[Bug 257038] [Panic] on http traffic to or from jail through vxlan

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 07 Jul 2021 10:15:25 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257038

--- Comment #2 from capra-freebsd_at_phcn.de ---
I'll try to describe my Setup as good as I possible: 
I have one physical IF connected, it's called em0. 

I have 2 vxlan interfaces, endpoint is my router
ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0 mtu 4000"
create_args_vxlan43="vxlanid 43 vxlanlocal 192.168.1.5 vxlanremote 192.168.1.1"
ifconfig_vxlan43="inet 10.43.0.5 netmask 255.255.255.0 up"
create_args_vxlan44="vxlanid 44 vxlanlocal 192.168.1.5 vxlanremote 192.168.1.1"
ifconfig_vxlan44="inet 10.44.0.5 netmask 255.255.255.0 up"





therefore I have to use fibs to have several routing tables, they are pretty
simple 
setfib 1 route add -net 10.44.0.0/24 -iface vxlan44
setfib 2 route add -net 10.43.0.0/24 -iface vxlan43

# Default route
setfib 1 route add default 10.44.0.1
setfib 2 route add default 10.43.0.1


furthermore I use bhyve based virtual machines in my setup, they are connected
to the vxlan interfaces and work just fine. 
NAME  TYPE      IFACE    ADDRESS  PRIVATE  MTU  VLAN  PORTS
phcn  standard  vm-phcn  -        no       -    -     vxlan43
DMZ   standard  vm-DMZ   -        no       -    -     vxlan44

the problem starts with the jail that are connected to vxlans, for example this
one:
cat /zroot/iocage/jails/phcn-zabbix/config.json 
{
    "boot": 0,
    "depends": "psql",
    "exec_fib": "2",
    "host_hostname": "phcn-zabbix",
    "host_hostuuid": "phcn-zabbix",
    "ip4_addr": "lo1|127.0.1.10/8,vxlan43|10.43.0.10/24",
    "jail_zfs_dataset": "iocage/jails/phcn-zabbix/data",
    "last_started": "2021-07-07 10:06:19",
    "release": "12.2-RELEASE-p6"
}#                                      

when I try to connect to the zabbix webui, or if I use the jail console to 
curl www.google.de  the host crashes.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Wed Jul 07 2021 - 10:15:25 UTC

Original text of this message