From nobody Fri Sep 16 12:51:36 2022 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MTYqG3zvsz4ckgQ for ; Fri, 16 Sep 2022 12:51:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MTYqG300Rz4Ns5 for ; Fri, 16 Sep 2022 12:51:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MTYqG23vqzMb9 for ; Fri, 16 Sep 2022 12:51:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 28GCpcWW094120 for ; Fri, 16 Sep 2022 12:51:38 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 28GCpcsU094115 for net@FreeBSD.org; Fri, 16 Sep 2022 12:51:38 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 261711] net/wireguard-kmod: Cannot send data over VXLAN / vtnet Date: Fri, 16 Sep 2022 12:51:36 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: marco@tols.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1663332698; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5hSozqWurW+Fc6gZHOrr+6tvIbcRzzX3o/VfNpphM64=; b=SuZmLt2V1twDUReYF3ld6eeTKJDDFZKNVK1a6FBo8tqn5IDJvJ4/L3CVRj//FimhL+B4p4 neV9CpuZ/iRgtHQlw+TdzMSrWFMmV5VkKc0vhKh4uKXd8i0ZUEwUlardewi+1wJeZg3pEb vtOfmNAYtDzhqU/I7Pv+VNzD0cy0VmG+N8ZhKHOuOWNpdChUCW5gmkY2dRKdfLnUN5tzt4 nX/EEPSisHHrD1X8WcSHcWyEqzUVDdYyXbscAgJZ+6B1P/FLC6IqhN/nxWY0MfIOaZFTEX QQxPrcpirnOYEv4JwHTJhkbuJA3XIkqrRq4+KQKlIXGol+qNlf/dn4oUxdBJ8w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1663332698; a=rsa-sha256; cv=none; b=mdSDs2I6o0olPhggLwXcDNRBE5eyiDU7JtvkLLZAVjd/AfFECDWGg7lzxyuAuFWORz+f24 Bb9Qq+oC0dGMvPRRl501IvSx7ApmM7Y+EN4Dz/+C9/Oarjb8eDhnMr1v54VN1jnsClH3c5 1wsUiWLr/Nny/VuKNFLWoH6nZVYyhZwRlvFs88dv4EHhbFsQfO038dIQrgQy6/rVX6AkfX 47BG2ZNaMGh4byEPb4Nom34XofsHQ3eCH73fukDS3myNYSI0bkoZfT7Q9+i1MlPtP8sIH5 KvJ5D+FM7sXlak0oanTF0whVOh5x1J+PHepE2V9UpITtHVZElLV8JKSlnsQ5Mg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261711 --- Comment #7 from marco@tols.org --- Hi there, I have the same issue. Hopefully my submission of uname -a and pkg info wireguard-kmod will help this bug progress further. I'm sure if this bug g= ets resolved, it will also resolve my issue. For completeness my setup is this: - 2x 13.1-RELEASE-p2 host - no firewalls active - Working wireguard setup (can ssh from one to the other via the wireguard = IPs) - Working vxlan over ipsec setup, traffic across the vxlan tunnel ends up on the other side. In my case the vxlan interfaces are bridged to a real interface so that I end up having a stretched ethernet network. When I change the vxlanlocal and vxlanremote on both ends from the ipsec ip addresses to the wireguard ip adresses the traffic across the vxlan tunnel = does not end up on the other side any more. I do see the udp/4789 packets arriv= e on the wg0 interface, but they don't seem to make it into the vxlan interface. My suspicion is that by the time the packets get decrypted by the wireguard setup, it's too late to have them get processed by vxlan. This is pure speculation. My `uname -a` is this: (identical on both ends) FreeBSD 13.1-RELEASE-p2 FreeBSD 13.1-RELEASE-p2 GENERIC amd64 my `pkg info wireguard-kmod` is this: wireguard-kmod-0.0.20220615 Name : wireguard-kmod Version : 0.0.20220615 Installed on : Fri Sep 16 11:29:06 2022 CEST Origin : net/wireguard-kmod Architecture : FreeBSD:13:amd64 Prefix : /usr/local Categories : net-vpn net kld Licenses : MIT Maintainer : decke@FreeBSD.org WWW : https://git.zx2c4.com/wireguard-freebsd/ Comment : WireGuard implementation for the FreeBSD kernel Annotations : FreeBSD_version: 1301000 repo_type : binary repository : FreeBSD Flat size : 144KiB Description : Kernel module for FreeBSD to support Wireguard. At this time this code is new, unvetted, possibly buggy, and should be considered "experimental". It might contain security issues. We gladly welcome your testing and bug reports, but do keep in mind that this code is new, so some caution should be exercised at the moment for using it in mission critical environments. WWW: https://git.zx2c4.com/wireguard-freebsd/ --=20 You are receiving this mail because: You are on the CC list for the bug.=