[Bug 223835] BGP session not established with md5 password via FRRouting

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Feb 27 12:46:25 UTC 2018 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223835

--- Comment #31 from Felipe N. Oliva <felipe at felipeoliva.eti.br> ---
(In reply to Andrey V. Elsukov from comment #30)
I will try with TSO/LRO.
Interface: ix (intel 10g)
Doesn't work with ipv4 and ipv6.

netstat -sp tcp | grep sig
        0 packets with matching signature received
        0 packets with bad signature received
        0 times failed to make signature due to no SA
        0 times unexpected signature received
        0 times no signature provided by segment

/etc/ipsec.conf:
add -4 <my_ip4> 187.16.216.55 tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE
add -4 187.16.216.55 <my_ip4> tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE
add -4 <my_ip4> 187.16.218.58 tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE
add -4 187.16.218.58 <my_ip4> tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE
add -6 <my_ip6> 2001:12f8::55 tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE
add -6 2001:12f8::55 <my_ip6> tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE
add -6 <my_ip6> 2001:12f8::218:58 tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE
add -6 2001:12f8::218:58 <my_ip6> tcp 0x1000 -A tcp-md5 "<password>"; # GOOGLE

setkey -D
2001:12f8::218:58 <my_ip6>
        tcp mode=any spi=130789163(0x07cbaf2b) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=7 pid=74097 refcnt=1
<my_ip6> 2001:12f8::218:58
        tcp mode=any spi=205209160(0x0c3b3e48) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=6 pid=74097 refcnt=1
2001:12f8::55 <my_ip6>
        tcp mode=any spi=17778168(0x010f45f8) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=5 pid=74097 refcnt=1
<my_ip6> 2001:12f8::55
        tcp mode=any spi=11511344(0x00afa630) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=4 pid=74097 refcnt=1
187.16.218.58 <my_ip4>
        tcp mode=any spi=49404247(0x02f1d957) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=3 pid=74097 refcnt=1
<my_ip4> 187.16.218.58
        tcp mode=any spi=209590058(0x0c7e172a) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=2 pid=74097 refcnt=1
187.16.216.55 <my_ip4>
        tcp mode=any spi=124856546(0x077128e2) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=1 pid=74097 refcnt=1
<my_ip4> 187.16.216.55
        tcp mode=any spi=4096(0x00001000) reqid=0(0x00000000)
        A: tcp-md5  6a757472 616e3764 45625577 72366339
        seq=0x00000000 replay=0 flags=0x00000040 state=mature
        created: Feb 27 08:36:12 2018   current: Feb 27 08:41:32 2018
        diff: 320(s)    hard: 0(s)      soft: 0(s)
        last:                           hard: 0(s)      soft: 0(s)
        current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
        allocated: 0    hard: 0 soft: 0
        sadb_seq=0 pid=74097 refcnt=1

FreeBSD 10.3 was working with only one direction. Did anything change?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

More information about the freebsd-net mailing list