[Bug 240819] PF scrub drop UDP Fragment
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Sep 25 15:24:40 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240819
Bug ID: 240819
Summary: PF scrub drop UDP Fragment
Product: Base System
Version: 12.0-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: kern
Assignee: bugs at FreeBSD.org
Reporter: fabrice.bruel at orange.com
Hello,
I've notice a problem with scrub and UDP packet on FreeBSD 12STABLE
Version :
# uname -a
FreeBSD R640-4 12.0-STABLE FreeBSD 12.0-STABLE #1 r348036M: Tue May 21 10:58:21
CEST 2019
root at PFWALL-GEN2:/usr/obj/PFWALL.amd64/usr/local/PFWall/FreeBSD/src/amd64.amd64/sys/PFWALL-AMD64
amd64
Describe :
If PF is activated with this scrub option :
scrub out all random-id
scrub all fragment reassemble
UDP fragment doesn't cross PF. removing this 2 line solve the issue.
Incoming packet seems to be "bad" in tcpdump :
# tcpdump -n -i bxe3 udp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bxe3, link-type EN10MB (Ethernet), capture size 262144 bytes
16:23:13.231094 IP 10.2.0.22.2798 > 10.2.0.221.0: UDP, bad length 1420 > 1392
16:23:13.231116 IP 10.2.0.22 > 10.2.0.221: ip-proto-17
16:23:14.292550 IP 10.2.0.22.2799 > 10.2.0.221.0: UDP, bad length 1420 > 1392
16:23:14.292572 IP 10.2.0.22 > 10.2.0.221: ip-proto-17
16:23:15.354955 IP 10.2.0.22.2800 > 10.2.0.221.0: UDP, bad length 1420 > 1392
Note that's the MTU of the egress interface (bxe3 here) is 1500 :
# ifconfig bxe3
bxe3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=522ba<TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO6,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO>
I've tried to remove tso, rxcsum,tso, with no result. Maybe it's more a IP
issue ?
How to reproduce :
# hping -2 -m 1400 -d 1420 ip_target
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list