 1500 =A0 =A0 =A0 0= 0:14:22:xx:xx:xx 19744458839 15494721 24284439443=A0 =A0=A0=A00=A0 =A0=A0= =A00=0Aem1=A0 =A0 1500 =A0 =A0 =A0 00:14:22:xx:xx:xx 12832245469 12= 3181 10105031790=A0 =A0=A0=A00=A0 =A0=A0=A00=0Aem2=A0 =A0 1500 =A0 = =A0 =A0 00:04:23:xx:xx:xx 12082552403 10964 10339416865=A0 =A0=A0=A00=A0 = =A0=A0=A00=0Aem3=A0 =A0 1500 =A0 =A0 =A0 00:04:23:xx:xx:xx 79912337= =A0 =A0=A0=A00 48178737=A0 =A0=A0=A00=A0 =A0=A0=A00=0A=0ARelevant part of p= ciconf -vl:=0A=0Aem0@pci0:6:7:0: class=3D0x020000 card=3D0x016d1028 chip=3D= 0x10768086 rev=3D0x05 hdr=3D0x00=0A=A0 =A0 vendor=A0 =A0=A0=A0=3D 'Intel Co= rporation'=0A=A0 =A0 device=A0 =A0=A0=A0=3D '82541EI Gigabit Ethernet Contr= oller'=0A=A0 =A0 class=A0 =A0 =A0 =3D network=0A=A0 =A0 subclass=A0=A0=A0= =3D ethernet=0Aem1@pci0:7:8:0: class=3D0x020000 card=3D0x016d1028 chip=3D0x= 10768086 rev=3D0x05 hdr=3D0x00=0A=A0 =A0 vendor=A0 =A0=A0=A0=3D 'Intel Corp= oration'=0A=A0 =A0 device=A0 =A0=A0=A0=3D '82541EI Gigabit Ethernet Control= ler'=0A=A0 =A0 class=A0 =A0 =A0 =3D network=0A=A0 =A0 subclass=A0=A0=A0=3D = ethernet=0Aem2@pci0:9:4:0: class=3D0x020000 card=3D0x10128086 chip=3D0x1010= 8086 rev=3D0x01 hdr=3D0x00=0A=A0 =A0 vendor=A0 =A0=A0=A0=3D 'Intel Corporat= ion'=0A=A0 =A0 device=A0 =A0=A0=A0=3D '82546EB Dual Port Gigabit Ethernet C= ontroller (Copper)'=0A=A0 =A0 class=A0 =A0 =A0 =3D network=0A=A0 =A0 subcla= ss=A0=A0=A0=3D ethernet=0Aem3@pci0:9:4:1: class=3D0x020000 card=3D0x1012808= 6 chip=3D0x10108086 rev=3D0x01 hdr=3D0x00=0A=A0 =A0 vendor=A0 =A0=A0=A0=3D = 'Intel Corporation'=0A=A0 =A0 device=A0 =A0=A0=A0=3D '82546EB Dual Port Gig= abit Ethernet Controller (Copper)'=0A=A0 =A0 class=A0 =A0 =A0 =3D network= =0A=A0 =A0 subclass=A0=A0=A0=3D ethernet=0A=0AKernel messages after sysctl = dev.em.0.stats=3D1:=0A(note that I've removed the lines which only showed z= eros in the second and third outputs)=0A=0Aem0: Excessive collisions =3D 0= =0Aem0: Sequence errors =3D 0=0Aem0: Defer count =3D 0=0Aem0: Missed Packet= s =3D 15435312=0Aem0: Receive No Buffers =3D 16446113=0Aem0: Receive Length= Errors =3D 0=0Aem0: Receive errors =3D 1=0Aem0: Crc errors =3D 2=0Aem0: Al= ignment errors =3D 0=0Aem0: Collision/Carrier extension errors =3D 0=0Aem0:= RX overruns =3D 96826=0Aem0: watchdog timeouts =3D 0=0Aem0: RX MSIX IRQ = =3D 0 TX MSIX IRQ =3D 0 LINK MSIX IRQ =3D 0=0Aem0: XON Rcvd =3D 0=0Aem0: XO= N Xmtd =3D 0=0Aem0: XOFF Rcvd =3D 0=0Aem0: XOFF Xmtd =3D 0=0Aem0: Good Pack= ets Rcvd =3D 19002068797=0Aem0: Good Packets Xmtd =3D 23168462599=0Aem0: TS= O Contexts Xmtd =3D 0=0Aem0: TSO Contexts Failed =3D 0=0A=0A[later]=0Aem0: = Excessive collisions =3D 0=0Aem0: Missed Packets =3D 15459111=0Aem0: Receiv= e No Buffers =3D 16447082=0Aem0: Receive errors =3D 1=0Aem0: Crc errors =3D= 2=0Aem0: RX overruns =3D 96835=0Aem0: Good Packets Rcvd =3D 19165047284=0A= em0: Good Packets Xmtd =3D 23386976960=0A=0A[later]=0Aem0: Excessive collis= ions =3D 0=0Aem0: Missed Packets =3D 15470583=0Aem0: Receive No Buffers =3D= 16447686=0Aem0: Receive errors =3D 1=0Aem0: Crc errors =3D 2=0Aem0: RX ove= rruns =3D 96840=0Aem0: Good Packets Rcvd =3D 19255466068=0Aem0: Good Packet= s Xmtd =3D 23519004546=0A=0A=0AThank you for your time.=0A From owner-freebsd-net@FreeBSD.ORG Sat Aug 1 23:14:35 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 28971106566C for ; Sat, 1 Aug 2009 23:14:35 +0000 (UTC) (envelope-from prvs=146455e263=killing@multiplay.co.uk) Received: from mail1.multiplay.co.uk (mail1.multiplay.co.uk [85.236.96.23]) by mx1.freebsd.org (Postfix) with ESMTP id B00C18FC12 for ; Sat, 1 Aug 2009 23:14:34 +0000 (UTC) (envelope-from prvs=146455e263=killing@multiplay.co.uk) DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=multiplay.co.uk; s=Multiplay; t=1249167814; x=1249772614; q=dns/txt; h=Received: Message-ID:From:To:References:Subject:Date:MIME-Version: Content-Type:Content-Transfer-Encoding; bh=3pnPd04UC1MqQlQRYkX83 MjO6U5k+mBjg0ARoJA7tbk=; b=JcqAfyFGEtqg6zdyjh98Y+I6z7pO3Uas+LWZ7 gfc+CbW2cHiatSrPYSblrGsVRXySiTVMRKpCIWoHUha/xRiRcvcFtSfvlMyalekm aIRxjXKwy6Awxn5Bnc3R+EltzkqrB7cx1bKpNlJkoOuinP1ps65A/l9b/d/aJDw1 ORr7lc= X-MDAV-Processed: mail1.multiplay.co.uk, Sun, 02 Aug 2009 00:03:34 +0100 Received: from r2d2 by mail1.multiplay.co.uk (MDaemon PRO v10.0.4) with ESMTP id md50007982117.msg for ; Sun, 02 Aug 2009 00:03:33 +0100 X-Spam-Processed: mail1.multiplay.co.uk, Sun, 02 Aug 2009 00:03:33 +0100 (not processed: message from trusted or authenticated source) X-Authenticated-Sender: Killing@multiplay.co.uk X-MDRemoteIP: 213.123.247.160 X-Return-Path: prvs=146455e263=killing@multiplay.co.uk X-Envelope-From: killing@multiplay.co.uk X-MDaemon-Deliver-To: freebsd-net@FreeBSD.org Message-ID: From: "Steven Hartland" To: "David Christensen" , "DutchDaemon" , References: <200906011450.n51Eo3Wp095320@freefall.freebsd.org><5CC0D128FDDD4BFBA815E2D8D388B2DF@multiplay.co.uk> <5D267A3F22FD854F8F48B3D2B523819339EC2B524E@IRVEXCHCCR01.corp.ad.broadcom.com> Date: Sun, 2 Aug 2009 00:03:35 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 Cc: Subject: Re: kern/134658: [bce] bce driver fails on PowerEdge m610 blade. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Aug 2009 23:14:35 -0000 Thanks for the update David, if there is anything we can do to help let us know. Regards Steve ----- Original Message ----- From: "David Christensen" > Anyone point me in the right direction on how to add the phy > to support these machine? > > Seems like its just a matter of adding the PHY details to > miidevs but how do I find out the specifics of that? Sorry, this is the 5709S and I haven't had an opportunity to implement this PHY yet. Unfortunately it's more than just a change to miidevs since the SerDes is actually an IEEE clause 45 compliant device (instead of the more common Clause 22 devices found in 1GbE controllers). The registers are diffrerent so the effort is more substantial. No estimate yet on when I can get to it. Dave _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" ================================================ This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmaster@multiplay.co.uk.