[Bug 280648] Traffic leak between fibs

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 20 Sep 2024 10:02:53 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280648

--- Comment #20 from Egor <banezmesm@gmail.com> ---
I managed to run bird in non standart fib and at this time there wasn't leaked
routes in routing table but it didn't change traffic behavior. I still had
SYN-ACK drops in packet filter and i didn't see SYN packets on outgoing
interface.


09:20:24.123696 rule 5/0(match): pass in on mce0.1280: 172.16.179.42.51806 >
172.16.188.194.22: Flags [S], seq 2399537834, win 64240, options [mss
1460,[|tcp]>
09:20:24.123742 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 >
172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535,
options [mss 1460,[|tcp]>
09:20:25.130047 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 >
172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535,
options [mss 1460,[|tcp]>
09:20:27.330596 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 >
172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535,
options [mss 1460,[|tcp]>
09:20:31.531341 rule 1/0(match): block in on mce0.3101: 172.16.188.194.22 >
172.16.179.42.51806: Flags [S.], seq 1440191918, ack 2399537835, win 65535,
options [mss 1460,[|tcp]>

test-fw01:~$ sudo birdc "show route table all" | grep 172.16.188 -A 3
172.16.188.192/26    unicast [bgp18 09:19:04.118] * (100) [AS4231000004i]
        via 192.168.255.114 on mce1.3101
                     unicast [bgp17 09:19:04.225] (100) [AS4231000004i]
        via 192.168.255.112 on mce0.3101

test-fw01:~$ netstat -nrF 1 | grep 172.16.188.192
172.16.188.192/26  192.168.255.114    UG1    mce1.310

test-fw01:~$ sudo tcpdump -nli mce0.3101 host 172.16.179.42
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on mce0.3101, link-type EN10MB (Ethernet), capture size 262144 bytes
09:59:40.753971 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq
3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackOK,TS
val 738593035 ecr 3656452229], length 0
09:59:41.748887 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq
3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackOK,TS
val 738594032 ecr 3656452229], length 0
09:59:41.755927 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq
3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackOK,TS
val 738594032 ecr 3656453231], length 0
09:59:42.779932 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq
3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackOK,TS
val 738595063 ecr 3656454255], length 0
09:59:43.788132 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq
3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackOK,TS
val 738596071 ecr 3656454255], length 0
09:59:43.803928 IP 172.16.188.194.22 > 172.16.179.42.51806: Flags [S.], seq
3265751352, ack 2606051427, win 65535, options [mss 1460,nop,wscale 9,sackOK,TS
val 738596083 ecr

-- 
You are receiving this mail because:
You are the assignee for the bug.