Re: alias issue with snapshot #1175
Sorry for the noise. It did turn out to be that the 3rd party device was squatting on the .45 address. Thanks to all!
Re: alias issue with snapshot #1175
On Tue, May 9, 2023 at 2:24 AM Stuart Henderson wrote: > The only strange thing in there that I'm seeing is > > inet 10.68.73.1 255.255.255.248 > ... > !route add -inet /24 10.68.73.1 > !route add -inet /24 10.68.73.1 > > i.e. adding a route pointing at the local machine for those various > networks, but that's not relating to the address where you mentioned > having the problem. I guess it might be better to point the route to the peer. Works either way. > Perhaps diffing ifconfig -A (or maybe netstat -rn) between the working > and non-working state will give a clue. I just eyeballed it and they look the same but I'll run a diff to make sure. Was able to test another system with a /29 and had no issues leaving out an alias and having all the other addresses work fine, but in this case there was no 3rd party device connected to the cable modem utilizing that unused address. Hopefully by this weekend I can do some testing by unplugging the 3rd party device and see what transpires. Thanks! Chris
Re: alias issue with snapshot #1175
On Tue, May 9, 2023 at 12:35 AM Navan Carson wrote: > Do you have names that depend on DNS in pf.conf? No.
Re: alias issue with snapshot #1175
On 2023/05/08 10:48, Sonic wrote: > On Mon, May 8, 2023 at 9:24 AM Stuart Henderson > wrote: > > There's not enough information really. /etc/hostname.* and maybe results > > of ifconfig -A and netstat -rn might give more clues. > > Here's that info - hopefully not munged beyond use. > Note that this is after the interface has been restarted (so the .45 > is working) but everything appeared normal before (ifconfig, etc.) > although I won't be able to verify until late tonight when I can > reboot the system. The only strange thing in there that I'm seeing is inet 10.68.73.1 255.255.255.248 ... !route add -inet /24 10.68.73.1 !route add -inet /24 10.68.73.1 i.e. adding a route pointing at the local machine for those various networks, but that's not relating to the address where you mentioned having the problem. Perhaps diffing ifconfig -A (or maybe netstat -rn) between the working and non-working state will give a clue.
Re: alias issue with snapshot #1175
> On May 8, 2023, at 5:32 PM, Sonic wrote: > > No real difference in the output of ifconfig or netstat before and > after restarting the network after a reboot. > The .45 alias refuses to accept/pass data other than answer a ping > after booting until the network, or at least the interface (em0) that > contains the alias is restarted. > From outside testing the ssh port I get "tcp closed" and after the > network restart "tcp open", the other 3 addresses, .41, .42, .43 all > work properly after booting. > The .44 address being used by another device and not as an alias seems > to be tripping something up, but only after boot, once the interface > is restarted all is well. > Absolutely nothing in the logs indicating any error. > > >> On Mon, May 8, 2023 at 10:48 AM Sonic wrote: >> >>> On Mon, May 8, 2023 at 9:24 AM Stuart Henderson >>> wrote: >>> There's not enough information really. /etc/hostname.* and maybe results >>> of ifconfig -A and netstat -rn might give more clues. >> >> Here's that info - hopefully not munged beyond use. >> Note that this is after the interface has been restarted (so the .45 >> is working) but everything appeared normal before (ifconfig, etc.) >> although I won't be able to verify until late tonight when I can >> reboot the system. > Do you have names that depend on DNS in pf.conf?
Re: alias issue with snapshot #1175
No real difference in the output of ifconfig or netstat before and after restarting the network after a reboot. The .45 alias refuses to accept/pass data other than answer a ping after booting until the network, or at least the interface (em0) that contains the alias is restarted. >From outside testing the ssh port I get "tcp closed" and after the network restart "tcp open", the other 3 addresses, .41, .42, .43 all work properly after booting. The .44 address being used by another device and not as an alias seems to be tripping something up, but only after boot, once the interface is restarted all is well. Absolutely nothing in the logs indicating any error. On Mon, May 8, 2023 at 10:48 AM Sonic wrote: > > On Mon, May 8, 2023 at 9:24 AM Stuart Henderson > wrote: > > There's not enough information really. /etc/hostname.* and maybe results > > of ifconfig -A and netstat -rn might give more clues. > > Here's that info - hopefully not munged beyond use. > Note that this is after the interface has been restarted (so the .45 > is working) but everything appeared normal before (ifconfig, etc.) > although I won't be able to verify until late tonight when I can > reboot the system.
Re: alias issue with snapshot #1175
On Mon, May 8, 2023 at 9:24 AM Stuart Henderson wrote: > There's not enough information really. /etc/hostname.* and maybe results > of ifconfig -A and netstat -rn might give more clues. Here's that info - hopefully not munged beyond use. Note that this is after the interface has been restarted (so the .45 is working) but everything appeared normal before (ifconfig, etc.) although I won't be able to verify until late tonight when I can reboot the system. lo0: flags=8049 mtu 32768 index 5 priority 0 llprio 3 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff00 em0: flags=8843 mtu 1500 lladdr 68:05:ca:33:9b:46 description: external network index 1 priority 0 llprio 3 groups: egress media: Ethernet autoselect (1000baseT full-duplex,master,rxpause,txpause) status: active inet 51.67.20.41 netmask 0xfff8 broadcast 51.67.20.47 inet 51.67.20.42 netmask 0x inet 51.67.20.43 netmask 0x inet 51.67.20.45 netmask 0x em1: flags=8802 mtu 1500 lladdr 00:25:90:87:9e:75 index 2 priority 0 llprio 3 media: Ethernet autoselect (none) status: no carrier em2: flags=8843 mtu 1500 lladdr 00:25:90:87:9e:74 description: internal network index 3 priority 0 llprio 3 media: Ethernet autoselect (1000baseT full-duplex) status: active inet netmask 0xfe00 broadcast enc0: flags=0<> index 4 priority 0 llprio 3 groups: enc status: active wg0: flags=80c3 mtu 1420 description: VPN index 6 priority 0 llprio 3 wgport wgpubkey wgpeer wgpsk (present) wgendpoint 61722 tx: 109217968, rx: 3820653136 last handshake: 96 seconds ago wgaip /24 wgaip /24 wgaip /24 wgaip /32 wgpeer wgpsk (present) wgendpoint 61723 tx: 3383156, rx: 2595500 last handshake: 30 seconds ago wgaip /24 wgaip /24 wgaip /23 wgaip /23 wgaip /32 wgpeer wgpsk (present) wgendpoint 32925 tx: 4543152, rx: 5454580 last handshake: 69 seconds ago wgaip /24 wgaip /24 wgaip /24 wgaip /24 wgaip /32 wgpeer wgpsk (present) wgendpoint 37666 tx: 21211976, rx: 3509392 last handshake: 77 seconds ago wgaip /24 wgaip /32 groups: wg inet 10.68.73.1 netmask 0xfff8 broadcast 10.68.73.7 pflog0: flags=141 mtu 33136 index 7 priority 0 llprio 3 groups: pflog 116 mbufs in use: 109 mbufs allocated to data 1 mbuf allocated to packet headers 6 mbufs allocated to socket names and addresses 0/40 mbuf 2048 byte clusters in use (current/peak) 107/210 mbuf 2112 byte clusters in use (current/peak) 0/8 mbuf 4096 byte clusters in use (current/peak) 0/8 mbuf 8192 byte clusters in use (current/peak) 0/0 mbuf 9216 byte clusters in use (current/peak) 0/0 mbuf 12288 byte clusters in use (current/peak) 0/0 mbuf 16384 byte clusters in use (current/peak) 0/0 mbuf 65536 byte clusters in use (current/peak) 660/676/524288 Kbytes allocated to network (current/peak/max) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines hostname.em0 Description: Binary data hostname.em2 Description: Binary data hostname.wg0 Description: Binary data
Re: alias issue with snapshot #1175
On 2023-05-08, Sonic wrote: > This is repeatable every time. After a boot the .45 alias does not > pass any traffic, its ports are closed. It will answer a ping, and > shows up in "ifconfig -A" (or em0) and in netstat. > The other 3 addresses work normally. > Restarting the interface with "sh /etc/netstart em0" brings the .45 > alias back to an active state. There's not enough information really. /etc/hostname.* and maybe results of ifconfig -A and netstat -rn might give more clues. -- Please keep replies on the mailing list.
Re: alias issue with snapshot #1175
This is repeatable every time. After a boot the .45 alias does not pass any traffic, its ports are closed. It will answer a ping, and shows up in "ifconfig -A" (or em0) and in netstat. The other 3 addresses work normally. Restarting the interface with "sh /etc/netstart em0" brings the .45 alias back to an active state. On Sun, May 7, 2023 at 8:43 PM Sonic wrote: > > After doing a "sh /etc/netstart em0" that alias is back up and > working. The problem occurs after boot. > > On Sun, May 7, 2023 at 7:23 PM Sonic wrote: > > > > Hello, > > > > Upgrade a system to the latest snapshot - 1175 - and am seeing a > > problem with an alias address. > > The outside IP is part of a /29 (not actual addresses) : > > inet 51.67.20.41 netmask 0xfff8 broadcast 51.67.20.47 > > inet 51.67.20.42 netmask 0x > > inet 51.67.20.43 netmask 0x > > inet 51.67.20.45 netmask 0x > > The address 51.67.20.44 is used by another device connected to the > > same cable modem. > > All was working well until the upgrade and now the alias 51.67.20.45 > > will answer a ping but shows ports that should be open as closed, and > > traffic does not pass. > > The other 3 addresses (main and aliases) continue to work normally. > > > > Thanks for any assistance. > > Chris
Re: alias issue with snapshot #1175
After doing a "sh /etc/netstart em0" that alias is back up and working. The problem occurs after boot. On Sun, May 7, 2023 at 7:23 PM Sonic wrote: > > Hello, > > Upgrade a system to the latest snapshot - 1175 - and am seeing a > problem with an alias address. > The outside IP is part of a /29 (not actual addresses) : > inet 51.67.20.41 netmask 0xfff8 broadcast 51.67.20.47 > inet 51.67.20.42 netmask 0x > inet 51.67.20.43 netmask 0x > inet 51.67.20.45 netmask 0x > The address 51.67.20.44 is used by another device connected to the > same cable modem. > All was working well until the upgrade and now the alias 51.67.20.45 > will answer a ping but shows ports that should be open as closed, and > traffic does not pass. > The other 3 addresses (main and aliases) continue to work normally. > > Thanks for any assistance. > Chris
alias issue with snapshot #1175
Hello, Upgrade a system to the latest snapshot - 1175 - and am seeing a problem with an alias address. The outside IP is part of a /29 (not actual addresses) : inet 51.67.20.41 netmask 0xfff8 broadcast 51.67.20.47 inet 51.67.20.42 netmask 0x inet 51.67.20.43 netmask 0x inet 51.67.20.45 netmask 0x The address 51.67.20.44 is used by another device connected to the same cable modem. All was working well until the upgrade and now the alias 51.67.20.45 will answer a ping but shows ports that should be open as closed, and traffic does not pass. The other 3 addresses (main and aliases) continue to work normally. Thanks for any assistance. Chris