Hello,
Yesterday updated my router to 7.6 and the 64 interfaces limit reappeared.
I downloaded the 7.6 sources , and the patch on
libexec/snmpd/snmpd_metrics/pf.c is applied correctly.
So the bug has moved elsewhere.. but where ?
Marc
> On 11 Jun 2024, at 17:41, Martijn van Duren <openbsd+t...@list.imperialat.at>
> wrote:
>
> moving to tech@
>
> On Tue, 2024-06-11 at 15:38 +0200, Marc Boisis wrote:
>> Like Kapetanakis I have the 64 interface desc empty:
>>> snmpget -v2c -c public 127.0.0.1 OPENBSD-PF-MIB::pfIfDescr.64
>> OPENBSD-PF-MIB::pfIfDescr.64 = STRING:
>>
>> So can we imagine a limit of 64 interfaces in the snmp (snmpd_metrics) code ?
>
> Ah, you're limited to 64 interfaces in total. From your mail I thought
> 64 physical plus a handful of carp and that the problem was limited to
> vlan specifically.
>
> You're right that it's an snmpd_metrics bug, which was fixed by sashan@
> in pfctl's pfctl_table.c r1.85 back in 2022. Important parts of
> that diff adjusted for snmpd_metrics below.
>
> martijn@
>>
>>
>>> On 11 Jun 2024, at 14:34, Martijn van Duren
>>> <openbsd+m...@list.imperialat.at> wrote:
>>>
>>> On Tue, 2024-06-11 at 14:56 +0300, Kapetanakis Giannis wrote:
>>>> On 10/06/2024 18:43, Marc Boisis wrote:
>>>>> Hello,
>>>>>
>>>>> I've a 7.5 openBSD router, when I'm asking OPENBSD-PF-MIB I have only 64
>>>>> physicals and carp interfaces but not my 45 vlan interfaces.
>>>>>
>>>>> My /etc/snmpd.conf
>>>>> ROOT:amdrg2:/root > cat /etc/snmpd.conf
>>>>> listen on 127.0.0.1 snmpv2c
>>>>> read-only community public
>>>>>
>>>>>
>>>>> "pfctl -sI" list all interfaces (carp and vlan).
>>>>>
>>>>> Is there a setting or a limit to configure to see vlan interfaces in
>>>>> OPENBSD-PF-MIB and especialy in OPENBSD-PF-MIB::pfIfTable ?
>>>>>
>>>>> Ps: In openbsd 6.5, OPENBSD-PF-MIB::pfIfTable contain all interfaces
>>>>>
>>>>> Regards
>>>>>
>>>>> Marc
>>>>>
>>>> Indeed.
>>>>
>>>> snmpwalk -v2c -c xxxxxx localhost OPENBSD-PF-MIB::pfIfDescr | wc -l
>>>> 64
>>>>
>>>> pfctl -sI | wc -l
>>>> 99 (groups included)
>>>>
>>>> ifconfig | grep flags | wc -l
>>>> 85
>>>>
>>>> that is on 7.5 release.
>>>>
>>>> snmpwalk is showing only "vlan" and not the vlan interfaces. That is
>>>> probably the group vlan.
>>>>
>>>> There is also an empty one at the end.
>>>>
>>>> OPENBSD-PF-MIB::pfIfDescr.63 = STRING: vlan
>>>> OPENBSD-PF-MIB::pfIfDescr.64 = STRING:
>>>>
>>>> G
>>>
>>> $ snmp walk -v2c -cpublic 127.0.0.1 pfIfDescr | wc -l
>>> 15
>>> $ doas pfctl -sI | wc -l
>>> 15
>>>
>>> pfIfDescr.13 = STRING: vlan
>>> pfIfDescr.14 = STRING: vlan6
>>>
>>>
>>> I'm not seeing it. I'm willing to dig into this, but without giving me a
>>> way to reproduce saying "me too" isn't going to help.
>>>
>>> martijn@
>>>
>>
> diff 1731179d99a5114f9b9915e3a010e72b1f0fbc81
> 9b5c5bd8d05986f0a92077f6229f4f197aaf9b92
> commit - 1731179d99a5114f9b9915e3a010e72b1f0fbc81
> commit + 9b5c5bd8d05986f0a92077f6229f4f197aaf9b92
> blob - a4b60962e324d5e8e0fd48353241656a72b448fa
> blob + 8dfe88a217e8bd505edf6e3611ec55ecb414d494
> --- libexec/snmpd/snmpd_metrics/pf.c
> +++ libexec/snmpd/snmpd_metrics/pf.c
> @@ -210,11 +210,11 @@ pfi_get(struct pfr_buffer *b, const char *filter)
> bzero(b, sizeof(struct pfr_buffer));
> b->pfrb_type = PFRB_IFACES;
> for (;;) {
> - pfr_buf_grow(b, b->pfrb_size);
> + pfr_buf_grow(b, 0);
> b->pfrb_size = b->pfrb_msize;
> if (pfi_get_ifaces(filter, b->pfrb_caddr, &(b->pfrb_size)))
> return (1);
> - if (b->pfrb_size <= b->pfrb_msize)
> + if (b->pfrb_size < b->pfrb_msize)
> break;
> }
>
>
