[Bug 267178] security/softether
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 18 Oct 2022 18:28:18 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267178 Bug ID: 267178 Summary: security/softether Product: Ports & Packages Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: meta@FreeBSD.org Reporter: karl@denninger.net Assignee: meta@FreeBSD.org Flags: maintainer-feedback?(meta@FreeBSD.org) Created attachment 237439 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=237439&action=edit Shut off MTU increases if compiled on FreeBSD This may impact everyone -- not sure, so labeling it "affects some people." The vpnserver code attempts to use jumbo frames and, when it tries to send larger frames than the current MTU, attempts to set the interface MTU high enough to accommodate it. This occurs unless the interface was opened "Raw", which is only supported in the code on Linux; for all other BSD variants the assumption is made that the MTU can be raised high enough to allow a transmission to fit. That would seem to be wishful thinking and the code does indeed try to send data that won't fit in the default ethernet MTU. The result is a cascade of up/down events on the interface which never ends as the server will try to send something larger than even a typical jumbo frame capability (e.g. 8k) and when it does, it will continually bang on the MTU trying to raise it, logging each such event as well. The following couple-of-line patch shuts this off if the code is built on FreeBSD and stops that behavior. As near as I can tell this has no bad side effects but my work with the package is, thus far, quite rudimentary so further testing is likely called for before accepting this as a build-time patch to be applied. I've also reported this on the forum for the package itself here: https://www.vpnusers.com/viewtopic.php?f=7&t=67841 -- You are receiving this mail because: You are the assignee for the bug.