PF problems with 11-stable
Kristof Provost
kp at FreeBSD.org
Thu Jul 26 08:28:21 UTC 2018
On 26 Jul 2018, at 10:16, Patrick Lamaiziere wrote:
> Le Thu, 26 Jul 2018 09:58:05 +0200,
> Patrick Lamaiziere <patfbsd at davenulle.org> a écrit :
>
> Hello,
>
>>> Hey,
>>> I am on
>>> 11.2-STABLE FreeBSD 11.2-STABLE #9 r336597
>>> Sun Jul 22 14:08:38 CEST 2018
>>>
>>> and I see 2 problems with PF that are still there:
>>> 1.) set skip on lo
>>> does not work even though ifconfig lo matches.
>>> SOLVED TEMPORARILY BY: set skip on lo0
>>
>> I've seen this while upgrading from 10.3 to 11.2-RELEASE. I've added
>> lo0 to set skip too.
>>
>> When the problem occurs, lo is marked '(skip)' (pfctl -vs
>> Interfaces) but not lo0.
>>
>> But I can't reproduce this, this happened only one time.
>
> I don't know if this is related but there were some kernel logs about
> 'loopback' :
>
> Feb 15 17:11:48 fucop1 kernel: ifa_del_loopback_route: deletion failed:
> 47 Feb 15 17:11:48 fucop1 kernel: ifa_add_loopback_route: insertion
> failed: 47 Jul 16 13:50:36 fucop1 kernel: ifa_maintain_loopback_route:
> deletion failed for interface ix2: 3 Jul 16 14:07:31 fucop1 kernel:
> ifa_maintain_loopback_route: deletion failed for interface ix2: 3 Jul
> 16 14:07:31 fucop1 kernel: ifa_maintain_loopback_route: deletion failed
> for interface igb1: 3 Jul 16 14:10:43 fucop1 kernel:
> ifa_maintain_loopback_route: insertion failed for interface igb0: 17
>
No, those error messages are not related.
The issue with interface groups is known, and is being worked on.
The pfctl -n issue should be fixed as of r336164
Regards,
Kristof
More information about the freebsd-net
mailing list