From nobody Wed Jun 01 10:25:19 2022 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 2AB171B59ED9 for ; Wed, 1 Jun 2022 10:25:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LCldq6JWVz3w53 for ; Wed, 1 Jun 2022 10:25:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B6B241DFFF for ; Wed, 1 Jun 2022 10:25:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 251APJh9011346 for ; Wed, 1 Jun 2022 10:25:19 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 251APJuG011345 for net@FreeBSD.org; Wed, 1 Jun 2022 10:25:19 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 256681] [route] Incorrect loopback route for aliases IP addresses Date: Wed, 01 Jun 2022 10:25:19 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: cryx-ports@h3q.com X-Bugzilla-Status: Closed X-Bugzilla-Resolution: Works As Intended X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: melifaro@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1654079119; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=VxveyephA47o8d1iMOhjLEkesqJUaZgvU2SXKwNteAE=; b=RGfBL78tx8K+TG7N9A3uOr4qJawxjo6mvKADYfDK2PVtU6aSGtl1qm0Z5IJjLsy/2fNJ9l zKvSvWy/FfipSprJwNOPcV/uBelvLHaXgZkQFV6pxaqMVISdwie86Uh+s/gxwGkrGFsuiA TfG++JbIz3xqKa3X50UGlaDdb33CqOIX0JMDc2DjxGz1a9aQyaMGfKY2I221r7fEdqk4vY y7Vl5jGf44Z7Y+jbcGZVGGOdbaBFv3eldJeM79svmsSm7iqj8W0dy5Diz0EBeY0AfbMaY2 rFgc3jurGToeg+3blS9RszAzFjC5m/1JGsYvB18vCXAdJRp4SYhWv/xoCsE7uw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1654079119; a=rsa-sha256; cv=none; b=EMp23toiMFM4Aj7GjucfsuAv0uuskvv7gt3YL5FkIMXTYgcMZn6jt2SK9xWsi5YJ6/f+qM y+0bb2rDrZrPpR0BxRUDQCqoW/560u+HS6jKbsfQ5/KQIB6lGVwbsZIyadsOj/r3hXQc5W zQnNSViUA2PQP3aH1lzYE/xoXbPkEyTN+z8gJPUEWLQH0RpDzSrQcWNv/xudZuiARNXbA4 pwePNo+gQrmzV7kh0tXR5YBIaQNhk573AjQAVy/TjXstRFaI9GbTqH+2Z9D0d94TSEgt/e K1BPzWG0Oh1gdfiN1RV0keI48ERosXaiouxQpNWOHR4iD5LdYLbVKrzDopkAnA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D256681 Philipp Wuensche changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cryx-ports@h3q.com --- Comment #7 from Philipp Wuensche --- This is hitting me in my jail setups also. Up until 12.3 I had jails running on lo1 interfaces in the e.g. 127.1.1.0/24 range running services for the jails that are running on ipaddr. of the hos= ts external interfaces. Like a jail running postgresql on 127.1.1.1 and several webservice jails running on external ipaddr. using this postgresql jail as their database. This had the nice effect of jails on the loopback ipaddr. not being able to reach the internet and vice versa, even without a firewall in place, and me= not guessing rfc1918 ipaddr. that might not being used somewhere else in the network. Multiple jails on the external interface resulted in /32 aliases on the external interface, which wasn't a problem until FreeBSD 13. From now on, the jails that had a /32 alias ipaddr. where unable to reach t= he services running in loopback jails, due to the missing lo0 route. For me this is a regression or at least it is somewhat unpleasant that this change in behaviour is just mentioned as "Duplicate routes installation iss= ue for /32 or /128 interface aliases has been fixed" in the release notes of 1= 3.0.=20 I know there are solutions like VNET for jails etc.pp. but I just wanted to mention this here for all the users that will run into this issue. --=20 You are receiving this mail because: You are on the CC list for the bug.=