Re: missing SYN/ACK for inbound TCP solved by altering broadcast address - why?
Date: Mon, 27 Jun 2022 12:41:08 UTC
W dniu 27.06.2022 o 13:44, Dave Cottlehuber pisze:
> I've found a workaround for this issue, but don't understand why this
> occurs. Reading RFC1122 has left me none the wiser. What am I missing?
> Is this a Linuxism or simple a standardisation loophole?
It has been standardized in RFC3021 over twenty years ago. FreeBSD
ifconfig(8) supports /31 netmask for a long time and the broadcast
address is correctly assigned in this case (255.255.255.255). Either
dhcp-options(5) "option broadcast-address" is missing on the DHCP server
or our dhclient(8) is misbehaving or maybe the Linux client is better in
figuring out the right broadcast address.
>
> ## Problem
>
> - on 13.1-R, dhclient-set config works for all UDP, & outbound TCP
> - but inbound TCP connections send no SYN/ACK at all back
> - on Linux Ubuntu 22.04 & others, the DHCP supplied IP config
> works as expected
>
> failing FreeBSD config from dhclient:
> inet 147.75.93.61 netmask 0xfffffffe broadcast 147.75.93.60
> ^^^^^^^^^^^^
>
> working Linux config (note broadcast)
> inet 147.75.93.61 netmask 0xfffffffe broadcast 255.255.255.254
> ^^^^^^^^^^^^^^^
>
> - full details below (dhcp lease, ifconfigs etc)
>
> I worked around this by forcing broadcast-address in dhclient.conf:
>
> ## /etc/dhclient.conf
> interface "ice0" {
> supersede broadcast-address 255.255.255.255;
> }
> # repeat for other ifaces as required
>
> Which is ~ok~ for the moment, but I'd like to understand why this
> occurs, and fix it properly. Either at DHCPD end, or FreeBSD
> config.
>
>
>
> # Further details
>
> - Ubuntu 22.04 from vendor
> - FreeBSD 13.1-RELEASE amd64 vanilla install
> - 4x ice(4) NICs (Intel E810) and 2x (unused) ix (igxbe)
> - 2x of the ice(4) are bonded link aggregation
> - dhclient only used to attach to 1 nic, ignoring FreeBSD side of bonding
>
>
> ## Linux ip addr
>
> # ip addr
> 8: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
> link/ether b4:96:91:d9:99:20 brd ff:ff:ff:ff:ff:ff
> inet 147.75.92.187/31 brd 255.255.255.255 scope global bond0
> ...
>
> ## FreeBSD ifconfig
>
> # ifconfig ice0
> ice0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
> options=4e10438<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,LRO,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6,NOMAP>
> ether b4:96:91:d9:9b:48
> inet 147.75.93.61 netmask 0xfffffffe broadcast 147.75.93.60
> media: Ethernet autoselect (25G-AUI <full-duplex>)
> status: active
> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
> ...
> root@metalBSD:~ # netstat -4rn
> Routing tables
>
> Internet:
> Destination Gateway Flags Netif Expire
> default 147.75.93.60 UGS ice0
> 127.0.0.1 link#7 UH lo0
> 147.75.93.60/31 link#3 U ice0
> 147.75.93.61 link#3 UHS lo0
>
> root@metalBSD:~ # cat /var/db/dhclient.leases.ice0
>
> - note no broadcast-address provided
> - Linux & FreeBSD evidently derive it differently
>
> lease {
> interface "ice0";
> fixed-address 147.75.93.61;
> option subnet-mask 255.255.255.254;
> option routers 147.75.93.60;
> option domain-name-servers 147.75.207.207,147.75.207.208;
> option host-name "intransigent09";
> option dhcp-lease-time 172800;
> option dhcp-message-type 5;
> option dhcp-server-identifier 139.178.78.140;
> renew 1 2022/6/27 18:40:06;
> rebind 2 2022/6/28 12:40:06;
> expire 2 2022/6/28 18:40:06;
> }
>
> A+
> Dave
>
--
Marek Zarychta