From nobody Thu Feb 06 23:21:48 2025
X-Original-To: bugs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YptR05XV8z5mF5K
	for <bugs@mlmmj.nyi.freebsd.org>; Thu, 06 Feb 2025 23:21:48 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4YptR04v7Cz3KLt
	for <bugs@FreeBSD.org>; Thu, 06 Feb 2025 23:21:48 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1738884108;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=FkYK9lLSBsJTJrEnpSeTBbCD1CJREZuah/O5LZenKVE=;
	b=J6xCzZmJEqFC7d6Vmx5UBODDx+jTqRVJQrScjyJTT+j86qLG1WSosbUEVyzywJKw/R3Iud
	FL2MEBNMJIRvACuQEBWXzypTIRE067xdEDfgTYv9nSDYB5lTh0gZq3Biri30U8C7G+TSRC
	QNBjsKMtaGbVyMKe/Lmf8Zk0ZT2AYXOMl/O40ppypWPB81jYyaLxhiuqASlqgQztJsGUiO
	CsebQgXMj6CeTT+Q6AvFUlStBkqqmsLM8OLciFBaqtiq4XHTxaXRXrNuCWMcZ9251I9kDb
	w47GSI3/JNBIhin0fpL45ZO/FuMiixIitvaZ7kphYMMAS7uJ2XNE58A56S068Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1738884108;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=FkYK9lLSBsJTJrEnpSeTBbCD1CJREZuah/O5LZenKVE=;
	b=n4vMh2TdwyX4XoPhs3pRnr34Lysz69rCjwstiw0etWEiU4wb0/RAzuZhNLOGVo32ox0cnW
	gHsKmlo89JvoDMOapBTGczEpj1WDQS8vuqJRa7Ew46a6N0wi6rr17UwBo6MgggTOcQz4mw
	MGzb7fcWsoAJxfXf+zZ3WI+ri9wKkJzllAL0hypZURKV6s4Y53FXZDju531JXWfhacOMCP
	IvzV7bQoqXKzvVP0tBq68D5hcNv9TDQr1Fhl4CzdOg68d99Ck9TfFX1DDTtXrxw2DRJ3fw
	FwmykhXTFRaAjG/tJS/hlT0t+ZqLGb8HkhnvdRt1b9pNEmVjEszpcjzH+At+rQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1738884108; a=rsa-sha256; cv=none;
	b=xWp8CjFAfgQjjz73Zimx6uO+X9P8/mTHELU+gDUfyVNXobojrFpzWs8c1J+0ZapKBXvow3
	7KHwfwa6DhQzVsjYLytlwBLcAA9UgffjL72/GrveswYnPGRctzIm337ED76GSQRphK6Uvz
	UkhHMnt/4JmHFiIANTYCj8fzXlhzIR8TmnUHz/hJY6ZpXeWF/3ZyKWTueFmil5HkWNydr2
	rOr96JwBMuvOmHKaHLP08lEotvAfL9xOLAtlMrbpBrke768LM9hkPTg8/qwBvbPFfbUjv4
	4SmcyRM/NJ1kGEibDY0Py5L2bxxKwk+gpSIEmzNidwreVa2A3fm+Y/Ue5kqRmg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YptR04W1JzywF
	for <bugs@FreeBSD.org>; Thu, 06 Feb 2025 23:21:48 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 516NLmMX017804
	for <bugs@FreeBSD.org>; Thu, 6 Feb 2025 23:21:48 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 516NLmVd017803
	for bugs@FreeBSD.org; Thu, 6 Feb 2025 23:21:48 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 284625] pf NAT with SMSC9512/9514 drops packets when RXCSUM is
 enabled (default setting)
Date: Thu, 06 Feb 2025 23:21:48 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.2-RELEASE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: jd@eyb.com.br
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
Message-ID: <bug-284625-227@https.bugs.freebsd.org/bugzilla/>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="UTF-8"
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-bugs
List-Help: <mailto:freebsd-bugs+help@freebsd.org>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Subscribe: <mailto:freebsd-bugs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-bugs+unsubscribe@freebsd.org>
Sender: owner-freebsd-bugs@FreeBSD.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D284625

            Bug ID: 284625
           Summary: pf NAT with SMSC9512/9514 drops packets when RXCSUM is
                    enabled (default setting)
           Product: Base System
           Version: 14.2-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: jd@eyb.com.br

The system under test is a Raspberry Pi 3B+, using the internal ethernet po=
rt,
which is connected to the USB bus. Here's the dmesg for the kernel module:

smsc0 on uhub1
smsc0: <vendor 0x0424 product 0xec00, rev 2.00/2.00, addr 3> on usbus1
smsc0: chip 0xec00, rev. 0002
miibus0: <MII bus> on smsc0
smscphy0: <SMC LAN8700 10/100 interface> PHY 1 on miibus0
smscphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
ue0: <USB Ethernet> on smsc0
smsc0: chip 0xec00, rev. 0002

and the usbconfig for the device:

ugen1.3: <SMSC9512/9514 Fast Ethernet Adapter Microchip Technology, Inc.
(formerly SMSC)> at usbus1, cfg=3D0 md=3DHOST spd=3DHIGH (480Mbps) pwr=3DON=
 (2mA)

Networking works fine on the host. When I set up some jails using Bastille,
with localhost networking (bastille0), I can send packets just fine (like
trying to "host mit.edu") and get a reply on the interface, but the jail do=
es
not see the reply packet. This happens for both TCP and UDP. I get the logs
using this in pf.conf:

nat log(all) on $ext_if from <jails> to any -> ($ext_if:0)

and then

tcpdump -i pflog0

I then did the exact same setup but connecting via a wifi interface (wlan0,
with ue0 disconnected) and it worked as expected (proper network access from
inside the jails, NAT working fine). I tried it with another external USB
ethernet adapter, and it also worked fine. So while debugging this, I tried
disabling RXCSUM on the ue0 interface, and the NATed reply packets instantly
started going through to the jails. So AFAICT there is some conflict between
the expected checksum and the computed one, and the packets are dropped dur=
ing
the NAT reply processing.

Please let me know if you need any testing.

cheers,
jd

--=20
You are receiving this mail because:
You are the assignee for the bug.=