From nobody Mon Sep 30 22:35:58 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XHbWf44Ydz5XmqJ
	for <net@mlmmj.nyi.freebsd.org>; Mon, 30 Sep 2024 22:35:58 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XHbWf2zZjz4YBW
	for <net@FreeBSD.org>; Mon, 30 Sep 2024 22:35:58 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1727735758;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=POB/QyPL4WmPbuO17R8iNY+ItHqlAlGJKbEJoVrVKy4=;
	b=hBFKb9z6w+WHkPdRdovKXwiW5YOCV0Q8ifatGx+3vOUGMopG8RiAXWo4I8/qlTg86/rp27
	147mfhLNv6UuznocDoa4t529YMR7AIXjUCQESvLAxW4EWYJUFz+T10Zv2hZcHZCfrc2iGD
	+S85U32CvFumd/7l507ovlxXgr6uQHWndLXbRxU2ZA1ZGCX0bq9CICz8o6K/6Hgl8sVwxz
	hAfhTFmMjg1u4cQo7E/ahRylVR/fnGRc90WO6SIbdgfSdBagBBdU4LXbzCiKGSBbWWZ3dp
	jD9CHWPd5d6wofskOHJJiVeL8VA8Wz1XKzEP90+cgzFtS34aVZr17bBmv1iNQQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1727735758; a=rsa-sha256; cv=none;
	b=MfZwnCuE0kdOmmSXq7nw9ZTaVZOUwzzSkml51XKucP+jcsFrNr0Y9VPg5bc82Glmf2wsAU
	R0llGuFlHj9QWa4tQRjvfziv5zd2fdu6FiejY9tONzS3iTePnXeiJsmKT5ReavgeiYe8ea
	slVRBXf1gFEZnBEPMRDtOZf0soBcJSU5X1uStENw3p6QonLnpU0ZQpbaMbnKxp+9IoBjWl
	jlkssbc+fnnHxDlToN5HGtUsyFVWmrGrlLQqCfiVvK/lcGPOXNVcOdDETmWfIAHgr8SIiF
	OzOc3xFipPhup+8X53e4dqH0XgiShvJ+IMwf0yayBEhRFjxpU54OsjuJc1dCdg==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XHbWf2FsGz1BRw
	for <net@FreeBSD.org>; Mon, 30 Sep 2024 22:35:58 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 48UMZwfX040256
	for <net@FreeBSD.org>; Mon, 30 Sep 2024 22:35:58 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 48UMZwAj040255
	for net@FreeBSD.org; Mon, 30 Sep 2024 22:35:58 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 262828] [carp] CARP arp replays with wrong src mac
Date: Mon, 30 Sep 2024 22:35:58 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: rozhuk.im@gmail.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-262828-7501-KHlG1qrw8v@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-262828-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-262828-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D262828

--- Comment #16 from Ivan Rozhuk <rozhuk.im@gmail.com> ---
(In reply to Gleb Smirnoff from comment #14)

Topic with "hardware, that puts non-RFC compluant requirements on ARP packe=
ts"
started by zlei@.
IMHO it is irrelevant to this patch.



This patch fixes issues that at least was happen in our customers env and we
reproduce it in lab.

Annonce before patch apply:
root@safeinspect# tcpdump -n -i vmx2 -e -vvvvv arp | grep 192.168.15.224
tcpdump: listening on vmx2, link-type EN10MB (Ethernet), capture size 262144
bytes
11:57:51.249287 00:10:f3:2a:c2:ba > 00:00:5e:00:01:30, ethertype ARP (0x080=
6),
length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.224 t=
ell
192.168.14.1, length 46
11:57:51.249317 00:00:5e:00:01:30 > 00:10:f3:2a:c2:ba, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Reply 192.168.15.224 is-at
00:00:5e:00:01:30, length 28
11:57:55.823376 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:57:56.823714 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:57:59.023621 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:58:03.223640 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:58:03.842451 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:58:04.833800 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:58:07.033641 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:58:08.064321 00:0c:29:09:c3:44 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.224 t=
ell
192.168.15.224, length 46
11:58:08.064352 00:00:5e:00:01:30 > 00:0c:29:09:c3:44, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Reply 192.168.15.224 is-at
00:00:5e:00:01:30, length 28
11:58:11.233572 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:58:11.234069 00:0c:29:09:c3:44 > 00:00:5e:00:01:30, ethertype ARP (0x080=
6),
length 60: Ethernet (len 6), IPv4 (len 4), Reply 192.168.15.224 is-at
00:0c:29:09:c3:44, length 46
11:58:11.852937 00:00:5e:00:01:30 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.225 t=
ell
192.168.15.224, length 28
11:58:11.853396 00:0c:29:09:c3:44 > 00:00:5e:00:01:30, ethertype ARP (0x080=
6),
length 60: Ethernet (len 6), IPv4 (len 4), Reply 192.168.15.224 is-at
00:0c:29:09:c3:44, length 46
11:58:12.289677 00:10:f3:2a:c2:ba > 00:00:5e:00:01:30, ethertype ARP (0x080=
6),
length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.224 t=
ell
192.168.14.1, length 46
11:58:12.289713 00:00:5e:00:01:30 > 00:10:f3:2a:c2:ba, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Reply 192.168.15.224 is-at
00:00:5e:00:01:30, length 28
11:58:45.019891 00:10:f3:2a:c2:ba > 00:00:5e:00:01:30, ethertype ARP (0x080=
6),
length 60: Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.15.224 t=
ell
192.168.14.1, length 46
11:58:45.019926 00:00:5e:00:01:30 > 00:10:f3:2a:c2:ba, ethertype ARP (0x080=
6),
length 42: Ethernet (len 6), IPv4 (len 4), Reply 192.168.15.224 is-at
00:00:5e:00:01:30, length 28


Some master has owned CARPed 192.168.15.224.
Some backup CARPed host "00:0c:29:09:c3:44" is boot up and mess started at
"11:58:08.064321" and "11:58:11.234069" - "Gratuitous ARP" with wrong CARP =
MAC
in Ethernet and ARP headers.

Patch forces CARP MAC address to be used in Ethernet header and ARP header,=
 not
depend on CARP state "master" or not.


We totally use 3 path to CARP:
https://github.com/rozhuk-im/freebsd/commit/b4fa20fcbfa7a707ef3d7e499e93576=
4a9adc5f8
- this PR
https://github.com/rozhuk-im/freebsd/commit/4354cf4860dcf7e5e3c96d1fb0fdd95=
f1eabbfc3
- proper loopback detection
https://github.com/rozhuk-im/freebsd/commit/ddc90e5e6807469011f8aae93008ab5=
0509813f7
- some simple cosmetic
and we have no CARP related error reports since these patches landed to
customers.



> And what about IPv6 NA announcements?

We do not use IPv6 so I do not dig into this. My guess is yes, IPv6 needs
similar changes.

--=20
You are receiving this mail because:
You are the assignee for the bug.=