[Bug 280036] Data corruption over if_ovpn (OpenVPN DCO) observed
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 03 Sep 2024 11:13:37 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280036 --- Comment #10 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> --- While investigating the bug, I found that when ftpd(8) is serving a file from the OpenVPN access server itself (from the ZFS filesystem in my case), the file silently (apparently!) gets corrupted on that SERVER! To reproduce, connect from another machine to the FTP server (running on OpenVPN access server) offering read access to the file on the ZFS dataset and download the file a few times, checking if the checksum of the file served remains the same (see the experiment below). In my case, the checksum of the file on the server changed with each file access via ftpd(8), but only if it was served from the OpenVPN access server and was accessed via the OpenVPN tunnel. When the file was accessed by OpenVPN tunnel but, terminated on another access server (also running FreeBSD and using OpenVPN DCO module!), everything was fine. Moreover, the file never got corrupted when the connection was using a Wireguard tunnel terminated on the same machine or the connection was established without any tunnelling. 1. CLient PC: [homepc] /tmp% lftp ftp://somehost lftp somehost:~> set xfer:clobber yes lftp somehost:~> get file 81362184 bajty przesłane w ciągu 3 sekund (22.60 MiB/s) lftp somehost:/> get file 81362184 bajty przesłane w ciągu 3 sekund (23.17 MiB/s) lftp somehost:/> get file 81362184 bajty przesłane w ciągu 3 sekund (23.17 MiB/s) lftp somehost:/> (...) 2. FreeBSD OpenVPN access server and ftpd(8) server: [somehost] ~ftp# stat file ; sha1sum file 0:13:54 2019" 131072 152537 0x800 file 589ca9781368ffd66f35394f3b7bf43ab9d98b33 file [somehost] ~ftp# stat file ; sha1sum file 11075423362389754006 262491 -rw-rw-r-- 2 root wheel 0 81362184 "sty 1 01:00:00 1970" "lip 8 10:13:54 2019" "sie 31 00:40:13 2024" "lip 8 1 0:13:54 2019" 131072 152537 0x800 file 05ba9b9a60df861887dcc690c1237998c1844180 file [somehost] ~ftp# stat file ; sha1sum file 11075423362389754006 262491 -rw-rw-r-- 2 root wheel 0 81362184 "sty 1 01:00:00 1970" "lip 8 10:13:54 2019" "sie 31 00:40:13 2024" "lip 8 1 0:13:54 2019" 131072 152537 0x800 file d259dbd577c17b5ad7da0d1d0fa67f5564a68e72 file [somehost] ~ftp# zpool scrub zroot [somehost] ~ftp# zpool status pool: zroot state: ONLINE scan: scrub repaired 0B in 00:02:32 with 0 errors on Tue Sep 3 12:37:03 2024 config: NAME STATE READ WRITE CKSUM zroot ONLINE 0 0 0 gpt/ssdrootfs ONLINE 0 0 0 errors: No known data errors [somehost] ~ftp# stat file ; sha1sum file 11075423362389754006 262491 -rw-rw-r-- 2 root wheel 0 81362184 "sty 1 01:00:00 1970" "lip 8 10:13:54 2019" "sie 31 00:40:13 2024" "lip 8 1 0:13:54 2019" 131072 152537 0x800 file fdf68d23439f5a269850e71e1807ea8889a8ffd0 file [somehost] ~ftp# stat file ; sha1sum file 11075423362389754006 262491 -rw-rw-r-- 2 root wheel 0 81362184 "sty 1 01:00:00 1970" "lip 8 10:13:54 2019" "sie 31 00:40:13 2024" "lip 8 1 0:13:54 2019" 131072 152537 0x800 file 7674bcd2cbfdff3c5455e287c609b3364c311914 file -- You are receiving this mail because: You are the assignee for the bug.