[Bug 269770] libalias udp redirect_port temporary translation failure

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269770

            Bug ID: 269770
           Summary: libalias udp redirect_port temporary translation
                    failure
           Product: Base System
           Version: 13.1-STABLE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: pmc@citylink.dinoex.sub.org

I occasionally observe temporary failures on my public UDP ports.

The problem seems to be with libalias when used for UDP port_redirect:

ipfw nat 3 config log same_ports unreg_only ip <public-ip> \
        redirect_port udp 192.168.xx.xx:5007 5006 \
        redirect_port tcp 192.168.xx.xx:5007 5006

02420     0       0 count log proto ip4 src-port 64000-64010
02425     0       0 nat 3 proto ip4
02430     0       0 count log proto ip4 src-port 64000-64010

Then randomly
# nc -u4p 64000 <public-ip> 5006
# nc -u4p 64001 <public-ip> 5006
# nc -u4p 64002 <public-ip> 5006

Feb 23 03:51:45 <security.info> edge kernel: [75643] ipfw-oper: 2420 Count UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:51:45 <security.info> edge kernel: [75643] ipfw-oper: 2430 Count UDP
91.12.117.156:64000 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:08 <security.info> edge kernel: [75666] ipfw-oper: 2420 Count UDP
91.12.117.156:64001 <public-ip>:5006 in via tun3
Feb 23 03:52:08 <security.info> edge kernel: [75666] ipfw-oper: 2430 Count UDP
91.12.117.156:64001 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:29 <security.info> edge kernel: [75687] ipfw-oper: 2420 Count UDP
91.12.117.156:64001 <public-ip>:5006 in via tun3
Feb 23 03:52:29 <security.info> edge kernel: [75687] ipfw-oper: 2430 Count UDP
91.12.117.156:64001 192.168.xx.xx:5007 in via tun3
Feb 23 03:52:36 <security.info> edge kernel: [75694] ipfw-oper: 2420 Count UDP
91.12.117.156:64001 51.158.21.23:5006 in via tun3
Feb 23 03:52:36 <security.info> edge kernel: [75694] ipfw-oper: 2430 Count UDP
91.12.117.156:64001 192.168.98.18:5007 in via tun3
Feb 23 03:52:56 <security.info> edge kernel: [75714] ipfw-oper: 2420 Count UDP
91.12.117.156:64002 <public-ip>:5006 in via tun3
Feb 23 03:52:56 <security.info> edge kernel: [75714] ipfw-oper: 2430 Count UDP
91.12.117.156:64002 192.168.xx.xx:5007 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2420 Count UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2430 Count UDP
91.12.117.156:64000 <public-ip>:5006 in via tun3
Feb 23 03:53:06 <security.info> edge kernel: [75724] ipfw-oper: 2685 Unreach 13
UDP 91.12.117.156:64000 <public-ip>:5006 in via tun3

In the beginning 64000 and 64001 get through.
Now only using 64001 for some time, and then
starting to use 64002, suddenly 64000 is no longer
translated. (Not always happens in that exact sequence.)

# ipfw nat show log
nat 2: icmp=32, udp=1, tcp=40, sctp=0, pptp=0, proto=0, frag_id=0 frag_ptr=0 /
tot=73
nat 3: icmp=0, udp=2, tcp=72, sctp=0, pptp=0, proto=0, frag_id=0 frag_ptr=0 /
tot=74

These udp= counters are changing meanwhile, but I don't get a clue
from it, and didn't find a way to log details.

Platform 13.2-BETA2 (but the problem is older)

-- 
You are receiving this mail because:
You are the assignee for the bug.