[Bug 231659] 12-ALPHA7 r338900 crashes with IPsec on network load
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Sep 25 11:31:31 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231659
--- Comment #1 from Lev A. Serebryakov <lev at FreeBSD.org> ---
Steps to reproduce for me:
(1) Two hosts:
192.168.134.1, 12-ALPHA7, slow, without AES-NI
192.168.134.2, 11-STABLE, fast, with AES-NI
(2) Setup IPsec transport for TCP port 5201 (iperf3 part):
(a) on 192.168.134.2
setkey -c<<__END
flush;
spdflush;
add 192.168.134.1 192.168.134.2 esp 0x10001 -E rijndael-cbc "0123456789abcdef";
add 192.168.134.2 192.168.134.1 esp 0x10002 -E rijndael-cbc "0123456789abcdef";
spdadd 192.168.134.2/32[5201] 192.168.134.1/32 tcp -P out ipsec
esp/transport//require;
spdadd 192.168.134.1/32 192.168.134.2/32[5201] tcp -P in ipsec
esp/transport//require;
__END
(b) on 192.168.134.1
setkey -c <<__END
flush;
spdflush;
add 192.168.134.1 192.168.134.2 esp 0x10001 -E rijndael-cbc "0123456789abcdef";
add 192.168.134.2 192.168.134.1 esp 0x10002 -E rijndael-cbc "0123456789abcdef";
spdadd 192.168.134.1/32 192.168.134.2/32[5201] tcp -P out ipsec
esp/transport//require;
spdadd 192.168.134.2/32[5201] 192.168.134.1/32 tcp -P in ipsec
esp/transport//require;
__END
(3) run "iperf3 -s" on 192.168.134.2
(4) run "iperf -c 192.168.134.2 -R" on 192.168.134.1
(5) Almost instant crash on 192.168.134.1.
It looks have something to do with timings, as same setup where slow
192.168.134.1 is replaced bu much faster and AES-NI-capable system (same
FreeBSD version) make crash much more hard to reproduce. I've got only one for
6 hours of testing with fast system.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list