From owner-freebsd-net@freebsd.org Sun Aug 18 07:07:20 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 867C0BE10B for ; Sun, 18 Aug 2019 07:07:20 +0000 (UTC) (envelope-from meka@tilda.center) Received: from mail.tilda.center (srv02.tilda.center [199.247.21.11]) by mx1.freebsd.org (Postfix) with ESMTP id 46B7RB5ngbz4CVk; Sun, 18 Aug 2019 07:07:18 +0000 (UTC) (envelope-from meka@tilda.center) Received: from hal9000.home.meka.rs (109-92-168-5.dynamic.isp.telekom.rs [109.92.168.5]) by mail.tilda.center (Postfix) with ESMTPSA id 9B5FC113D6; Sun, 18 Aug 2019 09:07:10 +0200 (CEST) Date: Sun, 18 Aug 2019 09:07:10 +0200 From: Goran =?utf-8?B?TWVracSH?= To: Kristof Provost Cc: Andrew White , freebsd-net@freebsd.org Subject: Re: pf (rules and nat) + (ipfw + dummynet) Message-ID: <20190818070710.2ebdsehw2v4wvv4r@hal9000.home.meka.rs> References: <20190817215151.GA8888@vega.codepro.be> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="psfp5maudgclr5zu" Content-Disposition: inline In-Reply-To: <20190817215151.GA8888@vega.codepro.be> User-Agent: NeoMutt/20180716 X-Rspamd-Queue-Id: 46B7RB5ngbz4CVk X-Spamd-Bar: -------- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of meka@tilda.center designates 199.247.21.11 as permitted sender) smtp.mailfrom=meka@tilda.center X-Spamd-Result: default: False [-8.21 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; DMARC_NA(0.00)[tilda.center]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.97)[-0.969,0]; SIGNED_PGP(-2.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:20473, ipnet:199.247.16.0/21, country:US]; FREEMAIL_CC(0.00)[gmail.com]; IP_SCORE(-2.94)[ip: (-9.66), ipnet: 199.247.16.0/21(-4.77), asn: 20473(-0.24), country: US(-0.05)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 07:07:20 -0000 --psfp5maudgclr5zu Content-Type: text/plain; charset=utf-8 Content-Disposition: inline On Sat, Aug 17, 2019 at 11:51:51PM +0200, Kristof Provost wrote: > This work was started by a prospective gsoc student, but they were not > selected, and I have not seen any big patches come out of it. The student is a junior I teach and we're still working on the patch, but still no success. PFSense is about to release 2.5 which is based on FreeBSD 12.0 so we are trying to reimport the patch to make it work on 12-RELEASE (the last patch we tried to import was for 11.0). So, there is some effort, but it's very slow. Regards, meka --psfp5maudgclr5zu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAl1Y+RoACgkQWj1Tknov rLYZxw//ZAWcMvVKZUCqaYociwdeFfIMTXWQIMlY0fxs5iNL9t/wk9ydt2scYwJG f15Ki/JPgrKC+07k5rQj19kExJk9m7jwM3kuF/NR1X6tB8PSpBa56hreLgjP5efI ss36dKBMFvuRO/URzACs2lou1iP8WCHcEIhUxcODocOU9mivBvuZzMNtB0LkOZ57 QnyvIa4SwC5TOV4FMtxSJxnour014O2K3tNXjzUvZqbbqSMFfG4BO+tKSNCBwBpO ztAV4dzXRxrg5iDsX7/hpGyE6pDGyPm85wvROiaslL8umzseUgaJ5nwAooLxstSt Qv/JlNeVkyQg6lZZE9dbyYJK+70Np5q0tG1tXDqNI4mUou7UT4hWSujASLOeYmtm YjQO2gBOPpKrc4y97DTF31zlhhRNYS0LcYo/hwZGuQym0P0w3J47th0j8O7EP6mM wSLxfoj6ivrttRqIRVRf0LSKYf0hYaV+i8+Neivpfdz3cq4u17D2fS+TKOPd94uz kCJTeqn9Cfhj/uhAuIBc3E0LlLdXGPnQwjZCJ3cpJ1++0s/aY2hvolPzm+LuvXyE njSm3hEj0wWS5yfD1xyInt+FWh0X3pVN7baxag1UqqkVzqv0JwByMnGwWzVJGpa+ 7fm4Th1Pfnv9YqkEwsxtdfLxdbTXtyZRqGOFph/0ODDAerwO5LU= =NC14 -----END PGP SIGNATURE----- --psfp5maudgclr5zu-- From owner-freebsd-net@freebsd.org Sun Aug 18 09:33:54 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 544E2C2276 for ; Sun, 18 Aug 2019 09:33:54 +0000 (UTC) (envelope-from meka@tilda.center) Received: from mail.tilda.center (srv02.tilda.center [199.247.21.11]) by mx1.freebsd.org (Postfix) with ESMTP id 46BBhJ14ztz4LNT; Sun, 18 Aug 2019 09:33:51 +0000 (UTC) (envelope-from meka@tilda.center) Received: from hal9000.home.meka.rs (109-92-168-5.dynamic.isp.telekom.rs [109.92.168.5]) by mail.tilda.center (Postfix) with ESMTPSA id 4BE7B11509; Sun, 18 Aug 2019 11:33:47 +0200 (CEST) Date: Sun, 18 Aug 2019 11:33:46 +0200 From: Goran =?utf-8?B?TWVracSH?= To: Kristof Provost Cc: Andrew White , freebsd-net@freebsd.org Subject: Re: pf (rules and nat) + (ipfw + dummynet) Message-ID: <20190818093346.jjxdjkd5twzfg56c@hal9000.home.meka.rs> References: <20190817215151.GA8888@vega.codepro.be> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="so4xkoxivalzwhgs" Content-Disposition: inline In-Reply-To: <20190817215151.GA8888@vega.codepro.be> User-Agent: NeoMutt/20180716 X-Rspamd-Queue-Id: 46BBhJ14ztz4LNT X-Spamd-Bar: -------- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of meka@tilda.center designates 199.247.21.11 as permitted sender) smtp.mailfrom=meka@tilda.center X-Spamd-Result: default: False [-8.22 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; DMARC_NA(0.00)[tilda.center]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.97)[-0.967,0]; SIGNED_PGP(-2.00)[]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[5.168.92.109.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:20473, ipnet:199.247.16.0/21, country:US]; FREEMAIL_CC(0.00)[gmail.com]; IP_SCORE(-2.95)[ip: (-9.67), ipnet: 199.247.16.0/21(-4.78), asn: 20473(-0.26), country: US(-0.05)]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 09:33:54 -0000 --so4xkoxivalzwhgs Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Hello, If I knew we almost made it compile and boot (with dummynet, pf and pflog loaded), I would postpone the previous email. :o) The code I'm working on is https://github.com/mekanix/freebsd/tree/feature/pf+dummynet/12.0. It is nothing more than releng/12.0 branch into which I copied parts of PFSense code until it started working. I still don't know how to test it, as I'm not sure what's the PFSense's syntax for pf.conf. I know you can use "ipfw pipe list" to show the pipes without ipfw module loaded. Once loaded, ipfw lets you manage dummynet. What I do for now is load ipfw, set the pipes, unload ipfw. If anyone knows how to configure pf.conf so that it passes everything it receives to dummynet, I'm all ears. I will "fork" /sbin/ipfw and create /sbin/dnctl so we don't have to depend on IPFW at all, but I would like it to start working like this, first. My concerns about this patch is that it changes IPFW, too. I don't know if the following link is visible if you're not logged into github, but it shows the difference between releng/12.0 and this branch: https://github.com/freebsd/freebsd/compare/releng/12.0...mekanix:feature/pf+dummynet/12.0?expand=1 Anyway, my priority is to make it work somehow, then clean it up, port to -CURRENT and only then write dnctl. As always, all help is more than welcome as this is my first kernel development task ever. Regards, meka --so4xkoxivalzwhgs Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAl1ZG3cACgkQWj1Tknov rLbKwg//X/TrVim8rNYRIJEM9x/+YZzXiUq1g/dGff21+QuE5WWAlvO92mx2GosY 49wl7NTWc1RFkDrATpg6lhyvxxjGtGNPhAtgfiQ5M18O5WaXOGt8nEnMQgPctkpK 7Agrx0c8R9QMqD3Ts6HNVZC9Sb87m9S2RH7KGydm8fuONaoRjrCpYHZ7WHC8Qkkg hED3v3QsTkp+4gPFkYr1dOo2fZOD2ZmJ5jeUnTzeB7A6lIdmpccnNQ8PH8NIWEu6 kEyxyTrIvKj9jcwTBJRqoug6ZBdcgKUCwhjX3LFJZH/LQsdBK75c9pnC7BBucfrC 69bdZ+Dd0c2VR0zDwMIMbkda6DA7NnpJHmjLDzoBLdT5uy/RGTKSUSFDn+y39Ue8 /wP2FTMIzTFAxpxR6p/OjjD+5mkzOeFoR0sNu6qf4DIr3SYePXHjj72XFBeeg89Y VuTkZFVpQY/OawVWAVEnHmhpF/6IFUnqgqmo4qtmF66sBkrH7AMVwXjSTcFeOEbK j4Rh/guJNKAvqeBN2mZ+V5r33pKkW+2iwNIv9uMqdp+m8S+K0g/E4BaiEiQMxOx0 rTgD7vKVDPP1jO2Qy9Bk06BYLUGuATFkA80O0bpwV6b8BKhidhbufmA8Ld7A7zYB 2vTvtm+NserSjMBBof31s/cS5UVvEamrVZiCJWx+xtQupw6rBns= =D5AB -----END PGP SIGNATURE----- --so4xkoxivalzwhgs-- From owner-freebsd-net@freebsd.org Sun Aug 18 09:39:05 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 98F97C2395 for ; Sun, 18 Aug 2019 09:39:05 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:13b:39f::9f:25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.sbone.de", Issuer "SBone.DE" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 46BBpJ57JCz4LVS; Sun, 18 Aug 2019 09:39:04 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 163CA8D4A210; Sun, 18 Aug 2019 09:30:35 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 66D42E7080B; Sun, 18 Aug 2019 09:30:34 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id myzs0exCioLd; Sun, 18 Aug 2019 09:30:33 +0000 (UTC) Received: from [127.0.0.1] (unknown [IPv6:fde9:577b:c1a9:31:c507:c14c:1cb8:54de]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id F3302E707E9; Sun, 18 Aug 2019 09:30:31 +0000 (UTC) From: "Bjoern A. Zeeb" To: "John-Mark Gurney" Cc: freebsd-net@FreeBSD.org, freebsd-docs@FreeBSD.org Subject: Re: addrs capability of rtadvd? Date: Sun, 18 Aug 2019 09:30:31 +0000 X-Mailer: MailMate (2.0BETAr6137) Message-ID: <7A7874FA-E663-4EC9-B349-C46D32982BD1@lists.zabbadoz.net> In-Reply-To: <20190817060321.GH2342@funkthat.com> References: <20190817060321.GH2342@funkthat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 46BBpJ57JCz4LVS X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of bzeeb-lists@lists.zabbadoz.net designates 2a01:4f8:13b:39f::9f:25 as permitted sender) smtp.mailfrom=bzeeb-lists@lists.zabbadoz.net X-Spamd-Result: default: False [-4.66 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a01:4f8:13b:39f::9f:25]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; DMARC_NA(0.00)[zabbadoz.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.96)[-0.962,0]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(-2.39)[ip: (-8.18), ipnet: 2a01:4f8::/29(-1.95), asn: 24940(-1.84), country: DE(-0.01)] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 09:39:05 -0000 On 17 Aug 2019, at 6:03, John-Mark Gurney wrote: > I am setting up ipv6, and going through the guide at: > https://www.freebsd.org/doc/handbook/network-ipv6.html#idp71931000 > > And noticed the addrs#1 property in the example. I checked the > rtadvd.conf man page, and I do not see an entry for addrs. Should > this be removed? I also did a quick check of the rtadvd source code, > and I don't see a makeentry for addrs either. > > If no one objects, I'll remove it. Or replace it with a working example? Would something like this work to even show multiple prefixes (beyond the handbook example)? :addr=“2001:db8:4242:6666::”:prefixlen#64:\ :addr2="2001:db8:4242:1::”:prefixlen2#64: And yes, removing the “:addrs#1” from the handbook should be fine. /bz From owner-freebsd-net@freebsd.org Sun Aug 18 12:15:31 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B823DC5F24 for ; Sun, 18 Aug 2019 12:15:31 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46BGGq4Rp5z4TWQ; Sun, 18 Aug 2019 12:15:31 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: by mail-io1-xd31.google.com with SMTP id s21so15140923ioa.1; Sun, 18 Aug 2019 05:15:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UaAN1Z4Jo8lt4rfVmsVE32yQWbHGLpQGgYf9XbnCaiA=; b=ks14MimoSGOV2tL343FqhIUqodHQFEoOjGxhct0LHcQ1kkYPpRRK8yJCHQI+Iq49Fk kQZAzN5i52qGFjZ5022FXXGYAkw4d6suhLl8z2Vp1YndMBszcxRlekv7vPz6CG9jiYyx Mh4VH0mU408XELl1xX81dEkr7MvykLGKIq6j7hyJF2DSuUApoRBovF23BnYQDX42o8nX P9Zn2yLsJFIAvYiFVw9YvtuueK0eaYiFatvBUiiPvafJCRnuE8wH5iakyC0SSD4eY92w ARiYxIyTqBb/Z3rqVbsXB6tiEdP/ZzKJR6Eu1K/4GXYB8a6HrSCjIXxqoXoKimItUnWe qK3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UaAN1Z4Jo8lt4rfVmsVE32yQWbHGLpQGgYf9XbnCaiA=; b=cjrtZ4jZT62ZSKxkIFb/ztR67RVJe1H1hQ806hll4ob84PFlIFQYctE55vLs94hEoQ 1TrkCBGKXepPcvYdJnyZw8yhOVIRRwNnDSBvTW1a1PbOHpUMwTPhzU0TFL/xDMn4rBwg qxG619t5f63IffUbFv06BVmb0fFbh/c4Q9KbNDMufEciZHn92fXqaSynqohsT0XDqRdP l8mu5vTJ0E078puk+XCxeiPVzGqAUcioxyzhjy91drS+h2vnizRVufFchBszFDiRxmTY kUIujZposeCpDbJ3RvUUASH/u/8CyYWSpg0M3lNJZmG2zAgvOrk55chhOqOGiGgCr7aR AWAg== X-Gm-Message-State: APjAAAVJI/FigH6oQNhmQUIO7NVfkROHlsBrxKzJjwRn0ICEmFx1qxc3 hCmL/6NPhffrCIMOIZ7TDY85fXYI132DCoylsv7KLXsSzoo= X-Google-Smtp-Source: APXvYqwRheb0a4nDdm23XZ9Gu1D+7TDv38n78R13C+KsboR3j/r8Zmxi6PEGfMEnJbzUyctxwiVJ4vM1A/kj+BoV/Xs= X-Received: by 2002:a02:a518:: with SMTP id e24mr12989676jam.44.1566130529930; Sun, 18 Aug 2019 05:15:29 -0700 (PDT) MIME-Version: 1.0 References: <20190817215151.GA8888@vega.codepro.be> In-Reply-To: <20190817215151.GA8888@vega.codepro.be> From: Andrew White Date: Sun, 18 Aug 2019 13:15:17 +0100 Message-ID: Subject: Re: pf (rules and nat) + (ipfw + dummynet) To: Kristof Provost Cc: freebsd-net@freebsd.org X-Rspamd-Queue-Id: 46BGGq4Rp5z4TWQ X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-6.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.99)[-0.989,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 12:15:31 -0000 On Sat, Aug 17, 2019 at 10:51 PM Kristof Provost wrote: > On 2019-08-17 22:25:44 (+0100), Andrew White wrote: > > Using 11.3 , I've been trying to configure pf with dummynet. Having ipfw > > reply traffic sent into a dummynet pipe causes pf to reject the traffic. > > > > Searching around and looking at ip_input.c it looks like dummynet > reinjects > > the packet back into input and this is what causes the problem , I'm > > guessing the checksum changes. > > > I would expect both firewalls to leave the packets with correct > checksums, but I have to add the disclaimer that I do not consider > mixing firewalls to be a supported use case. I can think of several > things (IPv6 fragment handling, route-to at least) where combining pf > with another firewall is very likely to break. > > I agree, mixing firewalls carrys risks, but afaik the only current way to use pf with dummynet in freebsd is to mix with ipfw. my use case is simple and would only cover basic permits to route into dummynet, so I would hope some of the edgecases around frags etc wouldn't apply. A sample patch (that doesn't appear to work for me) is https://github.com/opnsense/src/commit/7514cc670601b566f30e0386ef8885660a27aa5a#diff-f038606be7fc68e05878b9cdbb32e21f I'll debug a bit more and find/write/modify a patch to see if I can address it. > I agree, mixing firewalls carrys risks, but afaik the only current way to > use pf with dummynet is to mix with ipfw > > Regards, > Kristof > From owner-freebsd-net@freebsd.org Sun Aug 18 12:24:37 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 251ACC62D6 for ; Sun, 18 Aug 2019 12:24:37 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: from mail-io1-xd43.google.com (mail-io1-xd43.google.com [IPv6:2607:f8b0:4864:20::d43]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46BGTJ4Wvfz4V0K; Sun, 18 Aug 2019 12:24:36 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: by mail-io1-xd43.google.com with SMTP id 18so15162516ioe.10; Sun, 18 Aug 2019 05:24:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BMH6gLLlAq4S70chkY4COooXH+BCKcG9v4Fb3VPKyh0=; b=MyXL3CbezM8Cq1KyGp2uBELP7JAewx2qCE6fqkWS/yjGjda5MbLSOhMcetkbEOg35M FeI1QX0CPCIrl9f/wvVivVFkNC+k18KikdUYp2TsJxOoXDV3R1zfqnrBNfiu5V081EC3 38C4CzqxJ7JIiDhPRZ24BGhR3FCODxPseBIPKJNj3sUzOf+PjpJy/d03DAWnAfCydzDs G5SAjdirmjGI92Lg9WAjRdD9nDufviNIk5loSZdyyKaB3fupJ36uZaSRS/ODuzP0ibVv +JjAWyptjtdacSO7k9HK1HmTpMojkUvfHC94egNgOsfhjuqpaN+5K+PuFuuVRKvlAfUv rvUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BMH6gLLlAq4S70chkY4COooXH+BCKcG9v4Fb3VPKyh0=; b=pu0On38muisra+UoqRdcWkEoEEQ1TKexRqaSdyCVcEiXv/YkgkoNBT84OQqBMyw5Wk J4IBzP1puaw4l6Gar4L8JDrZ4c5edgZ1T0FBib8Ie083B+4b3mxLYaAEEiAI7tys7vxF 6ddnHqIfALE7/nMulXI92qufw7DbAcUCdh8/BvwUF6E0yV4L6jGkXkKV2u0IBfd6l5NA 3aVJhNubfZcaAnCAQcoPUjNQuv6eKeAGuLFjtjNCwNK+3fFCD4pmezMK8pkH7KgNE7MN K7i5KSqcUK0aMoPR0whSS224Vc37R1Fz945mHwB587doFEClBonuOCcQkdkiu2UuwbPe Je/g== X-Gm-Message-State: APjAAAU3Wub1mkumda56rh23RKkELHhwvoEaqo+uSsBZSl3pI0Ziq5lu iIXKg1+rF5FIC3GjYma2Mpjzc6440bz4ukDsIqTByjH9 X-Google-Smtp-Source: APXvYqzrbd9HJlrS4jT+oUkOvtfSkS+HRvYq62RBTwM5g9+hKVQeB2WqdoXsHfbNGIUphVC6+MtyKXE7LpJwABKIh9Q= X-Received: by 2002:a6b:730f:: with SMTP id e15mr5997083ioh.74.1566131075826; Sun, 18 Aug 2019 05:24:35 -0700 (PDT) MIME-Version: 1.0 References: <20190817215151.GA8888@vega.codepro.be> <20190818093346.jjxdjkd5twzfg56c@hal9000.home.meka.rs> In-Reply-To: <20190818093346.jjxdjkd5twzfg56c@hal9000.home.meka.rs> From: Andrew White Date: Sun, 18 Aug 2019 13:24:23 +0100 Message-ID: Subject: Re: pf (rules and nat) + (ipfw + dummynet) To: =?UTF-8?B?R29yYW4gTWVracSH?= Cc: Kristof Provost , freebsd-net@freebsd.org X-Rspamd-Queue-Id: 46BGTJ4Wvfz4V0K X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=MyXL3Cbe; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of andywhite@gmail.com designates 2607:f8b0:4864:20::d43 as permitted sender) smtp.mailfrom=andywhite@gmail.com X-Spamd-Result: default: False [-3.99 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; IP_SCORE(0.00)[ip: (2.08), ipnet: 2607:f8b0::/32(-2.95), asn: 15169(-2.38), country: US(-0.05)]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_DN_SOME(0.00)[]; IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[3.4.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_SHORT(-0.99)[-0.986,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 12:24:37 -0000 Best of luck with this endeavor ! A very quick scan of that patch seems to include a lot more changes to ipfw than I would expect, perhaps other bug fixes or feature changes that are unrelated ? It also reads like it defines new pf rule actions, so I imagine you configure pf by setting the rule action to be dnpipe or something similar. mac OS seems to use an anchor type called dummynet-anchor fwiw. If this works in pfsense, perhaps the developers there would assist getting their patches into freebsd so they don't have to maintain them outside of freebsd source. Andrew On Sun, Aug 18, 2019 at 10:33 AM Goran Meki=C4=87 wrote= : > Hello, > > If I knew we almost made it compile and boot (with dummynet, pf and pflog > loaded), > I would postpone the previous email. :o) > > The code I'm working on is > https://github.com/mekanix/freebsd/tree/feature/pf+dummynet/12.0. > It is nothing more than releng/12.0 branch into which I copied parts of > PFSense > code until it started working. I still don't know how to test it, as I'm > not > sure what's the PFSense's syntax for pf.conf. I know you can use "ipfw > pipe list" to show the pipes without ipfw module loaded. Once loaded, > ipfw lets you manage dummynet. What I do for now is load ipfw, set the > pipes, unload ipfw. > > If anyone knows how to configure pf.conf so that it passes everything > it receives to dummynet, I'm all ears. I will "fork" /sbin/ipfw and > create /sbin/dnctl so we don't have to depend on IPFW at all, but I > would like it to start working like this, first. > > My concerns about this patch is that it changes IPFW, too. I don't know > if the following link is visible if you're not logged into github, but > it shows the difference between releng/12.0 and this branch: > > https://github.com/freebsd/freebsd/compare/releng/12.0...mekanix:feature/= pf+dummynet/12.0?expand=3D1 > > Anyway, my priority is to make it work somehow, then clean it up, port > to -CURRENT and only then write dnctl. > > As always, all help is more than welcome as this is my first kernel > development task ever. > > Regards, > meka > From owner-freebsd-net@freebsd.org Sun Aug 18 12:31:09 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8F112C6429 for ; Sun, 18 Aug 2019 12:31:09 +0000 (UTC) (envelope-from meka@tilda.center) Received: from mail.tilda.center (srv02.tilda.center [199.247.21.11]) by mx1.freebsd.org (Postfix) with ESMTP id 46BGcr3CfSz4VC9; Sun, 18 Aug 2019 12:31:07 +0000 (UTC) (envelope-from meka@tilda.center) Received: from hal9000.home.meka.rs (109-92-168-5.dynamic.isp.telekom.rs [109.92.168.5]) by mail.tilda.center (Postfix) with ESMTPSA id 70D081162E; Sun, 18 Aug 2019 14:31:06 +0200 (CEST) Date: Sun, 18 Aug 2019 14:31:05 +0200 From: Goran =?utf-8?B?TWVracSH?= To: Andrew White Cc: Kristof Provost , freebsd-net@freebsd.org Subject: Re: pf (rules and nat) + (ipfw + dummynet) Message-ID: <20190818123105.7i3drolb5jq6ggxt@hal9000.home.meka.rs> References: <20190817215151.GA8888@vega.codepro.be> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="p7esvjpxz3g42tnc" Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20180716 X-Rspamd-Queue-Id: 46BGcr3CfSz4VC9 X-Spamd-Bar: -------- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of meka@tilda.center designates 199.247.21.11 as permitted sender) smtp.mailfrom=meka@tilda.center X-Spamd-Result: default: False [-8.23 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; DMARC_NA(0.00)[tilda.center]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.97)[-0.966,0]; SIGNED_PGP(-2.00)[]; FREEMAIL_TO(0.00)[gmail.com]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:20473, ipnet:199.247.16.0/21, country:US]; RCVD_COUNT_TWO(0.00)[2]; IP_SCORE(-2.96)[ip: (-9.68), ipnet: 199.247.16.0/21(-4.79), asn: 20473(-0.27), country: US(-0.05)] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 12:31:09 -0000 --p7esvjpxz3g42tnc Content-Type: text/plain; charset=utf-8 Content-Disposition: inline On Sun, Aug 18, 2019 at 01:15:17PM +0100, Andrew White wrote: > https://github.com/opnsense/src/commit/7514cc670601b566f30e0386ef8885660a27aa5a#diff-f038606be7fc68e05878b9cdbb32e21f I already talked to this commiter, and this is also PfSense patch, but for 11.0-RELEASE. That's the second thing we tried (first was understanding what Apple did). As for PfSense guys, I can not be any louder: https://twitter.com/meka_floss/status/1163035309224992768. If anyone knows how to reach PfSense people willing to help upstream their patch, I'm really glad to hear about them. --p7esvjpxz3g42tnc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAl1ZRQUACgkQWj1Tknov rLZV4w//dvDv8896NqjbaKJWH20woyMwSlDvqqJmSgI8iOBp43VT32ST6/ZCACI1 iUnFUT0aS0RBV4b/43ItBqt/DSm7lgc5BGocr7f6x7491QYTY2Mk52STq41cc9Fm yJ81AhJY/G2xvUkbMCjTOEovXhF2PuMxRMU4gZyN0R8xpmWnx8IV1bwlW1t6VHMA jZyr97SQWj8/uAFCwAhBbHN8s4tjYbpaIjMIKAqvP0WwnKvP+9+GwENuazigJYnC XsI7G4R+fencIHQNI6guaQ+qbBXHzUU4VjE5xc2FJLaV2/D5WexfQCDoQLh2Cv3v UK72qCZX5M/tD/oZNLx73K1QFFJh+ZIREfKAZ6+H2eo48gr+9d8uwBbUn70ks1ie rfzyE3nciXM7mmo9TlzH0MUZKpaIK3wMqNFtJRmEt685Au1Pz9i95jC+bKeXcyMJ 3nHL1D4jImD1zGe62JWFdlZIuQzFCnYy1eGJ1+ZpXlDZ/gmXTPd+q1jJ8xTcnc+S S6g7gKjiBYuHT4hfMhIDRVtRT0zlq1xrPIyZ73yP8CKPrFaDbDb+SBDaReeg3O+a SLzcZ4/ZoxpnXSlw0eepNVJ6eeEoO7p8rsmvWVlU5JeEUboiuAxJo7IXuNu8tq1s uUwku3hlVNK7Z7dhv9UTlSevbx1tjtRaLPNccnAUP51MV720M7c= =JBWQ -----END PGP SIGNATURE----- --p7esvjpxz3g42tnc-- From owner-freebsd-net@freebsd.org Sun Aug 18 19:42:14 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 19302CF768 for ; Sun, 18 Aug 2019 19:42:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46BSBF6zhvz3PCD for ; Sun, 18 Aug 2019 19:42:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id EFB23CF767; Sun, 18 Aug 2019 19:42:13 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EF774CF766 for ; Sun, 18 Aug 2019 19:42:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46BSBF65FJz3PCC for ; Sun, 18 Aug 2019 19:42:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B3E02708B for ; Sun, 18 Aug 2019 19:42:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7IJgDg5032248 for ; Sun, 18 Aug 2019 19:42:13 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7IJgDqA032247 for net@FreeBSD.org; Sun, 18 Aug 2019 19:42:13 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 209471] Listen queue overflow due to too many sockets stuck in CLOSED state Date: Sun, 18 Aug 2019 19:42:11 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.3-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: y2wjegieo8c2@opayq.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 19:42:14 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D209471 y2wjegieo8c2@opayq.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |y2wjegieo8c2@opayq.com --- Comment #22 from y2wjegieo8c2@opayq.com --- I am facing the same issue with Freebsd 11.2 (freenas machine). In the log I have this: Aug 18 18:50:19 freenas ctld[2680]: 192.168.0.122: exiting due to timeout Aug 18 18:50:19 freenas ctld[2683]: 192.168.0.122: exiting due to timeout Aug 18 18:50:19 freenas ctld[2679]: 192.168.0.122: exiting due to timeout Aug 18 18:50:19 freenas ctld[2681]: 192.168.0.122: exiting due to timeout Aug 18 18:50:19 freenas ctld[2682]: 192.168.0.122: exiting due to timeout sonewconn: pcb 0xfffff80045e88ae0: Listen queue overflow: 193 already in qu= eue awaiting acceptance (1 occurrences) sonewconn: pcb 0xfffff80045e88ae0: Listen queue overflow: 193 already in qu= eue awaiting acceptance (322 occurrences) sonewconn: pcb 0xfffff80045e88ae0: Listen queue overflow: 193 already in qu= eue awaiting acceptance (340 occurrences) sonewconn: pcb 0xfffff80045e88ae0: Listen queue overflow: 193 already in qu= eue awaiting acceptance (340 occurrences) netstat -Lan reported the issue about the port 3260 (iscsi) It seems to happened while I try to rename a ZVOL (zfs rename ...) I tried to stop the iscsi service from the GUIwith no luck: /etc/rc.d/ctld stop did not produce any effect (process was stuck) I tried to kill the process manually: (2281 is for /usr/sbin/ctld)=20 kill -9 2481 kill -HUP 2481 kill -KILL 2481 kill -19 2481 but no luck. For a strange reason: /etc/rc.d/ctld stop returned: ctld not running? (check /var/run/ctld.pid). (the service was definitely running) ps aux | awk '$8=3D=3D"Z" {print $2}' returns nothing At the end, I rebooted the VM (I had to force the poweroff as I was getting extra message on the console about sonewconn after the sync message) Hope it helps --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sun Aug 18 21:00:37 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D9085D0F15 for ; Sun, 18 Aug 2019 21:00:37 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46BTwj5JDrz3xph for ; Sun, 18 Aug 2019 21:00:37 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.nyi.freebsd.org (Postfix) id B5E9ED0F14; Sun, 18 Aug 2019 21:00:37 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B5B22D0F13 for ; Sun, 18 Aug 2019 21:00:37 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46BTwj4Ks6z3xpW for ; Sun, 18 Aug 2019 21:00:37 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 763E17DC7 for ; Sun, 18 Aug 2019 21:00:37 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7IL0bKL031423 for ; Sun, 18 Aug 2019 21:00:37 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7IL0bg8031414 for net@FreeBSD.org; Sun, 18 Aug 2019 21:00:37 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201908182100.x7IL0bg8031414@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: net@FreeBSD.org Subject: Problem reports for net@FreeBSD.org that need special attention Date: Sun, 18 Aug 2019 21:00:37 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Aug 2019 21:00:37 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- In Progress | 221146 | [ixgbe] Problem with second laggport In Progress | 235700 | oce(4) driver causes fatal trap 12 on boot with e New | 204438 | setsockopt() handling of kern.ipc.maxsockbuf limi New | 205592 | TCP processing in IPSec causes kernel panic New | 213410 | [carp] service netif restart causes hang only whe Open | 193452 | Dell PowerEdge 210 II -- Kernel panic bce (broadc Open | 194485 | Userland cannot add IPv6 prefix routes Open | 200319 | Bridge+CARP crashes/freezes Open | 202510 | [CARP] advertisements sourced from CARP IP cause Open | 222273 | igb(4): Kernel panic (fatal trap 12) due to netwo Open | 225438 | panic in6_unlink_ifa() due to race Open | 227720 | Kernel panic in ppp server Open | 233952 | jme NICs non functional after 11.2 to 12.0 upgrad Open | 236888 | ppp daemon: Allow MTU to be overridden for PPPoE Open | 236983 | bnxt(4) VLAN not operational unless explicit "ifc Open | 237072 | netgraph(4): performance issue [on HardenedBSD]? Open | 237391 | route get returns no result for network addresses Open | 237840 | Removed dummynet dependency on ipfw 18 problems total for which you should take action. From owner-freebsd-net@freebsd.org Mon Aug 19 09:53:08 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8DD52AFD40 for ; Mon, 19 Aug 2019 09:53:08 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from forward103p.mail.yandex.net (forward103p.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46Bq430CFCz4Zfg for ; Mon, 19 Aug 2019 09:53:06 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mxback6g.mail.yandex.net (mxback6g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:167]) by forward103p.mail.yandex.net (Yandex) with ESMTP id B37DB18C0BA8; Mon, 19 Aug 2019 12:53:01 +0300 (MSK) Received: from smtp3p.mail.yandex.net (smtp3p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:8]) by mxback6g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id JUmyHVYBAT-r17e676H; Mon, 19 Aug 2019 12:53:01 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1566208381; bh=2h6tL2ZnDQVVeq6i9i1V6psBGKmDLVWdJR9XckGYeAc=; h=In-Reply-To:From:Date:References:To:Subject:Message-ID; b=Yst/CuPb2xAj8tgg4oRlbbF4IQxSzx7pB7WZjoGO7zUE9sZ67TFUUdNdMzBQi3QBT Q0zxyTWPZsi2MaFMHH4kSniLoQutYtPL6o0gb0FWgngbZT4hz7Zp2Bbk1wJdg310zb mYdLzI1xZN8dvn8PqZN6lPLdObT3mqTdkhO7jobw= Received: by smtp3p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id Y3FOponjc5-r06avRAc; Mon, 19 Aug 2019 12:53:01 +0300 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client certificate not present) Subject: Re: pf (rules and nat) + (ipfw + dummynet) To: Andrew White , freebsd-net@freebsd.org References: From: "Andrey V. Elsukov" Openpgp: id=E6591E1B41DA1516F0C9BC0001C5EA0410C8A17A Autocrypt: addr=bu7cher@yandex.ru; prefer-encrypt=mutual; keydata= mQENBEwBF1kBCADB9sXFhBEUy8qQ4X63Y8eBatYMHGEFWN9ypS5lI3RE6qQW2EYbxNk7qUC5 21YIIS1mMFVBEfvR7J9uc7yaYgFCEb6Sce1RSO4ULN2mRKGHP3/Sl0ijZEjWHV91hY1YTHEF ZW/0GYinDf56sYpDDehaBF5wkWIo1+QK5nmj3vl0DIDCMNd7QEiWpyLVwECgLX2eOAXByT8B bCqVhJGcG6iFP7/B9Ll6uX5gb8thM9LM+ibwErDBVDGiOgvfxqidab7fdkh893IBCXa82H9N CNwnEtcgzh+BSKK5BgvPohFMgRwjti37TSxwLu63QejRGbZWSz3OK3jMOoF63tCgn7FvABEB AAG0JUFuZHJleSBWLiBFbHN1a292IDxidTdjaGVyQHlhbmRleC5ydT6JATgEEwECACIFAkwB F1kCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEAHF6gQQyKF6qmYIAI6ekfm1VA4T vqankI1ISE6ku4jV7UlpIQlEbE7/8n3Zd6teJ+pGOQhN5qk8QE7utdPdbktAzi+x7LIJVzUw 4TywZLXGrkP7VKYkfg6oyCGyzITghefQeJtr2TN4hYCkzPWpylkue8MtmqfZv/6royqwTbN+ +E09FQNvTgRUYJYTeQ1qOsxNRycwvw3dr2rOfuxShbzaHBB1pBIjGrMg8fC5pd65ACH5zuFV A0CoTNGMDrEZSfBkTW604UUHFFXeCoC3dwDZRKOWJ3GmMXns65Ai5YkA63BSHEE1Qle3VBhd cG1w0CB5FBV3pB27UVnf0jEbysrDqW4qN7XMRFSWNAy5AQ0ETAEXWQEIAJ2p6l9LBoqdH/0J PEFDY2t2gTvAuzz+8zs3R03dFuHcNbOwjvWCG0aOmVpAzkRa8egn5JB4sZaFUtKPYJEQ1Iu+ LUBwgvtXf4vWpzC67zs2dDuiW4LamH5p6xkTD61aHR7mCB3bg2TUjrDWn2Jt44cvoYxj3dz4 S49U1rc9ZPgD5axCNv45j72tggWlZvpefThP7xT1OlNTUqye2gAwQravXpZkl5JG4eOqJVIU X316iE3qso0iXRUtO7OseBf0PiVmk+wCahdreHOeOxK5jMhYkPKVn7z1sZiB7W2H2TojbmcK HZC22sz7Z/H36Lhg1+/RCnGzdEcjGc8oFHXHCxUAEQEAAYkBHwQYAQIACQUCTAEXWQIbDAAK CRABxeoEEMihegkYCAC3ivGYNe2taNm/4Nx5GPdzuaAJGKWksV+w9mo7dQvU+NmI2az5w8vw 98OmX7G0OV9snxMW+6cyNqBrVFTu33VVNzz9pnqNCHxGvj5dL5ltP160JV2zw2bUwJBYsgYQ WfyJJIM7l3gv5ZS3DGqaGIm9gOK1ANxfrR5PgPzvI9VxDhlr2juEVMZYAqPLEJe+SSxbwLoz BcFCNdDAyXcaAzXsx/E02YWm1hIWNRxanAe7Vlg7OL+gvLpdtrYCMg28PNqKNyrQ87LQ49O9 50IIZDOtNFeR0FGucjcLPdS9PiEqCoH7/waJxWp6ydJ+g4OYRBYNM0EmMgy1N85JJrV1mi5i Message-ID: <893da640-3414-d079-e126-c0f3235eb8e4@yandex.ru> Date: Mon, 19 Aug 2019 12:50:04 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="1YhDySn4hhZyhyEqrlefCCj8WcK9j3tX0" X-Rspamd-Queue-Id: 46Bq430CFCz4Zfg X-Spamd-Bar: ------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yandex.ru header.s=mail header.b=Yst/CuPb; dmarc=pass (policy=none) header.from=yandex.ru; spf=pass (mx1.freebsd.org: domain of bu7cher@yandex.ru designates 2a02:6b8:0:1472:2741:0:8b7:106 as permitted sender) smtp.mailfrom=bu7cher@yandex.ru X-Spamd-Result: default: False [-7.19 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a02:6b8:0:1000::/52]; FREEMAIL_FROM(0.00)[yandex.ru]; HAS_ATTACHMENT(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[yandex.ru:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[yandex.ru,none]; NEURAL_HAM_SHORT(-0.99)[-0.993,0]; SIGNED_PGP(-2.00)[]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~]; RCVD_TLS_LAST(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[6.0.1.0.7.b.8.0.0.0.0.0.1.4.7.2.2.7.4.1.0.0.0.0.8.b.6.0.2.0.a.2.list.dnswl.org : 127.0.5.1]; ASN(0.00)[asn:13238, ipnet:2a02:6b8::/32, country:RU]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[yandex.ru]; R_DKIM_ALLOW(-0.20)[yandex.ru:s=mail]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; IP_SCORE(0.00)[ip: (-9.34), ipnet: 2a02:6b8::/32(-4.64), asn: 13238(-3.73), country: RU(0.01)]; IP_SCORE_FREEMAIL(0.00)[]; DWL_DNSWL_LOW(-1.00)[yandex.ru.dwl.dnswl.org : 127.0.5.1]; TO_MATCH_ENVRCPT_SOME(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Aug 2019 09:53:08 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --1YhDySn4hhZyhyEqrlefCCj8WcK9j3tX0 Content-Type: multipart/mixed; boundary="hmJIUVS2u0Z4MBqxqVXh721zilhWO8Ov0"; protected-headers="v1" From: "Andrey V. Elsukov" To: Andrew White , freebsd-net@freebsd.org Message-ID: <893da640-3414-d079-e126-c0f3235eb8e4@yandex.ru> Subject: Re: pf (rules and nat) + (ipfw + dummynet) References: In-Reply-To: --hmJIUVS2u0Z4MBqxqVXh721zilhWO8Ov0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 18.08.2019 00:25, Andrew White wrote: > I also see some work underway to separate dummynet from ipfw, is there = any > docs for the goals or timelines, will this allow dummynet anchors and u= se > of dnctl to use pf with dummynet like in macos ? JFYI, dummynet uses single exclusive mutex and this kills performance on modern hardware. If you don't have some patches that are ready for committing, I think after several months this code will be significantly rewritten by me and your WIP patches will become stale. --=20 WBR, Andrey V. Elsukov --hmJIUVS2u0Z4MBqxqVXh721zilhWO8Ov0-- --1YhDySn4hhZyhyEqrlefCCj8WcK9j3tX0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAl1acNAACgkQAcXqBBDI oXrSLgf+JpF/Z0S8TmqyXIB/vbhzQUckDZicZL30OS1GjK4xLZwQIhZHE6vYLkhN YQFFzc1O0Ut4jxqx82sx7I/sowgFNGTOcAkx5L1l0DBdIE2SWvDZVwg53IIdYotI syUJfr+zF2FbbCjpb6TZmzRwz8YW15QkyLk92cIkRKNOn/AerBijYRUJSiqZsJ0g 3bLnRb4DYS5p14a0B0kMAWh3k0OvhYMw8G1Uif8bT7cbHnsy8273CeWNmqzFWu6T 4IWgdP4WoWbSsf3yHJrhhn3rnB9f9pCG6qDYtYbK/4R6Ywy97A4Rc/Yc7Q8ep6xS Sq8Swz9X3gSM0woE1dVy3VhRtC41mw== =w1fo -----END PGP SIGNATURE----- --1YhDySn4hhZyhyEqrlefCCj8WcK9j3tX0-- From owner-freebsd-net@freebsd.org Mon Aug 19 10:00:00 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 10CF5AFFB7 for ; Mon, 19 Aug 2019 10:00:00 +0000 (UTC) (envelope-from meka@tilda.center) Received: from mail.tilda.center (srv02.tilda.center [199.247.21.11]) by mx1.freebsd.org (Postfix) with ESMTP id 46BqCx30VBz4ZqJ for ; Mon, 19 Aug 2019 09:59:56 +0000 (UTC) (envelope-from meka@tilda.center) Received: from hal9000.home.meka.rs (109-92-168-5.dynamic.isp.telekom.rs [109.92.168.5]) by mail.tilda.center (Postfix) with ESMTPSA id 6D92411C60; Mon, 19 Aug 2019 11:59:55 +0200 (CEST) Date: Mon, 19 Aug 2019 11:59:54 +0200 From: Goran =?utf-8?B?TWVracSH?= To: "Andrey V. Elsukov" Cc: Andrew White , freebsd-net@freebsd.org Subject: Re: pf (rules and nat) + (ipfw + dummynet) Message-ID: <20190819095954.awhiubhfmwktcuzr@hal9000.home.meka.rs> References: <893da640-3414-d079-e126-c0f3235eb8e4@yandex.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="jcu3zizhbjehn3jn" Content-Disposition: inline In-Reply-To: <893da640-3414-d079-e126-c0f3235eb8e4@yandex.ru> User-Agent: NeoMutt/20180716 X-Rspamd-Queue-Id: 46BqCx30VBz4ZqJ X-Spamd-Bar: -------- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of meka@tilda.center designates 199.247.21.11 as permitted sender) smtp.mailfrom=meka@tilda.center X-Spamd-Result: default: False [-8.27 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; DMARC_NA(0.00)[tilda.center]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.99)[-0.986,0]; SIGNED_PGP(-2.00)[]; FREEMAIL_TO(0.00)[yandex.ru]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[5.168.92.109.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:20473, ipnet:199.247.16.0/21, country:US]; FREEMAIL_CC(0.00)[gmail.com]; IP_SCORE(-2.98)[ip: (-9.71), ipnet: 199.247.16.0/21(-4.82), asn: 20473(-0.32), country: US(-0.05)]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Aug 2019 10:00:00 -0000 --jcu3zizhbjehn3jn Content-Type: text/plain; charset=utf-8 Content-Disposition: inline On Mon, Aug 19, 2019 at 12:50:04PM +0300, Andrey V. Elsukov wrote: > JFYI, > > dummynet uses single exclusive mutex and this kills performance on > modern hardware. If you don't have some patches that are ready for > committing, I think after several months this code will be significantly > rewritten by me and your WIP patches will become stale. > > -- > WBR, Andrey V. Elsukov > Hello, Thank you for the info! For now I only need dummynet to not depend on ipfw as a kld. I am still learning from the PfSense branch so no real patch exists. Once you start rewriting dummynet, can you please ping me? I would like to help at least as a tester, but I hope I'll be of some help in {doc,dev}. Regards, meka --jcu3zizhbjehn3jn Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAl1acxcACgkQWj1Tknov rLbpOQ//fJyHqTQ5VcgrLkE+su1sgqSDMyyH7vsYP5mHmaYcWR49pOmjuyBI8M3F oQQVLaJMfAqz1RAvqxcLhW58raCeAuFGiYp87ML+Iwcz8+LSg4GSqR+3Q6hYZdnJ rWg1uGdlebvdNB1ewsujLzeVaEbfI4S2RZym6lY3eS33SHBD2dJILtBgQbo3tOLE 23OAIAYjJIpI5pC/VA3SdEKdxWvkVewrn/9m43e0kadkTwu3vVEFnVIXnfqE0HnS HPtxs8KRWKEa2K2GwVvIhjP8FaqI6EQtJF+N/A6ZpaTRAorE+EMTYNhajBRbzpZ2 tSUSMc8g+1GKp2uu9AACoRG5jYHg2cDbIpRylQiAlO3YQI4v0h9ovQW3vjGZ/CEI 1MNb0/pVTeEFLw7SiS7sBFIywNIVcP45J+a/brUSZIYGXDumWkpSzYsX67p0ljFV NaC3HNIUTglgySTV5SGJgRgW6Kz80nk4BAcx0RDPqNnwDZPiW8sl/IUV8NqtquBd WVE+/iqXwyZ9sRHtW5HjVq+00+C70irvBKX9UEz3fqIiwZqhAYPgTBi1Mqmbm1B/ 7aE7n6cfeLGDA2YerEZbNBXEA4Q7tGNYmVvXguehaTaNAtnDPzhoZUh9fQPGU25h zTh5MXcZBQ1AhWg6PWng+eVmMzj3cgR4KCTfAwiNhLlcu9JOSa4= =jvBl -----END PGP SIGNATURE----- --jcu3zizhbjehn3jn-- From owner-freebsd-net@freebsd.org Mon Aug 19 18:26:26 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 84590CDEB5 for ; Mon, 19 Aug 2019 18:26:26 +0000 (UTC) (envelope-from lucy.wilson@infodigimedia.com) Received: from n1nlsmtp03.shr.prod.ams1.secureserver.net (n1nlsmtp03.shr.prod.ams1.secureserver.net [188.121.43.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "relay-hosting.secureserver.net", Issuer "Starfield Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46C2SH6Qd0z48hb for ; Mon, 19 Aug 2019 18:26:23 +0000 (UTC) (envelope-from lucy.wilson@infodigimedia.com) Received: from n3plcpnl0152.prod.ams3.secureserver.net ([160.153.155.4]) by : HOSTING RELAY : with ESMTP id zmLIhm5tyDN9LzmLIhhNRt; Mon, 19 Aug 2019 11:25:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infodigimedia.com; s=default; h=Content-Type:MIME-Version:Message-ID:Date: Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=mobXBiIMXTnGcZ6B0DkW/wN+Cn2MoCX9dBlrbmzf4Q8=; b=vEolBHVlJib3miooi+yKe5HPQd 0h19qilA/S8+IPi89kuKJsLKl++tnb9qdB+eI66BojxCB2MJHXezmEoTESfLk2FiTGsZie0qRWlfR hCsSUcOYd3jdLy/zhlVfEq7+zuNkqnSp2DfrEBlonXKLVmRgaZUH1u5cy1ZJ6Id7yuHx/M2r3nGdK DIJ9A/8zINoVgZzrfaCfIC2QKLubYCkuvVbPHJrjKv/nS38ElG0Ip4Y7dc0FHxu/p+x8HKcL4DRB9 02E1hYlUl0bG/4eay6cjwHLuxp4rpF1Ycfhr2RCkUFHxqP8WQDEsjx8eKq3fFGp7gsyfFilYS6umz U84SKBXQ==; Received: from [49.206.228.230] (port=56474 helo=CyberdomPC) by n3plcpnl0152.prod.ams3.secureserver.net with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.92) (envelope-from ) id 1hzm5Z-005rPQ-5O for freebsd-net@freebsd.org; Mon, 19 Aug 2019 11:09:05 -0700 From: "Lucy Wilson" To: Subject: Netgate Users Contact List Date: Mon, 19 Aug 2019 14:08:16 -0400 Message-ID: MIME-Version: 1.0 X-Mailer: Microsoft Outlook 15.0 Thread-Index: AdVWuQRoY4n4VxrlTxCbnCoX/me4YA== Content-Language: en-us X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - n3plcpnl0152.prod.ams3.secureserver.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - infodigimedia.com X-Get-Message-Sender-Via: n3plcpnl0152.prod.ams3.secureserver.net: authenticated_id: lucy.wilson@infodigimedia.com X-Authenticated-Sender: n3plcpnl0152.prod.ams3.secureserver.net: lucy.wilson@infodigimedia.com X-Source: X-Source-Args: X-Source-Dir: X-CMAE-Envelope: MS4wfMzJ7UiV/Iato59akVDkM2shHclwfMk2wQktcPJvmwChWs/JCu4s10B0lXFrmbU9/7AkcaWFcGLQiHpILZzM1WGaWtD93u5Rgb+a4MI8bTUbMVjIeoaI GEuCGvtWau0AIIEaPlqgtKdozOBm2NdJTY7k0hxSMQYMvLkVVyTIAFi17qfacx5fi3EsOKoWTBQxcgcbXsGZ0eQWmMBNDwbRuf0QC7PDX9wt78ZJ7lltRQsG X-Rspamd-Queue-Id: 46C2SH6Qd0z48hb X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none (invalid DKIM record) header.d=infodigimedia.com header.s=default header.b=vEolBHVl; dmarc=none; spf=pass (mx1.freebsd.org: domain of lucy.wilson@infodigimedia.com designates 188.121.43.193 as permitted sender) smtp.mailfrom=lucy.wilson@infodigimedia.com X-Spamd-Result: default: False [-2.61 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:188.121.43.0/24]; HAS_X_SOURCE(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[infodigimedia.com:~]; NEURAL_HAM_SHORT(-0.60)[-0.603,0]; HAS_X_ANTIABUSE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(0.27)[ip: (0.77), ipnet: 188.121.40.0/22(0.42), asn: 26496(0.19), country: US(-0.05)]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RECEIVED_SPAMHAUS_PBL(0.00)[230.228.206.49.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.11]; ASN(0.00)[asn:26496, ipnet:188.121.40.0/22, country:US]; MID_RHS_MATCH_FROM(0.00)[]; HAS_X_AS(0.00)[lucy.wilson@infodigimedia.com]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.993,0]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.98)[-0.985,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[infodigimedia.com]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[193.43.121.188.list.dnswl.org : 127.0.5.0]; R_DKIM_PERMFAIL(0.00)[infodigimedia.com:s=default]; HAS_X_GMSV(0.00)[lucy.wilson@infodigimedia.com]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Aug 2019 18:26:26 -0000 Hello, I would like to know if you are interested in acquiring Netgate Users Contact List. Information fields: Names, Title, Email, Phone, Company Name, Company URL, Company physical address, SIC Code, Industry, Company Size (Revenue and Employee), LinkedIn profile link and kind of technology using/solution in place. Please let me know your target geography so that I can provide you with the sample file for reference. Await your response! Regards, Lucy Wilson Marketing Executive If you do not wish to receive further emails, please respond with Remove me. From owner-freebsd-net@freebsd.org Tue Aug 20 07:27:12 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 39EA7C8894 for ; Tue, 20 Aug 2019 07:27:12 +0000 (UTC) (envelope-from hrs@allbsd.org) Received: from mail.allbsd.org (mx.allbsd.org [IPv6:2001:2f0:104:e001::41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail.allbsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46CMnB6dqhz410W; Tue, 20 Aug 2019 07:27:10 +0000 (UTC) (envelope-from hrs@allbsd.org) Received: from mail-d.allbsd.org ([IPv6:2409:11:a740:4700:58:65ff:fe00:b0b]) (authenticated bits=56) by mail.allbsd.org (8.15.2/8.15.2) with ESMTPSA id x7K7QdnB087685 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK) (Client CN "/CN=mail-d.allbsd.org", Issuer "/C=US/O=Let's+20Encrypt/CN=Let's+20Encrypt+20Authority+20X3"); Tue, 20 Aug 2019 16:26:50 +0900 (JST) (envelope-from hrs@allbsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=allbsd.org; s=20190220; t=1566286027; bh=JKx4G8n9vgCnXHbqTsPSveS9D7p4Rz+XbLGQpoGHFLE=; h=Date:To:Cc:From:In-Reply-To:References; b=OIFBYgpMiH/XEPpt0azGGidWJVDEEVW9cg5pZGId+EFMgZX+re/XlPVJRIbg9f4vB frDCO2kvUFBeqp8/yG5fhKu4bxAmIItTgE60EdIxne9Ok0moBcpYFCJ9WHP1NtPQrF UmQN5hP77JKok7Og6zZyszlPzNAEpl5cspctpwwQ= Received: from alph.d.allbsd.org ([IPv6:2409:11:a740:4700:16:ceff:fe34:2700]) by mail-d.allbsd.org (8.15.2/8.15.2) with ESMTPS id x7K7QYrJ059328 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Tue, 20 Aug 2019 16:26:34 +0900 (JST) (envelope-from hrs@allbsd.org) Received: from localhost (localhost [[UNIX: localhost]]) (authenticated bits=0) by alph.d.allbsd.org (8.15.2/8.15.2) with ESMTPA id x7K7QXkS059325; Tue, 20 Aug 2019 16:26:33 +0900 (JST) (envelope-from hrs@allbsd.org) Date: Tue, 20 Aug 2019 16:26:27 +0900 (JST) Message-Id: <20190820.162627.1762131267224793997.hrs@allbsd.org> To: jmg@funkthat.com, bzeeb-lists@lists.zabbadoz.net Cc: freebsd-net@FreeBSD.org, freebsd-docs@FreeBSD.org Subject: Re: addrs capability of rtadvd? From: Hiroki Sato In-Reply-To: <7A7874FA-E663-4EC9-B349-C46D32982BD1@lists.zabbadoz.net> References: <20190817060321.GH2342@funkthat.com> <7A7874FA-E663-4EC9-B349-C46D32982BD1@lists.zabbadoz.net> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.8 on Emacs 26.1 Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Tue_Aug_20_16_26_27_2019_020)--" Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (mail.allbsd.org [IPv6:2001:2f0:104:e001:0:0:0:41]); Tue, 20 Aug 2019 16:27:01 +0900 (JST) X-Spam-Status: No, score=4.6 required=13.0 tests=CONTENT_TYPE_PRESENT, ISO2022JP_BODY,QENCPTR1,RCVD_IN_AHBL,RCVD_IN_AHBL_PROXY, RCVD_IN_AHBL_SPAM,RDNS_NONE,UNPARSEABLE_RELAY,URIBL_SC2_SURBL, URIBL_XS_SURBL autolearn=no autolearn_force=no version=3.4.2 X-Spam-Level: **** X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mx.allbsd.org X-Rspamd-Queue-Id: 46CMnB6dqhz410W X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=allbsd.org header.s=20190220 header.b=OIFBYgpM; dmarc=none; spf=pass (mx1.freebsd.org: domain of hrs@allbsd.org designates 2001:2f0:104:e001::41 as permitted sender) smtp.mailfrom=hrs@allbsd.org X-Spamd-Result: default: False [-4.89 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[allbsd.org:s=20190220]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+mx:c]; MV_CASE(0.50)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[allbsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[allbsd.org:+]; NEURAL_HAM_SHORT(-0.95)[-0.952,0]; MID_CONTAINS_FROM(1.00)[]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:7514, ipnet:2001:2f0::/32, country:JP]; SUBJECT_ENDS_QUESTION(1.00)[]; IP_SCORE(-1.84)[ip: (-9.58), ipnet: 2001:2f0::/32(-3.27), asn: 7514(3.68), country: JP(-0.03)] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Aug 2019 07:27:12 -0000 ----Security_Multipart(Tue_Aug_20_16_26_27_2019_020)-- Content-Type: Text/Plain; charset=iso-2022-jp Content-Transfer-Encoding: 7bit "Bjoern A. Zeeb" wrote in <7A7874FA-E663-4EC9-B349-C46D32982BD1@lists.zabbadoz.net>: bz> On 17 Aug 2019, at 6:03, John-Mark Gurney wrote: bz> bz> > I am setting up ipv6, and going through the guide at: bz> > https://www.freebsd.org/doc/handbook/network-ipv6.html#idp71931000 bz> > bz> > And noticed the addrs#1 property in the example. I checked the bz> > rtadvd.conf man page, and I do not see an entry for addrs. Should bz> > this be removed? I also did a quick check of the rtadvd source code, bz> > and I don't see a makeentry for addrs either. bz> > bz> > If no one objects, I'll remove it. bz> bz> Or replace it with a working example? Would something like this work bz> to even show multiple prefixes (beyond the handbook example)? bz> bz> :addr=$B!H(B2001:db8:4242:6666::$B!I(B:prefixlen#64:\ bz> :addr2="2001:db8:4242:1::$B!I(B:prefixlen2#64: bz> bz> bz> And yes, removing the $B!H(B:addrs#1$B!I(B from the handbook should be fine. I prefer to drop the rtadvd.conf configuration example in the handbook completely. Adding a GUA on rl0 automatically makes rtadvd(8) to advertise the prefix. It also works with multiple prefixes. -- Hiroki ----Security_Multipart(Tue_Aug_20_16_26_27_2019_020)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iEYEABECAAYFAl1boKMACgkQTyzT2CeTzy3m3gCfR/eMRH7CrvEH6/ipKPSLAtJk eekAoM8P9o4Jdg25ePK/WmqfoR46hUpZ =vhdr -----END PGP SIGNATURE----- ----Security_Multipart(Tue_Aug_20_16_26_27_2019_020)---- From owner-freebsd-net@freebsd.org Tue Aug 20 18:19:21 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9A90ED83C6 for ; Tue, 20 Aug 2019 18:19:21 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46CfFh5R4Lz4gKF; Tue, 20 Aug 2019 18:19:20 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id x7KIIYXt088131 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 20 Aug 2019 11:18:34 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id x7KIIXGI088130; Tue, 20 Aug 2019 11:18:33 -0700 (PDT) (envelope-from jmg) Date: Tue, 20 Aug 2019 11:18:33 -0700 From: John-Mark Gurney To: Hiroki Sato Cc: bzeeb-lists@lists.zabbadoz.net, freebsd-net@FreeBSD.org, freebsd-docs@FreeBSD.org Subject: Re: addrs capability of rtadvd? Message-ID: <20190820181833.GN2342@funkthat.com> Mail-Followup-To: Hiroki Sato , bzeeb-lists@lists.zabbadoz.net, freebsd-net@FreeBSD.org, freebsd-docs@FreeBSD.org References: <20190817060321.GH2342@funkthat.com> <7A7874FA-E663-4EC9-B349-C46D32982BD1@lists.zabbadoz.net> <20190820.162627.1762131267224793997.hrs@allbsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="veXX9dWIonWZEC6h" Content-Disposition: inline In-Reply-To: <20190820.162627.1762131267224793997.hrs@allbsd.org> X-Operating-System: FreeBSD 11.0-RELEASE-p7 amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Tue, 20 Aug 2019 11:18:34 -0700 (PDT) X-Rspamd-Queue-Id: 46CfFh5R4Lz4gKF X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of jmg@gold.funkthat.com has no SPF policy when checking 208.87.223.18) smtp.mailfrom=jmg@gold.funkthat.com X-Spamd-Result: default: False [-3.34 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.97)[-0.971,0]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; IP_SCORE(-0.84)[ip: (-2.19), ipnet: 208.87.216.0/21(-1.10), asn: 32354(-0.88), country: US(-0.05)]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; MIME_TRACE(0.00)[0:+,1:+,2:~]; DMARC_NA(0.00)[funkthat.com]; AUTH_NA(1.00)[]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.63)[-0.631,0]; R_SPF_NA(0.00)[]; SIGNED_PGP(-2.00)[]; FORGED_SENDER(0.30)[jmg@funkthat.com,jmg@gold.funkthat.com]; R_DKIM_NA(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US]; FROM_NEQ_ENVFROM(0.00)[jmg@funkthat.com,jmg@gold.funkthat.com]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Aug 2019 18:19:21 -0000 --veXX9dWIonWZEC6h Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hiroki Sato wrote this message on Tue, Aug 20, 2019 at 16:26 +0900: > "Bjoern A. Zeeb" wrote > in <7A7874FA-E663-4EC9-B349-C46D32982BD1@lists.zabbadoz.net>: >=20 > bz> On 17 Aug 2019, at 6:03, John-Mark Gurney wrote: > bz> > bz> > I am setting up ipv6, and going through the guide at: > bz> > https://www.freebsd.org/doc/handbook/network-ipv6.html#idp71931000 > bz> > > bz> > And noticed the addrs#1 property in the example. I checked the > bz> > rtadvd.conf man page, and I do not see an entry for addrs. Should > bz> > this be removed? I also did a quick check of the rtadvd source cod= e, > bz> > and I don't see a makeentry for addrs either. > bz> > > bz> > If no one objects, I'll remove it. > bz> > bz> Or replace it with a working example? Would something like this work > bz> to even show multiple prefixes (beyond the handbook example)? > bz> > bz> :addr=3D?$B!H2001:db8:4242:6666::?$B!I:prefixlen#64:\ > bz> :addr2=3D"2001:db8:4242:1::?$B!I:prefixlen2#64: > bz> > bz> > bz> And yes, removing the ?$B!H:addrs#1?$B!I from the handbook should be = fine. >=20 > I prefer to drop the rtadvd.conf configuration example in the > handbook completely. Adding a GUA on rl0 automatically makes > rtadvd(8) to advertise the prefix. It also works with multiple > prefixes. I agree w/ removing the rtadvd.conf example as well. If you don't remove it, I shall. --=20 John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." --veXX9dWIonWZEC6h Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJdXDl4XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MEI1RTRGMTNDNzYyMDZDNjEyMDBCNjAy MDVGMEIzM0REMDA2QURBAAoJECBfCzPdAGraUJAP/0t4Gp3HlMzWmJrgME+M5/d6 73CKpTjN0GiWuP/bWxNYhSrM+3rmWDEZFRpWYIg/Crp6yQto1QVCN4pAzwhhIawR xnAQUoY9CC/g0bsK/nCJcd7Tq3b+/70PsDI9nlxpWDLP05xSCfILN1WaupkmoOuG 3LAo6MtZcL3bBUUMnJIkd4PD5oxn6iRRd8gHsIJHsyHbMBRNBEPkUWlxYrXVGSAU G4bGCt8YIKnSlS43iCnu8K+quf/ZUwv3z9OXk5dXGV0vbJPKla58rqeAm3xAXGW5 gedqNKXUlci36LbetmjZHmd+RqMG8lHsWl3NGG9RLwJfLnk9UHk8Naf6Kyu0Aq4i TZi+CSXZvfdJ0EsJlHbfr2zuv+h9HrDVtD+9XNjimmkTw6tCHV8inq5hvQd04saA vPfZ6oPjJeQc8KGwjb+H9NgYt7LPHaQa9SjxeU2oRi01crRN7O7ZIJGqGnV2buzW xn0OUtxCtXXr/qtWH+V3da1RsC/4WLbVDgQYgws/mhwgi+gOsColIUHlk0IJNpAD tGpPboc12uD2iDH3UE398hJzYVu4VZoBx4OJ27HeKnHC6Wz5l/l0MIwRPL/lxuKr 39Nf7D+BSetdqevpVEizvk2nCgs9pGwppiT6GlqHoMDnJ1EkXYPh275m1N97ArM+ +5utGUOXWLagRBa3f1Dh =mokU -----END PGP SIGNATURE----- --veXX9dWIonWZEC6h-- From owner-freebsd-net@freebsd.org Wed Aug 21 05:34:49 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BBBA7BB178 for ; Wed, 21 Aug 2019 05:34:49 +0000 (UTC) (envelope-from crapsh@monkeybrains.net) Received: from sfo.monkeybrains.net (sfo.monkeybrains.net [208.69.40.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.monkeybrains.net", Issuer "AlphaSSL CA - SHA256 - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46CxF44fZkz4WXM for ; Wed, 21 Aug 2019 05:34:48 +0000 (UTC) (envelope-from crapsh@monkeybrains.net) Received: from Rudys-iMac.local (148-64-102-151.PUBLIC.monkeybrains.net [148.64.102.151] (may be forged)) (authenticated bits=0) by sfo.monkeybrains.net (8.15.2/8.15.2) with ESMTPSA id x7L5Ye8X035142 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Tue, 20 Aug 2019 22:34:40 -0700 (PDT) (envelope-from crapsh@monkeybrains.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=monkeybrains.net; s=dkim; t=1566365680; bh=DG0VzRoeaPDnlxXKJ0o9gMK7/oHbUMpg2qIbsqjkBBY=; h=To:From:Subject:Date; b=WZUE/pLD/ZmkKlmxQwwdaKKEEkouRkzFidyIL4NpFJbw5VrJROBFugbbMaoQ9mtB9 DTaWsgugX9t3gLAFtAMuaCXEuXdATbjxltQF5EXAl8hJoBQgV8YwirnSFzwlvU8fDh DL/E4pAmeDFVqZZOb1XRz7tAxbmmn3dr0YMfyQto= X-Authentication-Warning: mail.monkeybrains.net: Host 148-64-102-151.PUBLIC.monkeybrains.net [148.64.102.151] (may be forged) claimed to be Rudys-iMac.local To: freebsd-net@freebsd.org From: Rudy Subject: packets per second tool for CLI - and question about checksum_errs Message-ID: <380fff29-8df3-2671-69c3-ef47131aaf58@monkeybrains.net> Date: Tue, 20 Aug 2019 22:34:40 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Language: en-US X-Virus-Scanned: clamav-milter 0.100.2 at mail.monkeybrains.net X-Virus-Status: Clean X-Rspamd-Queue-Id: 46CxF44fZkz4WXM X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=monkeybrains.net header.s=dkim header.b=WZUE/pLD; dmarc=pass (policy=none) header.from=monkeybrains.net; spf=pass (mx1.freebsd.org: domain of crapsh@monkeybrains.net designates 208.69.40.9 as permitted sender) smtp.mailfrom=crapsh@monkeybrains.net X-Spamd-Result: default: False [-5.76 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[monkeybrains.net:s=dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[monkeybrains.net.dwl.dnswl.org : 127.0.5.1]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[monkeybrains.net:+]; DMARC_POLICY_ALLOW(-0.50)[monkeybrains.net,none]; NEURAL_HAM_SHORT(-0.97)[-0.968,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; IP_SCORE(-0.79)[asn: 32329(-3.90), country: US(-0.05)]; ASN(0.00)[asn:32329, ipnet:208.69.40.0/22, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Aug 2019 05:34:49 -0000 Here is a quick tool so show Packets Per Second on the CLI for all your interfaces (only tested with ix and igb). It uses the output of sysctl every second.  If you like it, great! Quick question, why am I seeing checksum_errs around 1k on a link doing 3Gbps? * **Sample output of script:* Tue Aug 20 22:28:16 2019                          00:00:01      Dev RX bits   TX bits    RX PPS    TX PPS  CK Error     igb0                 0         2         0     igb1                 0         0         0      ix0    2589 M     415 M     311 k     171 k      11      ix1     254 M    2120 M     108 k     248 k       1 k      ix2     171 M     508 M      62 k      63 k     385      ix3       1 k       1 k       0         0         0  Host: yourbox.example.com Rudy #!/usr/local/bin/perl # # pps - Packets Per Second tool like top # # Tue Aug 20 22:09:25 PDT 2019, MonkeyBrains.NET # my $SAMPLETIME = shift || 4; my $DAMPEN = undef;  # set to 1 to make Mbps be an average $SAMPLETIME =~ /^\d{1,4}$/ or die "Usage: $0 [delay]\n"; use Term::ANSIScreen qw/:color :cursor :screen :keyboard/; #  footer text my $hostname = `hostname`; chomp($hostname); my $footer = "Host: $hostname"; # colors in the table my @c = ('bold white on black', 'green', 'cyan', 'bold green', 'bold blue', 'bold red'); # columns in table my @c2 = ('bold yellow on black', 'black on yellow', 'black on yellow'); # header and footer my @w = (8);  # width for columns (decided on 10 for all but first...) my $totalWidth = $w[0] + 50; my $width1 = $totalWidth-30; my $width2 = $totalWidth-$w[0]; # some variables my %info; my %avg;  # tamper Mbps fluctations... print cls(); #clear screen my $s = 0;  # number of sysctl runs while (1) {     open STATS, "sysctl dev | " or die;     my %sum;     while () {         my ($dev,$p1,$p2,$v,$delta);         if (s/^dev\.([a-z]+)\.(\d+)\.//) {             $dev = $1.$2;         } else {             next;         }         if (/^(mac_stats).good_(octets_.*): *(\d+)$/o) {             ($p1,$p2,$v) = ($1,$2,$3*8);  # bytes * 8             # use a rolling 'last 4 data points' average             $delta=$v-$info{$dev}{$p1}{$p2}{'last'} if $info{$dev}{$p1}{$p2}{'last'};             $info{$dev}{$p1}{$p2}{'last'}=$v;             if ($DAMPEN) {                 # keep a running average...                 if ($avg{$dev}{$p2} && $delta) {                     # add t0 average over past 2 cycles                     $avg{$dev}{$p2} = ($delta + $avg{$dev}{$p2} * 2)/ 3;                     $delta = $avg{$dev}{$p2} unless ($delta = 0);  # hard zero at 0                 } else {                     # first time through                     $avg{$dev}{$p2} = 0; # init                 }             }         } elsif (/^(mac_stats|queue.*)\.(.*): *(\d+)$/o) {             ($p1,$p2,$v) = ($1,$2,$3);             $delta=$v-$info{$dev}{$p1}{$p2}{'last'} if $info{$dev}{$p1}{$p2}{'last'};             $info{$dev}{$p1}{$p2}{'last'}=$v;         } else {             next;         }         $sum{$dev}{$p2} += $delta;  # will aggregate all queues     }     locate 1, 1;  # move cursor to top left     my $seconds = time-$^T;     my $hours = int( $seconds / (60*60) );     my $mins = ( $seconds / 60 ) % 60;     my $secs = $seconds % 60;     my $elapsed = sprintf("%02d:%02d:%02d", $hours,$mins,$secs);     print colored [$c2[0]],sprintf("%-30s%${width1}s\n",scalar(localtime),$elapsed); # clear line, and return     print colored [$c2[1]],sprintf("%$w[0]s%-${width2}s\n", "Dev"," RX bits   TX bits    RX PPS    TX PPS  CK Error ");     $s++;     foreach my $dev (sort keys %sum) {         my $i = 0;         print colored [$c[0]], sprintf("%$w[$i]s",$dev);         foreach my $p2 (qw(octets_rcvd octets_txd rx_packets tx_packets checksum_errs)) {             $i++;             my $v = $sum{$dev}{$p2};             $v /= $SAMPLETIME if $s > 2; # need two values             $v =~ s/\..*//; # floor             # conver to M and k for Mega and Kilo             if ($v >  1000000) {                 $v /= 1000000;                 $v =~ s/\.\d+//;                 $v .= ' M';             } elsif ($v >  1000) {                 $v /= 1000;                 $v =~ s/\.\d+//;                 $v .= ' k';             } else {                 $v .= '  ';  # some padding for alignment             }             my $width = $w[$i] || 10;             print colored [$c[$i]],sprintf("%${width}s",$v);         }         print "\n";     }     print colored [$c2[2]],sprintf("%-${totalWidth}s\n", " $footer");     close STATS;     if ($s == 1) {         sleep 1;  # only sleep 1 on startup         next;     }     sleep $SAMPLETIME; } From owner-freebsd-net@freebsd.org Wed Aug 21 05:43:59 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2B0A6BB77A for ; Wed, 21 Aug 2019 05:43:59 +0000 (UTC) (envelope-from moridin@mm.st) Received: from new1-smtp.messagingengine.com (new1-smtp.messagingengine.com [66.111.4.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46CxRf1wYfz4X3L for ; Wed, 21 Aug 2019 05:43:57 +0000 (UTC) (envelope-from moridin@mm.st) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailnew.nyi.internal (Postfix) with ESMTP id 2798B346D for ; Wed, 21 Aug 2019 01:43:57 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Wed, 21 Aug 2019 01:43:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mm.st; h=subject :to:references:from:message-id:date:mime-version:in-reply-to :content-type:content-transfer-encoding; s=fm1; bh=HdaoCZCK+6nA3 9wIeHnuLQ7PSh7FPUEMAm1cpGdXW98=; b=CI/OaVq5QCLVOOrSKw0+9pbPh8Xv5 6YUeDa6gSiawnk7caqIeT5V+MGMqxNBn+GEeKEsv2mgZSc44RROUC2ckdjoZg6Zh u4uwHk/SfOCG3Hj44yGS+d1dKdHTe7xKpWuqfw8M9D7dRXQcYKzHOzWaHYXxLucE MZYTUg/V6Ympw7W+LSTz6OiFWIueYUEZQvublpl842JmWuxGHFZxPkl+FRNRNihr hknbOuzASs3I/+pkapj81vENrCPwXlmn6O05ZRQlc1yFf4p+FAQ4e7mRU81RWM4T Ju9tU5PXFjFx6KPmTsTkfM4kbDgpVWZCjSoOzP7A7XdLrjnqf9k7FqtKw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=HdaoCZCK+6nA39wIeHnuLQ7PSh7FPUEMAm1cpGdXW 98=; b=xnx2zt0QLayYshRkW78bcjIO1D2X7w6IiFU7cDrw/V/4CRuXwrNQiOqzZ DY+ZkUeoBGwNhPc61RB5QdSgoId93jwOHrwCmENbvSGQXohB+uLg2cpIzCjpwZ3N Yb6lVZIe98K6+361/JpTzpGdIGME9PAWF2ZQ/2++toGXGcdWGtJcih6blk7sNFul PoY9nvtduaAfPdd7LDzyhxTIwYLVHe9eTeznj6fjIqB9TRHtOJ8tw6uSZw3XbyRx Inq+5xblihoOfvQgf1NHQoGDB2bYjb4OgCgiyoqXLvsScKTzcxbv4nSZXptVOEH3 jR1RLEjH7b73L98p2PiqvX6cPob8A== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduvddrudegvddguddtudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtgfesth ekredttdefjeenucfhrhhomhepmhhorhhiughinhcuoehmohhrihguihhnsehmmhdrshht qeenucffohhmrghinhepvgigrghmphhlvgdrtghomhenucfkphepudekhedrgeegrdejie drkedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmohhrihguihhnsehmmhdrshhtnecu vehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from [192.168.1.2] (unknown [185.44.76.80]) by mail.messagingengine.com (Postfix) with ESMTPA id C8AF5D60057 for ; Wed, 21 Aug 2019 01:43:55 -0400 (EDT) Subject: Re: packets per second tool for CLI - and question about checksum_errs To: freebsd-net@freebsd.org References: <380fff29-8df3-2671-69c3-ef47131aaf58@monkeybrains.net> From: moridin Message-ID: <7d61f797-1674-8c4a-d303-1b057ddf309f@mm.st> Date: Wed, 21 Aug 2019 08:43:54 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <380fff29-8df3-2671-69c3-ef47131aaf58@monkeybrains.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 46CxRf1wYfz4X3L X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=mm.st header.s=fm1 header.b=CI/OaVq5; dkim=pass header.d=messagingengine.com header.s=fm3 header.b=xnx2zt0Q; dmarc=pass (policy=none) header.from=mm.st; spf=pass (mx1.freebsd.org: domain of moridin@mm.st designates 66.111.4.221 as permitted sender) smtp.mailfrom=moridin@mm.st X-Spamd-Result: default: False [-4.09 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.221]; FREEMAIL_FROM(0.00)[mm.st]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[mm.st:+,messagingengine.com:+]; DMARC_POLICY_ALLOW(-0.50)[mm.st,none]; NEURAL_HAM_SHORT(-0.99)[-0.994,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(0.00)[ip: (-9.87), ipnet: 66.111.4.0/24(-4.84), asn: 11403(-2.68), country: US(-0.05)]; RCVD_IN_DNSWL_LOW(-0.10)[221.4.111.66.list.dnswl.org : 127.0.5.1]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[mm.st:s=fm1,messagingengine.com:s=fm3]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVFROM(0.00)[mm.st]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; IP_SCORE_FREEMAIL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Aug 2019 05:43:59 -0000 Rudy wrote: > > Here is a quick tool so show Packets Per Second on the CLI for all your > interfaces (only tested with ix and igb). > It uses the output of sysctl every second.  If you like it, great! > > Quick question, why am I seeing checksum_errs around 1k on a link doing > 3Gbps? > > * > **Sample output of script:* > > Tue Aug 20 22:28:16 2019                          00:00:01 >      Dev RX bits   TX bits    RX PPS    TX PPS  CK Error >     igb0                 0         2         0 >     igb1                 0         0         0 >      ix0    2589 M     415 M     311 k     171 k      11 >      ix1     254 M    2120 M     108 k     248 k       1 k >      ix2     171 M     508 M      62 k      63 k     385 >      ix3       1 k       1 k       0         0         0 >  Host: yourbox.example.com If you need just pps, you could use `systat -ifstat -pps` instead. From owner-freebsd-net@freebsd.org Wed Aug 21 15:52:52 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 293B8CC097 for ; Wed, 21 Aug 2019 15:52:52 +0000 (UTC) (envelope-from crapsh@monkeybrains.net) Received: from sfo.monkeybrains.net (sfo.monkeybrains.net [208.69.40.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.monkeybrains.net", Issuer "AlphaSSL CA - SHA256 - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46DByB5r0xz46fX for ; Wed, 21 Aug 2019 15:52:50 +0000 (UTC) (envelope-from crapsh@monkeybrains.net) Received: from Rudys-iMac.local (148-64-102-151.PUBLIC.monkeybrains.net [148.64.102.151] (may be forged)) (authenticated bits=0) by sfo.monkeybrains.net (8.15.2/8.15.2) with ESMTPSA id x7LFqmTR006428 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Wed, 21 Aug 2019 08:52:48 -0700 (PDT) (envelope-from crapsh@monkeybrains.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=monkeybrains.net; s=dkim; t=1566402768; bh=w6yzUwUSlpTDEWgXmAE08GNnR8/eroTwoCMz2t3kR5M=; h=Subject:To:References:From:Date:In-Reply-To; b=q+mWLr/VsEHkHHkI9lDVzhV0x53gjU/U/8l74Vptwsb4YuVmNhpbGtoGji59HSePB J4FnlgTIbCOWB5g8v1ZLc50k7TiVzZafUNORV1hKg+ktku52uhUY89KhCKlcHFHWr7 rHvd2wws5Z3jNBXzXj2jQTn2UeUhvSgDHU4ovp3c= X-Authentication-Warning: mail.monkeybrains.net: Host 148-64-102-151.PUBLIC.monkeybrains.net [148.64.102.151] (may be forged) claimed to be Rudys-iMac.local Subject: Re: packets per second tool for CLI - and question about checksum_errs To: freebsd-net@freebsd.org References: <380fff29-8df3-2671-69c3-ef47131aaf58@monkeybrains.net> <7d61f797-1674-8c4a-d303-1b057ddf309f@mm.st> From: Rudy Message-ID: <56df7dfb-e652-f493-a679-9801960a274a@monkeybrains.net> Date: Wed, 21 Aug 2019 08:52:48 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <7d61f797-1674-8c4a-d303-1b057ddf309f@mm.st> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Virus-Scanned: clamav-milter 0.100.2 at mail.monkeybrains.net X-Virus-Status: Clean X-Rspamd-Queue-Id: 46DByB5r0xz46fX X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=monkeybrains.net header.s=dkim header.b=q+mWLr/V; dmarc=pass (policy=none) header.from=monkeybrains.net; spf=pass (mx1.freebsd.org: domain of crapsh@monkeybrains.net designates 208.69.40.9 as permitted sender) smtp.mailfrom=crapsh@monkeybrains.net X-Spamd-Result: default: False [-5.72 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(0.00)[+ptr]; HAS_XAW(0.00)[]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[monkeybrains.net:+]; DMARC_POLICY_ALLOW(0.00)[monkeybrains.net,none]; NEURAL_HAM_SHORT(-0.98)[-0.975,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(-1.75)[ipnet: 208.69.40.0/22(-4.81), asn: 32329(-3.90), country: US(-0.05)]; ASN(0.00)[asn:32329, ipnet:208.69.40.0/22, country:US]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(0.00)[monkeybrains.net:s=dkim]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[monkeybrains.net.dwl.dnswl.org : 127.0.5.1]; BAD_REP_POLICIES(0.10)[]; URIBL_PBL(0.01)[calomel.org]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Aug 2019 15:52:52 -0000 On 8/20/19 10:43 PM, moridin wrote: > systat -ifstat -pps Awesome, that was the command I needed for PPS.  Chalk it up to Another re-inventing the wheel! The script does spotlight Checksum Errors on the Intel ethernet ports - should I be concerned with those errors? #sysctl dev.ix. | grep checksum dev.ix.3.mac_stats.checksum_errs: 26 dev.ix.2.mac_stats.checksum_errs: 20844466 dev.ix.1.mac_stats.checksum_errs: 16621802 dev.ix.0.mac_stats.checksum_errs: 8562140 netstat -i" doesn't show any errors. I am reading up on tuning for a router here:  https://people.freebsd.org/~olivier/talks/2018_AsiaBSDCon_Tuning_FreeBSD_for_routing_and_firewalling-Paper.pdf and here:  https://calomel.org/freebsd_network_tuning.html Adding in " -tso4 -tso6 -lro" flags as well as adjusting the kern.random.harvest.mask - I keep hoping one of them will help with the +Checksum Errors, but I guess if the packets are bad getting to the box, then the errors are what they are: errors. Rudy From owner-freebsd-net@freebsd.org Fri Aug 23 03:51:46 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9DDBAD962F for ; Fri, 23 Aug 2019 03:51:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46F6sG3kRsz4GHT for ; Fri, 23 Aug 2019 03:51:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 7F7E4D962E; Fri, 23 Aug 2019 03:51:46 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7F3D2D962D for ; Fri, 23 Aug 2019 03:51:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46F6sG2nqdz4GHS for ; Fri, 23 Aug 2019 03:51:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 427B5ECA5 for ; Fri, 23 Aug 2019 03:51:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7N3pkBj015547 for ; Fri, 23 Aug 2019 03:51:46 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7N3pkNY015538 for net@FreeBSD.org; Fri, 23 Aug 2019 03:51:46 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 225792] ECMP is broken since tryforward() Date: Fri, 23 Aug 2019 03:51:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: koobs@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 03:51:46 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225792 Kubilay Kocak changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |koobs@FreeBSD.org --- Comment #1 from Kubilay Kocak --- Created attachment 206809 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D206809&action= =3Dedit ip_tryforward_rout_mpath @Olivier I assume this is still an issue in stable/11,12 and CURRENT, can y= ou confirm? ^Triage: Attach patch from Ermal (eri@) on the mailing list thread, which m= ay (likely?) need a re-base against latest CURRENT --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 23 03:53:00 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 201D8D976C for ; Fri, 23 Aug 2019 03:53:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46F6th04dpz4GQl for ; Fri, 23 Aug 2019 03:53:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 02969D975D; Fri, 23 Aug 2019 03:53:00 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 025A7D975C for ; Fri, 23 Aug 2019 03:53:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46F6tg6G3gz4GQh for ; Fri, 23 Aug 2019 03:52:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B8C44ECF6 for ; Fri, 23 Aug 2019 03:52:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7N3qxm3066342 for ; Fri, 23 Aug 2019 03:52:59 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7N3qxcT066336 for net@FreeBSD.org; Fri, 23 Aug 2019 03:52:59 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 225792] ECMP is broken since tryforward() Date: Fri, 23 Aug 2019 03:52:59 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: koobs@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: mfc-stable11? mfc-stable12? X-Bugzilla-Changed-Fields: bug_severity bug_status cc flagtypes.name Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 03:53:00 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225792 Kubilay Kocak changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Affects Only Me |Affects Some People Status|New |Open CC| |ae@FreeBSD.org Flags| |mfc-stable11?, | |mfc-stable12? --- Comment #2 from Kubilay Kocak --- Add ae@ to CC as they mentioned some code would need to be written (which w= as), in case they can assist with review --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 23 04:27:18 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BF93BD9EC8 for ; Fri, 23 Aug 2019 04:27:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46F7fG4jCwz4Hbb for ; Fri, 23 Aug 2019 04:27:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id A16ACD9EC7; Fri, 23 Aug 2019 04:27:18 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A11FDD9EC6 for ; Fri, 23 Aug 2019 04:27:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46F7fG3WGNz4HbZ for ; Fri, 23 Aug 2019 04:27:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 55D95F29B for ; Fri, 23 Aug 2019 04:27:18 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7N4RIIb066271 for ; Fri, 23 Aug 2019 04:27:18 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7N4RIU2066270 for net@FreeBSD.org; Fri, 23 Aug 2019 04:27:18 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 219428] em network driver broken in current Date: Fri, 23 Aug 2019 04:27:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: russ.haley@gmail.com X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 04:27:18 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D219428 Russell Haley changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |russ.haley@gmail.com --- Comment #25 from Russell Haley --- I've been having intermittent network problems on a SuperMicro Server. My computer is exhibiting a similar pathology as Mr. Sergey V. Dyatkos'. I'm serving Minecraft to an internal network over a dlink powerline ethernet modem. It seems over the last few days the powerline network has been going= up and down, which eventually causes the "TX(5) desc avail =3D 1024" error. My system uses the igb driver. russellh@sylvester:~> uname -a FreeBSD sylvester 12.0-RELEASE-p3 FreeBSD 12.0-RELEASE-p3 r346787 GENERIC=20 amd64 russellh@sylvester:~> pciconf -lv #SNIP# igb0@pci0:2:0:0: class=3D0x020000 card=3D0x10c915d9 chip=3D0x10c9808= 6 rev=3D0x01 hdr=3D0x00 vendor =3D 'Intel Corporation' device =3D '82576 Gigabit Network Connection' class =3D network subclass =3D ethernet --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 23 07:07:30 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 90921DC296 for ; Fri, 23 Aug 2019 07:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46FCC63MTQz4QLW for ; Fri, 23 Aug 2019 07:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 71427DC295; Fri, 23 Aug 2019 07:07:30 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 71029DC294 for ; Fri, 23 Aug 2019 07:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FCC62Mdwz4QLT for ; Fri, 23 Aug 2019 07:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 33D4618F51 for ; Fri, 23 Aug 2019 07:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7N77Udq069441 for ; Fri, 23 Aug 2019 07:07:30 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7N77UU3069440 for net@FreeBSD.org; Fri, 23 Aug 2019 07:07:30 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 225792] ECMP is broken since tryforward() Date: Fri, 23 Aug 2019 07:07:28 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: olivier@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: mfc-stable11? mfc-stable12? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 07:07:30 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225792 --- Comment #3 from Olivier Cochard --- (In reply to Kubilay Kocak from comment #1) Yes this is still in issue on stable/11/12/current. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 23 10:12:04 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A14BFC00B4 for ; Fri, 23 Aug 2019 10:12:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46FHJ43sl0z4ZQQ for ; Fri, 23 Aug 2019 10:12:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 84C7AC00B3; Fri, 23 Aug 2019 10:12:04 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 848E8C00B2 for ; Fri, 23 Aug 2019 10:12:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FHJ4327yz4ZQN for ; Fri, 23 Aug 2019 10:12:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4A4531B171 for ; Fri, 23 Aug 2019 10:12:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7NAC4bI016741 for ; Fri, 23 Aug 2019 10:12:04 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7NAC4Aj016739 for net@FreeBSD.org; Fri, 23 Aug 2019 10:12:04 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 239799] IP_MINTTL broken Date: Fri, 23 Aug 2019 10:12:04 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 10:12:04 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239799 --- Comment #2 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Fri Aug 23 10:11:11 UTC 2019 New revision: 351419 URL: https://svnweb.freebsd.org/changeset/base/351419 Log: MFC r350974: Since ipvoly is used for checksum calculation, part of original IP header is zeroed. This part includes ip_ttl field, that can be used later in IP_MINTTL socket option handling. PR: 239799 Changes: _U stable/12/ stable/12/sys/netinet/tcp_input.c --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 23 10:13:06 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A1A70C0215 for ; Fri, 23 Aug 2019 10:13:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46FHKG3mxTz4Zm2 for ; Fri, 23 Aug 2019 10:13:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 81828C0214; Fri, 23 Aug 2019 10:13:06 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 81454C0213 for ; Fri, 23 Aug 2019 10:13:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FHKG2sj8z4Zm0 for ; Fri, 23 Aug 2019 10:13:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 444EB1B1A2 for ; Fri, 23 Aug 2019 10:13:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7NAD6b4021207 for ; Fri, 23 Aug 2019 10:13:06 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7NAD6RO021206 for net@FreeBSD.org; Fri, 23 Aug 2019 10:13:06 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 239799] IP_MINTTL broken Date: Fri, 23 Aug 2019 10:13:06 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 10:13:06 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239799 --- Comment #3 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Fri Aug 23 10:12:42 UTC 2019 New revision: 351420 URL: https://svnweb.freebsd.org/changeset/base/351420 Log: MFC r350974: Save ip_ttl value and restore it after checksum calculation. Since ipvoly is used for checksum calculation, part of original IP header is zeroed. This part includes ip_ttl field, that can be used later in IP_MINTTL socket option handling. PR: 239799 Changes: _U stable/11/ stable/11/sys/netinet/tcp_input.c --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 23 10:13:48 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 34745C030A for ; Fri, 23 Aug 2019 10:13:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46FHL40ctrz4ZrN for ; Fri, 23 Aug 2019 10:13:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 14CF9C0306; Fri, 23 Aug 2019 10:13:48 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1495FC0305 for ; Fri, 23 Aug 2019 10:13:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FHL36mjFz4ZrL for ; Fri, 23 Aug 2019 10:13:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CB2D11B1AB for ; Fri, 23 Aug 2019 10:13:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7NADl24022166 for ; Fri, 23 Aug 2019 10:13:47 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7NADl5O022165 for net@FreeBSD.org; Fri, 23 Aug 2019 10:13:47 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 239799] IP_MINTTL broken Date: Fri, 23 Aug 2019 10:13:47 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc assigned_to bug_status resolution Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 10:13:48 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239799 Andrey V. Elsukov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ae@FreeBSD.org Assignee|net@FreeBSD.org |ae@FreeBSD.org Status|New |Closed Resolution|--- |FIXED --- Comment #4 from Andrey V. Elsukov --- Fixed in head/, stable/12 and stable/11. Thanks! --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Fri Aug 23 14:02:06 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5A86DC63DB for ; Fri, 23 Aug 2019 14:02:06 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46FNPV0njXz3KD9 for ; Fri, 23 Aug 2019 14:02:06 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: by mailman.nyi.freebsd.org (Postfix) id 1B141C63DA; Fri, 23 Aug 2019 14:02:06 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1ACF2C63D9 for ; Fri, 23 Aug 2019 14:02:06 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: from mail-io1-xd34.google.com (mail-io1-xd34.google.com [IPv6:2607:f8b0:4864:20::d34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FNPT1RYGz3KD7 for ; Fri, 23 Aug 2019 14:02:04 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: by mail-io1-xd34.google.com with SMTP id t3so20222243ioj.12 for ; Fri, 23 Aug 2019 07:02:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=vS64sjvNsD70MBj7c78Yvgmkhg3wX/X2nkqDlZ5tGEo=; b=Hkfx77TGv2uCT62lNkvq7F2jh40fqziIyiSps3617RLDGEFDoAIa2D9S5zycJKxC16 0IEQYX2Te+K+33ms7b/l0I5oRCdDvnh/VjH1YLox/N2V9I8fTJjFiJn2QQqwlO7Q0mhE zVhBUA4dDP8SBbqM+NeA6wbF5lml6uSo1LfHinCNsW79un2Jxq2pnbm6rmkUtZY+WcqS pV1GtvxJfE6B35n4/2q35Qaa/jkmhpscdIQyMZ/3J5KtDjqH6c0h+tpJIZFLmyspeM1q e71+uGpekkaUnq7n9B8Nq8vt198kW25tZZChabSSDYAi7kOm2LGOIpRmT8NggmigIFQr 2UUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=vS64sjvNsD70MBj7c78Yvgmkhg3wX/X2nkqDlZ5tGEo=; b=s+qIhNFe6oEG2lGZKiKCyyezuX3e6ZobbNjmIUKl8zUT0Cn+UnkWI9Nwy6MpKeTpQk B6kbwub3FzBjGEf/mua0DPuo0EWXePl3MraC7aCJXQrxw/Usg1mnPImKVxqdUm+adxnq Vn6LdtZDYZOwP+nl0VHG1RB2rc5fGVoLc1BOxF7XdrI+DMNwQi8vCIk0T2Tk1RthQpve UMmxrkBeJuS7YvH9dng8LjHhPyZiN7YObbUZ6NrL+WbLnpP9bCOVN27fPk70gedW6w9Y GcRFAn/K2/+hzLfVfn+aRV//cRd2lTG6gjDLglFvFs591f7DJpVQTIclzDKxUdKYu/Ac DCmg== X-Gm-Message-State: APjAAAVq4FGiAY/Jt8oIndZKnToxGJjJSZ2mtihY1OskZ0F6y3vEi9ml XkH2NzgEx/LWl/kerozDie+BgGq27PoGfypQjead+THD X-Google-Smtp-Source: APXvYqxkGtXYHBem4UcqKzX0IshZifi/qGr+v91mzM2ua6XpMk8lfNNeAMs+DaMd/0VGMF+PYy68eAzRrnFwATraIP0= X-Received: by 2002:a02:8409:: with SMTP id k9mr5005802jah.122.1566568922605; Fri, 23 Aug 2019 07:02:02 -0700 (PDT) MIME-Version: 1.0 From: Andrew White Date: Fri, 23 Aug 2019 15:01:51 +0100 Message-ID: Subject: 11.3 tcpdump amd64 linked libs To: net@freebsd.org X-Rspamd-Queue-Id: 46FNPT1RYGz3KD7 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=Hkfx77TG; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of andywhite@gmail.com designates 2607:f8b0:4864:20::d34 as permitted sender) smtp.mailfrom=andywhite@gmail.com X-Spamd-Result: default: False [-4.00 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[net@freebsd.org]; TO_DN_NONE(0.00)[]; IP_SCORE_FREEMAIL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; IP_SCORE(0.00)[ip: (-3.19), ipnet: 2607:f8b0::/32(-2.88), asn: 15169(-2.34), country: US(-0.05)]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[4.3.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_SHORT(-1.00)[-0.998,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 14:02:06 -0000 Hi I noticed that tcpdump (amd64) for 11.3-release is linked against additional libs than in 11.2, and also than i386 11.3 . I noticed after upgrading from 11.2 Ldd shows these additional libs for amd64 11.3 , anyone know why the difference ? libibverbs.so.1 => /lib/libibverbs.so.1 (0x801831000) libmlx5.so.1 => /lib/libmlx5.so.1 (0x801a40000) libthr.so.3 => /lib/libthr.so.3 (0x801e6e000) Andrew From owner-freebsd-net@freebsd.org Fri Aug 23 15:38:45 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C9A05C80E1 for ; Fri, 23 Aug 2019 15:38:45 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46FQY143Jgz3PJR for ; Fri, 23 Aug 2019 15:38:45 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: by mailman.nyi.freebsd.org (Postfix) id 890EDC80E0; Fri, 23 Aug 2019 15:38:45 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 88D10C80DF for ; Fri, 23 Aug 2019 15:38:45 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46FQY04lXvz3PJQ for ; Fri, 23 Aug 2019 15:38:43 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id x7NFcUiE060956 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Fri, 23 Aug 2019 18:38:34 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua x7NFcUiE060956 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id x7NFcUZ8060955; Fri, 23 Aug 2019 18:38:30 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Fri, 23 Aug 2019 18:38:30 +0300 From: Konstantin Belousov To: Andrew White Cc: net@freebsd.org Subject: Re: 11.3 tcpdump amd64 linked libs Message-ID: <20190823153830.GW71821@kib.kiev.ua> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.12.1 (2019-06-15) X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FROM, NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on tom.home X-Rspamd-Queue-Id: 46FQY04lXvz3PJQ X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=gmail.com (policy=none); spf=softfail (mx1.freebsd.org: 2001:470:d5e7:1::1 is neither permitted nor denied by domain of kostikbel@gmail.com) smtp.mailfrom=kostikbel@gmail.com X-Spamd-Result: default: False [-2.98 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; DMARC_POLICY_SOFTFAIL(0.10)[gmail.com : No valid SPF, No valid DKIM,none]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; R_SPF_SOFTFAIL(0.00)[~all]; IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.98)[-0.979,0]; RCPT_COUNT_TWO(0.00)[2]; IP_SCORE(0.00)[ip: (-2.65), ipnet: 2001:470::/32(-4.46), asn: 6939(-3.06), country: US(-0.05)]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2019 15:38:45 -0000 On Fri, Aug 23, 2019 at 03:01:51PM +0100, Andrew White wrote: > Hi > > I noticed that tcpdump (amd64) for 11.3-release is linked against > additional libs than in 11.2, and also than i386 11.3 . I noticed after > upgrading from 11.2 > > Ldd shows these additional libs for amd64 11.3 , anyone know why the > difference ? > > libibverbs.so.1 => /lib/libibverbs.so.1 (0x801831000) > libmlx5.so.1 => /lib/libmlx5.so.1 (0x801a40000) > libthr.so.3 => /lib/libthr.so.3 (0x801e6e000) libpcap/tcpdump can now sniff RDMA traffic, which requires linking with OFED libraries. From owner-freebsd-net@freebsd.org Sat Aug 24 00:30:44 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 57036D26D9 for ; Sat, 24 Aug 2019 00:30:44 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46FfLr0bJ0z4Qrs for ; Sat, 24 Aug 2019 00:30:44 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: by mailman.nyi.freebsd.org (Postfix) id 12474D26D8; Sat, 24 Aug 2019 00:30:44 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 12070D26D7 for ; Sat, 24 Aug 2019 00:30:44 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FfLq1S6Mz4Qrp for ; Sat, 24 Aug 2019 00:30:42 +0000 (UTC) (envelope-from andywhite@gmail.com) Received: by mail-io1-xd31.google.com with SMTP id p12so24137301iog.5 for ; Fri, 23 Aug 2019 17:30:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=fyRzmLYegSq1xexrFbY26j52HOHhZ3g3zyQDctDmQuo=; b=oYlODAq+nx0HQr6I06ACy61gnTmud6qd5kUfjT2FhZSmvzbzTsJs6LUBa4f0Xw+uyO FUr0wVuFzQkx8I2mLZBHe6wTHTLngm3mxJKLFLyQHXjU3O+tvtFeDdtD449Ne/E0lIq7 eGJWykza1J61/fvfZg+Xa7wR4w9EJjUnIzeQkPfA1lRrpMIVi3/G65DQG6w1TtXoyYrr Pl5/6q61wqDiT6RY2P32/sa9Dgn7PqxoTBrM8Wheo0UdIJWEQREtyERoRNgiFIYR5Bbg XjFzp99IBOvm6wmPhHuHvgE5hoyK7LDFTwjNwvIPqNU1328I9U0aLI++2BLk85cGRhM3 D4MQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=fyRzmLYegSq1xexrFbY26j52HOHhZ3g3zyQDctDmQuo=; b=MlkO/+g6bg2Y85ehyZ/rMNzM+xg5Yd1FBJwYEmOfgQ5Kh043LgkYdaEl8zKtbGH9dx 4ly0KJynt+Z/5aLWcT6tkbhBUNm99wOmPN72wvYbYMSD9nbIHmeWkwv742uVwgo0rvI+ XULdOrGe9P929AdD0+SlE7vpFoJXg4Fown2dYMesHU3OVMxDYagj9G2VlU6z8JCnkPGM AsUnynqk/t0l57xyEw3JoNXHChY5Attv7Ne7DY3js47maJgY//8TWUGcxz1MrRTNpYlM vbgNqbiy1k1HEJxHatDeXo/gv/OyfPxjoBsiwLy/MW8Jd6RHW/pH5nDKiS8l5jEHF8UX nieA== X-Gm-Message-State: APjAAAXmSVFIO4nqI5igyGaitXCSqCEAW/HzzVDJVHIScb2CRScbImij Ffld5bhj7sZ7r0mkRRmTF1HvaCxiSiooDIfZSngG6A== X-Google-Smtp-Source: APXvYqzNcJYSgv1Q0Ll9vsFZW+pDT7aRzDuxxtfofB8M5m8DF/eV5lybO96Dmr6gXyahVaYVrqLfZsPjebVJb28gSlA= X-Received: by 2002:a6b:d006:: with SMTP id x6mr10126117ioa.218.1566606641545; Fri, 23 Aug 2019 17:30:41 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Andrew White Date: Sat, 24 Aug 2019 01:30:30 +0100 Message-ID: Subject: Re: 11.3 tcpdump amd64 linked libs To: net@freebsd.org X-Rspamd-Queue-Id: 46FfLq1S6Mz4Qrp X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=oYlODAq+; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of andywhite@gmail.com designates 2607:f8b0:4864:20::d31 as permitted sender) smtp.mailfrom=andywhite@gmail.com X-Spamd-Result: default: False [-4.00 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[net@freebsd.org]; TO_DN_NONE(0.00)[]; IP_SCORE_FREEMAIL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; IP_SCORE(0.00)[ip: (-5.36), ipnet: 2607:f8b0::/32(-2.87), asn: 15169(-2.34), country: US(-0.05)]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[1.3.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_SHORT(-1.00)[-0.998,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 00:30:44 -0000 I got to look at this a bit closer, seems amd64 builds libpcap with support for infiniband, via OFED. On Fri, Aug 23, 2019 at 3:01 PM Andrew White wrote: > Hi > > I noticed that tcpdump (amd64) for 11.3-release is linked against > additional libs than in 11.2, and also than i386 11.3 . I noticed after > upgrading from 11.2 > > Ldd shows these additional libs for amd64 11.3 , anyone know why the > difference ? > > libibverbs.so.1 => /lib/libibverbs.so.1 (0x801831000) > libmlx5.so.1 => /lib/libmlx5.so.1 (0x801a40000) > libthr.so.3 => /lib/libthr.so.3 (0x801e6e000) > > Andrew > > > > > From owner-freebsd-net@freebsd.org Sat Aug 24 11:12:30 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6A049DD1C8 for ; Sat, 24 Aug 2019 11:12:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46FwbL2Blwz4s2H for ; Sat, 24 Aug 2019 11:12:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 4B522DD1C7; Sat, 24 Aug 2019 11:12:30 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4B1D5DD1C6 for ; Sat, 24 Aug 2019 11:12:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FwbL1K9Vz4s2G for ; Sat, 24 Aug 2019 11:12:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 28C1344C8 for ; Sat, 24 Aug 2019 11:12:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7OBCU7k040666 for ; Sat, 24 Aug 2019 11:12:30 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7OBCU7T040665 for net@FreeBSD.org; Sat, 24 Aug 2019 11:12:30 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 240023] netmap lb pointer out of bounds on ixgbe Date: Sat, 24 Aug 2019 11:12:29 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.3-RELEASE X-Bugzilla-Keywords: IntelNetworking X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: keywords assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 11:12:30 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D240023 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |IntelNetworking Assignee|bugs@FreeBSD.org |net@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sat Aug 24 11:28:03 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 92970DD601 for ; Sat, 24 Aug 2019 11:28:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46FwxH3RSHz4sWt for ; Sat, 24 Aug 2019 11:28:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 73FBFDD600; Sat, 24 Aug 2019 11:28:03 +0000 (UTC) Delivered-To: net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 73C14DD5FF for ; Sat, 24 Aug 2019 11:28:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46FwxH2SKnz4sWr for ; Sat, 24 Aug 2019 11:28:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 373CB469A for ; Sat, 24 Aug 2019 11:28:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x7OBS3ua080428 for ; Sat, 24 Aug 2019 11:28:03 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x7OBS3pX080427 for net@FreeBSD.org; Sat, 24 Aug 2019 11:28:03 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 239982] IPv6 network stack panics since upgrading to 11.3 Date: Sat, 24 Aug 2019 11:28:02 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.3-RELEASE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: keywords assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 11:28:03 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239982 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |regression Assignee|bugs@FreeBSD.org |net@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-net@freebsd.org Sat Aug 24 18:14:01 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C7DCFC65C4 for ; Sat, 24 Aug 2019 18:14:01 +0000 (UTC) (envelope-from vit@otcnet.ru) Received: from mail.otcnet.ru (mail.otcnet.ru [194.190.78.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46G5xh5hq0z3yM1 for ; Sat, 24 Aug 2019 18:14:00 +0000 (UTC) (envelope-from vit@otcnet.ru) Received: from Victors-MacBook-Air-2.local (unknown [195.91.148.145]) by mail.otcnet.ru (Postfix) with ESMTPSA id 030F0899E4 for ; Sat, 24 Aug 2019 21:13:51 +0300 (MSK) From: Victor Gamov Organization: OTCnet To: freebsd-net@freebsd.org Subject: finding optimal ipfw strategy Message-ID: Date: Sat, 24 Aug 2019 21:13:49 +0300 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 46G5xh5hq0z3yM1 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of vit@otcnet.ru designates 194.190.78.3 as permitted sender) smtp.mailfrom=vit@otcnet.ru X-Spamd-Result: default: False [-2.59 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-0.98)[-0.980,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+a:mail.otcnet.ru]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; HAS_ORG_HEADER(0.00)[]; DMARC_NA(0.00)[otcnet.ru]; NEURAL_HAM_LONG(-1.00)[-0.996,0]; NEURAL_HAM_SHORT(-0.41)[-0.414,0]; IP_SCORE(0.00)[country: RU(0.01)]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:50822, ipnet:194.190.78.0/24, country:RU]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 18:14:01 -0000 Hi All I have nonstandard network task for my FreeBSD box: many VLANs bridged together via bridge interface and specific multicast traffic must be send from one VLAN to many (but not all) other VLANs. I use ipfw to block traffic on unwanted outgoing interfaces. And my answer: which ipfw rules more optimal 1 or 2 (see 1 and 2 later) when I have about 100 incoming multicast and about 100 vlans? 1 ===== ipfw table Mcast1_iface_out create type iface ipfw table Mcast1_iface_out add vlan20 ipfw table Mcast1_iface_out add vlan30 ipfw table Mcast1_iface_out add vlan40 ipfw add 25000 allow udp from IP1 to mcast1 out via table(Mcast1_iface_out) ipfw table Mcast2_iface_out create type iface ipfw table Mcast2_iface_out add vlan20 ipfw table Mcast2_iface_out add vlan30 ipfw add 35000 allow udp from IP1 to mcast2 out via table(Mcast2_iface_out) ipfw table All_vlans create type iface ipfw table All_vlans add vlan20 ipfw table All_vlans add vlan30 ipfw table All_vlans add vlan40 ipfw add 50000 deny udp from any to any via table(All_vlans) ===== 2 ===== ipfw table Mcast_vlan20_out create type addr ipfw table Mcast_vlan20_out add 232.10.20.1/32 ipfw table Mcast_vlan20_out add 232.10.20.2/32 ipfw table Mcast_vlan20_out add 232.10.20.3/32 ipfw add 25000 allow udp from IP1 to table(Mcast_vlan20_out) out via vlan20 ipfw add 25001 deny udp from any to any via vlan20 ipfw table Mcast_vlan30_out create type addr ipfw table Mcast_vlan30_out add 232.10.20.1/32 ipfw table Mcast_vlan30_out add 232.10.20.2/32 ipfw table Mcast_vlan30_out add 232.10.55.5/32 ipfw add 35000 allow udp from IP1 to table(Mcast_vlan30_out) out via vlan30 ipfw add 35001 deny udp from any to any via vlan30 ===== Thanks for your advise! -- CU, Victor Gamov From owner-freebsd-net@freebsd.org Sat Aug 24 19:34:36 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 36A54C8494 for ; Sat, 24 Aug 2019 19:34:36 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 46G7kg0DNzz42lG for ; Sat, 24 Aug 2019 19:34:34 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id x7OJYGr8012622 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 24 Aug 2019 19:34:20 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: vit@otcnet.ru Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id x7OJY8MP050593 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 25 Aug 2019 02:34:08 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: finding optimal ipfw strategy To: Victor Gamov , freebsd-net@freebsd.org References: From: Eugene Grosbein Message-ID: <4ff39c8f-341c-5d72-1b26-6558c57bff8d@grosbein.net> Date: Sun, 25 Aug 2019 02:34:00 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * -0.0 SPF_PASS SPF: sender matches SPF record * 2.6 LOCAL_FROM From my domains X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 46G7kg0DNzz42lG X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=permerror (mx1.freebsd.org: domain of eugen@grosbein.net uses mechanism not recognized by this client) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-4.35 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_PERMFAIL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.98)[-0.976,0]; IP_SCORE(-1.27)[ip: (-2.54), ipnet: 2a01:4f8::/29(-1.96), asn: 24940(-1.85), country: DE(-0.01)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 19:34:36 -0000 25.08.2019 1:13, Victor Gamov wrote: > I have nonstandard network task for my FreeBSD box: > many VLANs bridged together via bridge interface and specific multicast traffic must be send > from one VLAN to many (but not all) other VLANs. It is quite standard filtering bridge :-) > I use ipfw to block traffic on unwanted outgoing interfaces. > > And my answer: which ipfw rules more optimal 1 or 2 (see 1 and 2 later) when I have about 100 incoming multicast and about 100 vlans? > > 1 > ===== > ipfw table Mcast1_iface_out create type iface > ipfw table Mcast1_iface_out add vlan20 > ipfw table Mcast1_iface_out add vlan30 > ipfw table Mcast1_iface_out add vlan40 > ipfw add 25000 allow udp from IP1 to mcast1 out via table(Mcast1_iface_out) If you are concerned of performance, general rule applies: less checks, better performance. First, use 'out xmit' instead of 'out via'. They are semantically equal and this is micro-optimization but it still saves extra check unneeded when combined with "out" keyword. Also, you should use old table numbers instead of new symbolic table names when you have many rules checking for interface names and much traffic because checks for numbered tables are slightly more efficient. You may use symbolic names still at source level: Mcast1_iface_out=1 ipfw table $Mcast1_iface_out create type iface Also, use table arguments and not only table values, do not ignore their existence: ipfw table $Mcast1_iface_out add vlan20 $mcast11 ipfw table $Mcast1_iface_out add vlan20 $mcast12 ipfw table $Mcast1_iface_out add vlan20 $mcast13 ipfw add 25000 allow udp from IP1 to tablearg out xmit "table($Mcast1_iface_out)" Note there is one single checking ipfw rules for all used pairs ($Mcast1_iface_out, $mcastXX) and this time it is not micro-optimization but very important one when you have plenty of mcastXX. Both of your first and second rulesets are less efficient comparing this one using tableargs. From owner-freebsd-net@freebsd.org Sat Aug 24 20:11:24 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3D109C9ADA for ; Sat, 24 Aug 2019 20:11:24 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 46G8Y72qw1z46L8 for ; Sat, 24 Aug 2019 20:11:22 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id x7OKBJVs012955 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 24 Aug 2019 20:11:20 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: vit@otcnet.ru Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id x7OKBFSM051514 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 25 Aug 2019 03:11:16 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: finding optimal ipfw strategy To: Victor Gamov , freebsd-net@freebsd.org References: <4ff39c8f-341c-5d72-1b26-6558c57bff8d@grosbein.net> From: Eugene Grosbein Message-ID: <7ca629bd-065b-549a-37f4-cd41d18f83e3@grosbein.net> Date: Sun, 25 Aug 2019 03:11:08 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <4ff39c8f-341c-5d72-1b26-6558c57bff8d@grosbein.net> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * -0.0 SPF_PASS SPF: sender matches SPF record * 2.6 LOCAL_FROM From my domains X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 46G8Y72qw1z46L8 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=permerror (mx1.freebsd.org: domain of eugen@grosbein.net uses mechanism not recognized by this client) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-4.38 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_PERMFAIL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.98)[-0.977,0]; IP_SCORE(-1.30)[ip: (-2.70), ipnet: 2a01:4f8::/29(-1.96), asn: 24940(-1.85), country: DE(-0.01)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 20:11:24 -0000 25.08.2019 2:34, Eugene Grosbein wrote: > Also, use table arguments and not only table values, do not ignore their existence: > > ipfw table $Mcast1_iface_out add vlan20 $mcast11 > ipfw table $Mcast1_iface_out add vlan20 $mcast12 > ipfw table $Mcast1_iface_out add vlan20 $mcast13 > ipfw add 25000 allow udp from IP1 to tablearg out xmit "table($Mcast1_iface_out)" > > Note there is one single checking ipfw rules for all used pairs ($Mcast1_iface_out, $mcastXX) > and this time it is not micro-optimization but very important one when you have plenty of mcastXX. I have to correct myself: ipfw table cannot contain multiple values differing with arguments only, so we should rewrite commands this way: first table contains just list of used multicast destination IPs: Mcast_addr_out=1 ipfw table $Mcast_addr_out create type addr ipfw table $Mcast_addr_out add $mcast11 25012 # use range of rules 25012-49999 ipfw table $Mcast_addr_out add $mcast12 25014 # increment rule number by 2 ipfw table $Mcast_addr_out add $mcast13 25016 And you have multiple tables for list of interfaces, one table per multicast destination: Mcast1_iface_out=2 ipfw table $Mcast1_iface_out create type iface ipfw table $Mcast1_iface_out add vlan20 ipfw table $Mcast1_iface_out add vlan22 ipfw table $Mcast1_iface_out add vlan39 Then you start filtering by splitting traffic by destination IP that is most efficient: ipfw add 25000 skipto tablearg from $IP1 to "table($Mcast_addr_out)" ipfw add 25010 deny udp from $your_multicast_range to any ipfw add 25011 skipto 50000 ip from any to any # past this set of checks Only traffic destined for specific IP hits the rule checking for outgoing interface: ipfw add 25012 allow udp from any to any out xmit "table($Mcast1_iface_out)" ipfw add 25013 deny udp from any to any ipfw add 25014 allow udp from any to any out xmit "table($Mcast2_iface_out)" ipfw add 25015 deny udp from any to any And so on. From owner-freebsd-net@freebsd.org Sat Aug 24 20:44:25 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A7FFBCAB8E for ; Sat, 24 Aug 2019 20:44:25 +0000 (UTC) (envelope-from vit@otcnet.ru) Received: from mail.otcnet.ru (mail.otcnet.ru [194.190.78.3]) by mx1.freebsd.org (Postfix) with ESMTP id 46G9HD5LDCz48PF for ; Sat, 24 Aug 2019 20:44:24 +0000 (UTC) (envelope-from vit@otcnet.ru) Received: from Victors-MacBook-Air-2.local (unknown [195.91.148.145]) by mail.otcnet.ru (Postfix) with ESMTPSA id 97531899FA; Sat, 24 Aug 2019 23:44:22 +0300 (MSK) Subject: Re: finding optimal ipfw strategy To: Eugene Grosbein , freebsd-net@freebsd.org References: <4ff39c8f-341c-5d72-1b26-6558c57bff8d@grosbein.net> <7ca629bd-065b-549a-37f4-cd41d18f83e3@grosbein.net> From: Victor Gamov Organization: OTCnet Message-ID: Date: Sat, 24 Aug 2019 23:44:21 +0300 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <7ca629bd-065b-549a-37f4-cd41d18f83e3@grosbein.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 46G9HD5LDCz48PF X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of vit@otcnet.ru designates 194.190.78.3 as permitted sender) smtp.mailfrom=vit@otcnet.ru X-Spamd-Result: default: False [-2.56 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.990,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a:mail.otcnet.ru:c]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[otcnet.ru]; HAS_ORG_HEADER(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.37)[-0.372,0]; RCPT_COUNT_TWO(0.00)[2]; IP_SCORE(0.00)[country: RU(0.01)]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:50822, ipnet:194.190.78.0/24, country:RU]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 20:44:25 -0000 Eugene Many thanks for your reply! I need to read more about tablearg and then modify my current production rules step by step. Thank you again! On 24/08/2019 23:11, Eugene Grosbein wrote: > 25.08.2019 2:34, Eugene Grosbein wrote: > >> Also, use table arguments and not only table values, do not ignore their existence: >> >> ipfw table $Mcast1_iface_out add vlan20 $mcast11 >> ipfw table $Mcast1_iface_out add vlan20 $mcast12 >> ipfw table $Mcast1_iface_out add vlan20 $mcast13 >> ipfw add 25000 allow udp from IP1 to tablearg out xmit "table($Mcast1_iface_out)" >> >> Note there is one single checking ipfw rules for all used pairs ($Mcast1_iface_out, $mcastXX) >> and this time it is not micro-optimization but very important one when you have plenty of mcastXX. > > I have to correct myself: ipfw table cannot contain multiple values differing with arguments only, > so we should rewrite commands this way: first table contains just list of used multicast destination IPs: > > Mcast_addr_out=1 > ipfw table $Mcast_addr_out create type addr > ipfw table $Mcast_addr_out add $mcast11 25012 # use range of rules 25012-49999 > ipfw table $Mcast_addr_out add $mcast12 25014 # increment rule number by 2 > ipfw table $Mcast_addr_out add $mcast13 25016 > > And you have multiple tables for list of interfaces, one table per multicast destination: > > Mcast1_iface_out=2 > ipfw table $Mcast1_iface_out create type iface > ipfw table $Mcast1_iface_out add vlan20 > ipfw table $Mcast1_iface_out add vlan22 > ipfw table $Mcast1_iface_out add vlan39 > > Then you start filtering by splitting traffic by destination IP that is most efficient: > > ipfw add 25000 skipto tablearg from $IP1 to "table($Mcast_addr_out)" > ipfw add 25010 deny udp from $your_multicast_range to any > ipfw add 25011 skipto 50000 ip from any to any # past this set of checks > > Only traffic destined for specific IP hits the rule checking for outgoing interface: > > ipfw add 25012 allow udp from any to any out xmit "table($Mcast1_iface_out)" > ipfw add 25013 deny udp from any to any > > ipfw add 25014 allow udp from any to any out xmit "table($Mcast2_iface_out)" > ipfw add 25015 deny udp from any to any > > And so on. -- CU, Victor Gamov From owner-freebsd-net@freebsd.org Sat Aug 24 21:42:25 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7273FCC108 for ; Sat, 24 Aug 2019 21:42:25 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 46GBZ82DZTz4CBQ for ; Sat, 24 Aug 2019 21:42:23 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id x7OLgIu7013687 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 24 Aug 2019 21:42:19 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: vit@otcnet.ru Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id x7OLg9rC052443 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 25 Aug 2019 04:42:09 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: finding optimal ipfw strategy To: Victor Gamov , freebsd-net@freebsd.org References: <4ff39c8f-341c-5d72-1b26-6558c57bff8d@grosbein.net> <7ca629bd-065b-549a-37f4-cd41d18f83e3@grosbein.net> From: Eugene Grosbein Message-ID: Date: Sun, 25 Aug 2019 04:42:02 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * -0.0 SPF_PASS SPF: sender matches SPF record * 2.6 LOCAL_FROM From my domains X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 46GBZ82DZTz4CBQ X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=permerror (mx1.freebsd.org: domain of eugen@grosbein.net uses mechanism not recognized by this client) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-4.41 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_PERMFAIL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.98)[-0.978,0]; IP_SCORE(-1.34)[ip: (-2.86), ipnet: 2a01:4f8::/29(-1.96), asn: 24940(-1.85), country: DE(-0.01)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 21:42:25 -0000 25.08.2019 3:44, Victor Gamov wrote: > Eugene > > Many thanks for your reply! > > I need to read more about tablearg and then modify my current production rules step by step. Also, rules like "ipfw add 25013 deny udp from any to any" should be simplified to "ipfw add 25013 deny ip from any to any" because only needed UDP packets hit these rules and we can save another check for protocol type. From owner-freebsd-net@freebsd.org Sat Aug 24 22:03:29 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6BBCACC59C for ; Sat, 24 Aug 2019 22:03:29 +0000 (UTC) (envelope-from yuri@rawbw.com) Received: from shell1.rawbw.com (shell1.rawbw.com [198.144.192.42]) by mx1.freebsd.org (Postfix) with ESMTP id 46GC2R6hsxz4CnQ for ; Sat, 24 Aug 2019 22:03:27 +0000 (UTC) (envelope-from yuri@rawbw.com) Received: from yv.noip.me (c-67-180-169-236.hsd1.ca.comcast.net [67.180.169.236]) (authenticated bits=0) by shell1.rawbw.com (8.15.1/8.15.1) with ESMTPSA id x7OM3PFa053925 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sat, 24 Aug 2019 15:03:26 -0700 (PDT) (envelope-from yuri@rawbw.com) X-Authentication-Warning: shell1.rawbw.com: Host c-67-180-169-236.hsd1.ca.comcast.net [67.180.169.236] claimed to be yv.noip.me From: Yuri Subject: Trying to understand why the ipfw rules don't work on lo0 To: "freebsd-net@freebsd.org" Message-ID: Date: Sat, 24 Aug 2019 15:03:23 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 46GC2R6hsxz4CnQ X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of yuri@rawbw.com designates 198.144.192.42 as permitted sender) smtp.mailfrom=yuri@rawbw.com X-Spamd-Result: default: False [-5.72 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[236.169.180.67.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:198.144.192.32/27]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; DMARC_NA(0.00)[rawbw.com]; NEURAL_HAM_SHORT(-0.98)[-0.984,0]; RCVD_IN_DNSWL_NONE(0.00)[42.192.144.198.list.dnswl.org : 127.0.10.0]; TO_DN_EQ_ADDR_ALL(0.00)[]; IP_SCORE(-2.54)[ip: (-5.82), ipnet: 198.144.192.0/20(-3.11), asn: 7961(-3.71), country: US(-0.05)]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:7961, ipnet:198.144.192.0/20, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 22:03:29 -0000 I'm forwarding TCP connections coming to me on a particular port to the other interface. It works fine when the connection originates from the outside host. It doesn't work when the connection originates from my own host. The description is here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239590 Connections originating from my own host are automatically made on lo0, and the same ipfw rule that works on the physical network interface doesn't work on lo0. Is this a bug, or am I doing something wrong? Thank you, Yuri From owner-freebsd-net@freebsd.org Sat Aug 24 23:21:26 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D062CCE5EB for ; Sat, 24 Aug 2019 23:21:26 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 46GDmP6vNvz4HNV for ; Sat, 24 Aug 2019 23:21:25 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id x7ONLH2e016365 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 24 Aug 2019 23:21:21 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: yuri@rawbw.com Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id x7ONL88L053348 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 25 Aug 2019 06:21:08 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Trying to understand why the ipfw rules don't work on lo0 To: Yuri , "freebsd-net@freebsd.org" References: From: Eugene Grosbein Message-ID: <7b71d9a2-a565-96f2-898a-4ab215a708a4@grosbein.net> Date: Sun, 25 Aug 2019 06:21:00 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * -0.0 SPF_PASS SPF: sender matches SPF record * 2.6 LOCAL_FROM From my domains X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 46GDmP6vNvz4HNV X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=permerror (mx1.freebsd.org: domain of eugen@grosbein.net uses mechanism not recognized by this client) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-4.44 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_PERMFAIL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.97)[-0.973,0]; IP_SCORE(-1.36)[ip: (-3.00), ipnet: 2a01:4f8::/29(-1.96), asn: 24940(-1.85), country: DE(-0.01)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Aug 2019 23:21:26 -0000 25.08.2019 5:03, Yuri wrote: > I'm forwarding TCP connections coming to me on a particular port to the other interface. > It works fine when the connection originates from the outside host. > It doesn't work when the connection originates from my own host. > The description is here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239590 > Connections originating from my own host are automatically made on lo0, > and the same ipfw rule that works on the physical network interface doesn't work on lo0. > Is this a bug, or am I doing something wrong? Would you kindly ask questions of this type here first and leave Bugzilla for real bugs please? As for your question, you should make habit of using "log" keyword while debugging ipfw-related problems, for example: ipfw add 19001 nat 19001 log tcp from 192.168.5.3 to 192.168.5.3 3100 in recv lo0 This will write useful details to /var/log/security when a packet is matched by the rule. It will not add there anything if there are no matches. And if there are no matches and parameters are right, this generally means that packet is matched and consumed with some rule above. I presume your ruleset contains default rule "100 allow ip from any to any via lo0" that matches all local packets, so they have no change to hit your rule. Try changing 19001 to 90 so it catches packets earlier. If this does not help, show your full ruleset.