>Synopsis: gre(4) keepalives are sent from wrong rdomain
>Category: kernel
>Environment:
System : OpenBSD 5.8
Details : OpenBSD 5.8-current (GENERIC) #1458: Fri Nov 6 05:12:57
MST 2015
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC
Architecture: OpenBSD.amd64
Machine : amd64
>Description:
I was trying out gre(4) tunnels with rdomains and pair(4) interfaces
and everything seemed to work quite alright except that I started to
get this diagnostic warning message when using keepalive in the GRE
tunnels that were on some other rdomain than the default. Regular
traffic (eg. ping) does not trigger the diagnostic warning.
The warning message was as follows:
"gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2"
Everything (regular traffic and keepalive messages) seems to work OK
even without the patch below, except of course the diagnostic warning.
But wrong ph_rtableid could maybe lead to some problems with PF filters
and such?
>How-To-Repeat:
Commands to reproduce the diagnostic warning and to verify the patch:
===================================================================
sysctl net.inet.gre.allow=1
sysctl net.inet.ip.forwarding=1
# Disable PF...
pfctl -d
# ... or add the following line to pf.conf:
# pass quick on gre proto gre no state
ifconfig pair0 create rdomain 0 10.1.1.1/24
ifconfig pair1 create rdomain 1 10.1.1.2/24
ifconfig pair0 patch pair1
ifconfig gre0 create rdomain 0 10.2.2.0/31
ifconfig gre1 create rdomain 1 10.2.2.1/31
route -T 0 add -inet 10.2.2.0/31 -iface 10.2.2.0
route -T 1 add -inet 10.2.2.0/31 -iface 10.2.2.1
ifconfig gre0 tunnel 10.1.1.1 10.1.1.2 tunneldomain 0
ifconfig gre1 tunnel 10.1.1.2 10.1.1.1 tunneldomain 1
ifconfig gre0 keepalive 2 3
ifconfig gre1 keepalive 2 3
>Fix:
With this patch keepalives no longer trigger the diagnostic warning:
Index: sys/net/if_gre.c
===================================================================
RCS file: /cvs/src/sys/net/if_gre.c,v
retrieving revision 1.76
diff -u -p -r1.76 if_gre.c
--- sys/net/if_gre.c 25 Oct 2015 11:58:11 -0000 1.76
+++ sys/net/if_gre.c 8 Nov 2015 14:22:05 -0000
@@ -693,6 +693,9 @@ gre_send_keepalive(void *arg)
m->m_len = m->m_pkthdr.len = sizeof(*ip) + sizeof(*gh);
MH_ALIGN(m, m->m_len);
+ /* use the interface's rdomain when sending keepalives. */
+ m->m_pkthdr.ph_rtableid = sc->sc_if.if_rdomain;
+
/* build the ip header */
ip = mtod(m, struct ip *);
dmesg:
OpenBSD 5.8-current (GENERIC) #1458: Fri Nov 6 05:12:57 MST 2015
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 251592704 (239MB)
avail mem = 240001024 (228MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe1000 (10 entries)
bios0: vendor innotek GmbH version "VirtualBox" date 12/01/2006
bios0: innotek GmbH VirtualBox
acpi0 at bios0: rev 2
acpi0: sleep states S0 S5
acpi0: tables DSDT FACP APIC SSDT
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 3228.03 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,MWAIT,SSSE3,NXE,LONG,LAHF
cpu0: 4MB 64b/line 16-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: CPU supports MTRRs but not enabled by BIOS
cpu0: apic clock running at 1000MHz
cpu0: mwait min=64, max=64
ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 11, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C1(@1 halt!)
acpibat0 at acpi0: BAT0 not present
acpiac0 at acpi0: AC unit online
acpivideo0 at acpi0: GFX0
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
pciide0 at pci0 dev 1 function 1 "Intel 82371AB IDE" rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: <VBOX HARDDISK>
wd0: 128-sector PIO, LBA, 2048MB, 4194304 sectors
wd1 at pciide0 channel 0 drive 1: <VBOX HARDDISK>
wd1: 128-sector PIO, LBA, 8192MB, 16777216 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: <VBOX, CD-ROM, 1.0> ATAPI 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
vga1 at pci0 dev 2 function 0 "InnoTek VirtualBox Graphics Adapter" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
em0 at pci0 dev 3 function 0 "Intel 82540EM" rev 0x02: apic 1 int 19,
address 08:00:27:27:df:c8
"InnoTek VirtualBox Guest Service" rev 0x00 at pci0 dev 4 function 0 not
configured
auich0 at pci0 dev 5 function 0 "Intel 82801AA AC97" rev 0x01: apic 1
int 21, ICH AC97
ac97: codec id 0x83847600 (SigmaTel STAC9700)
audio0 at auich0
ohci0 at pci0 dev 6 function 0 "Apple Intrepid USB" rev 0x00: apic 1 int
22, version 1.0
piixpm0 at pci0 dev 7 function 0 "Intel 82371AB Power" rev 0x08: SMBus
disabled
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
usb0 at ohci0: USB revision 1.0
uhub0 at usb0 "Apple OHCI root hub" rev 1.00/1.00 addr 1
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on wd0a (e57c71436647abdf.a) swap on wd0b dump on wd0b
gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2
gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2
gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2
