On 14 Sep 2023, at 4:54, Xin Li wrote: > Hi! > > I recently upgraded my home router and found that there is some regression > related to pf or IPv6. > > When attempting to connect an IPv6 TCP service, process would enter a > seemingly unkillable state (the stack varies but always begins with write, so > it seems that tailscale was trying to send some packet to the server), until > racoon is killed and restarted (at which point the connection would be > dropped). > > tcpdump over the gif(4) channel captured a lot of seemingly duplicated > packets like this: > > 03:40:50.088262 IP6 LOCAL.16275 > REMOTE.443: Flags [.], seq 1619:2947, ack > 4225, win 129, options [nop,nop,TS val 2817088580 ecr 3077807235], length 1328 > 03:40:50.088332 IP6 LOCAL.16275 > REMOTE.443: Flags [.], seq 1619:2947, ack > 4225, win 129, options [nop,nop,TS val 2817088581 ecr 3077807235], length 1328 > [identical except timestamp] > 03:40:50.089107 IP6 LOCAL.16275 > REMOTE.443: Flags [.], seq 1619:2947, ack > 4225, win 129, options [nop,nop,TS val 2817088581 ecr 3077807235], length 1328 > > Am I the only person who is seeing this? (Admittedly my setup is somewhat > unique; my home ISP doesn't provide IPv6 service, so I have a gif(4) tunnel > to my datacenter, which connects to Hurricane Electric's IPv6 tunnel service > and basically routes my IPv6 traffic to that tunnel. Earlier I discovered > that some IPv6 connectivity issues were related to MTU being too big (1480; > reduced to 1400 now) but the unkillable IPv6 applications was new and only > happened on 14.x) >
That doesn’t immediately ring any bells, no. Are you using route-to anywhere? There’s been a change (829a69db855b48ff7e8242b95e193a0783c489d9) that has some potential to affect uncommon setups, but right now I’m just guessing. I’d recommend tcpdump-ing the wan link at the same time as the gif tunnel so you can work out if the packets are being dropped locally or remotely. Or you can try adding ‘log’ statements to the pf rules and using pflog to figure out if/why packets are being dropped. Best regards, Kristof
