https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204735
Oleksandr Tymoshenko changed:
What|Removed |Added
Status|New |Closed
CC|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204735
Daniel Bilik changed:
What|Removed |Added
Summary|[net] Outgoing packets |[net] [flowtable] Outgoing
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204735
--- Comment #3 from Daniel Bilik ---
After moving flowtable out of the picture, the affected router has been running
with no problems for more than a month now. So I guess that described problem
can be definitely considered flowtable-relate
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204735
ykir...@yahoo.com changed:
What|Removed |Added
CC||ykir...@yahoo.com
--- Comment #
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204735
Daniel Bilik changed:
What|Removed |Added
Severity|Affects Only Me |Affects Some People
--- Comment #1
On 2015-11-25 09:21, Daniel Bilik wrote:
It happened again, yesterday, and I can now definitely confirm
that it's related to default route.
[...]
... because again it was pushing outgoing packets wrong way, via public
interface, where it's dropped by pf...
[...]
I've tried to just delete defau
On Tue, 1 Dec 2015 12:16:45 +0100
Daniel Bilik wrote:
> But next time it happens, I'll try to reload pf rules, and also to
> disable pf completely...
Done. First I've tried to flush nat...
# pfctl -f /etc/pf.conf -F nat -O -N
nat cleared
... then rules...
# pfctl -f /etc/pf.conf -F rules -O -
On Tue, 1 Dec 2015 18:24:18 +0800
Julian Elischer wrote:
> if you reload pf it has no effect?
> pf is the part of the picture I have no experience with so I'm
> naturally suspicious of it.
> have you tried a simple ipfw nat instead? just as a sanity check?
Well, I have zero experience with ipf
On 1/12/2015 4:03 PM, Daniel Bilik wrote:
On Mon, 30 Nov 2015 23:47:18 +0800
Julian Elischer wrote:
ok next time try
netstat -raAnW before and after
Attached ("Internet6" part removed to reduce noise).
maybe we can spot at difference.
According to diff(1), entries differ only by "Use" colu
On Mon, 30 Nov 2015 23:47:18 +0800
Julian Elischer wrote:
> ok next time try
> netstat -raAnW before and after
Attached ("Internet6" part removed to reduce noise).
> maybe we can spot at difference.
According to diff(1), entries differ only by "Use" column between .pre
and .during. The .post o
On 30/11/2015 5:18 PM, Daniel Bilik wrote:
On Sat, 28 Nov 2015 18:06:45 +0800
Julian Elischer wrote:
next time it happens try flushing the arp table.
Just tried...
arp -d -a
... didn't help. Followed by refreshing default route, which solved it
ok next time try
netstat -raAnW before and
On Sat, 28 Nov 2015 18:06:45 +0800
Julian Elischer wrote:
> next time it happens try flushing the arp table.
Just tried...
arp -d -a
... didn't help. Followed by refreshing default route, which solved it
again.
--
Dan
___
On 27/11/2015 5:13 PM, Daniel Bilik wrote:
On Wed, 25 Nov 2015 12:20:33 +
Gary Palmer wrote:
route -n get
As suggested by Kevin and Ryan, I set the router to drop redirects...
net.inet.icmp.drop_redirect: 1
... but it happened again today, and again affected host was 192.168.2.33.
Rout
On Wed, 25 Nov 2015 12:20:33 +
Gary Palmer wrote:
> route -n get
As suggested by Kevin and Ryan, I set the router to drop redirects...
net.inet.icmp.drop_redirect: 1
... but it happened again today, and again affected host was 192.168.2.33.
Routing and arp entries were correct. Output of
An easier way to block ICMP redirects would be to set the sysctl:
sysctl net.inet.icmp.drop_redirect=1
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr.
On Wed, Nov 25, 2015 at 5:16 AM, Daniel Bilik wrote:
> On Wed, 25 Nov 2015 12:20:33 +
> Gary Palmer wrote:
>
> > When the problem happens, what does the output of
> > route -n get
> > show?
>
> I'll check this next time it happens. Thanks for the tip. Right now it
> seems correct:
>
>ro
On Wed, 25 Nov 2015 12:20:33 +
Gary Palmer wrote:
> When the problem happens, what does the output of
> route -n get
> show?
I'll check this next time it happens. Thanks for the tip. Right now it
seems correct:
route to: 192.168.2.33
destination: 192.168.2.0
mask: 255.255.255.0
On 2015-11-25 09:21:45 (+0100), Daniel Bilik wrote:
> Touching nothing else (pf etc.), not rebooting, just "refreshing" the
> default route entry, and the problem disappeared.
>
I was still inclined to suspect pf based on your previous findings,
because pf subscribes to IP address (and group) inf
On Wed, Nov 25, 2015 at 09:21:45AM +0100, Daniel Bilik wrote:
> On Sun, 22 Nov 2015 13:02:40 +0100
> Daniel Bilik wrote:
>
> > Well, even though pf may play some role in the problem, I tend to suspect
> > the routing table as the main trigger. There are several facts to support
> > this...
>
> I
On Sun, 22 Nov 2015 13:02:40 +0100
Daniel Bilik wrote:
> Well, even though pf may play some role in the problem, I tend to suspect
> the routing table as the main trigger. There are several facts to support
> this...
It happened again, yesterday, and I can now definitely confirm that it's
relate
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204735
Mark Linimon changed:
What|Removed |Added
Assignee|freebsd-b...@freebsd.org|freebsd-net@FreeBSD.org
--
You are
On Sat, 21 Nov 2015 22:20:43 +0100
Kristof Provost wrote:
>> Sure, pf.conf attached.
> Thanks. As a first guess, I think the origin of the problem might be
> related to the double nat rule you've got.
Well, even though pf may play some role in the problem, I tend to suspect
the routing table as
On 2015-11-20 16:34:31 (+0100), Daniel Bilik wrote:
> On Fri, 20 Nov 2015 16:18:10 +0100
> Kristof Provost wrote:
>
> > Can you post your pf rules too?
>
> Sure, pf.conf attached.
>
Thanks. As a first guess, I think the origin of the problem might be
related to the double nat rule you've got.
On Fri, 20 Nov 2015 16:18:10 +0100
Kristof Provost wrote:
> Can you post your pf rules too?
Sure, pf.conf attached.
--
Dan
int_if="re1"
ext_if="re0"
vpn_if="tap0"
ext_addr="82.x.y.50"
int_net="192.168.2.0/24"
vpn_net="{ 192.168.1.0/24, 192.168.4.0
> On 20 Nov 2015, at 15:55, Daniel Bilik wrote:
> Any hints on how to debug and/or solve the problem, when it happens?
Can you post your pf rules too?
Thanks,
Kristof
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/
Hi.
(Please keep me in CC as I'm not subscribed to freebsd-net@.)
A router running recent 10-stable configured like this...
re0: flags=8843 metric 0 mtu 1500
options=8209b
ether 90:2b:34:bb:b2:e7
inet 82.x.y.50 netmask 0xfff0 broadcast 82.x.y.255
nd6 options=29
medi
26 matches
Mail list logo
