patch commited thanks Joonas, for fixing this bug.
/Benno Joonas Ruohonen([email protected]) on 2015.11.08 18:52:58 +0200: > >Synopsis: gre(4) keepalives are sent from wrong rdomain > >Category: kernel > >Environment: > System : OpenBSD 5.8 > Details : OpenBSD 5.8-current (GENERIC) #1458: Fri Nov 6 05:12:57 > MST 2015 > > [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC > Architecture: OpenBSD.amd64 > Machine : amd64 > > >Description: > I was trying out gre(4) tunnels with rdomains and pair(4) interfaces > and everything seemed to work quite alright except that I started to > get this diagnostic warning message when using keepalive in the GRE > tunnels that were on some other rdomain than the default. Regular > traffic (eg. ping) does not trigger the diagnostic warning. > > The warning message was as follows: > "gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2" > > Everything (regular traffic and keepalive messages) seems to work OK > even without the patch below, except of course the diagnostic warning. > But wrong ph_rtableid could maybe lead to some problems with PF filters > and such? > > >How-To-Repeat: > Commands to reproduce the diagnostic warning and to verify the patch: > =================================================================== > sysctl net.inet.gre.allow=1 > sysctl net.inet.ip.forwarding=1 > > # Disable PF... > pfctl -d > # ... or add the following line to pf.conf: > # pass quick on gre proto gre no state > > ifconfig pair0 create rdomain 0 10.1.1.1/24 > ifconfig pair1 create rdomain 1 10.1.1.2/24 > ifconfig pair0 patch pair1 > > ifconfig gre0 create rdomain 0 10.2.2.0/31 > ifconfig gre1 create rdomain 1 10.2.2.1/31 > route -T 0 add -inet 10.2.2.0/31 -iface 10.2.2.0 > route -T 1 add -inet 10.2.2.0/31 -iface 10.2.2.1 > > ifconfig gre0 tunnel 10.1.1.1 10.1.1.2 tunneldomain 0 > ifconfig gre1 tunnel 10.1.1.2 10.1.1.1 tunneldomain 1 > > ifconfig gre0 keepalive 2 3 > ifconfig gre1 keepalive 2 3 > > >Fix: > With this patch keepalives no longer trigger the diagnostic warning: > Index: sys/net/if_gre.c > =================================================================== > RCS file: /cvs/src/sys/net/if_gre.c,v > retrieving revision 1.76 > diff -u -p -r1.76 if_gre.c > --- sys/net/if_gre.c 25 Oct 2015 11:58:11 -0000 1.76 > +++ sys/net/if_gre.c 8 Nov 2015 14:22:05 -0000 > @@ -693,6 +693,9 @@ gre_send_keepalive(void *arg) > m->m_len = m->m_pkthdr.len = sizeof(*ip) + sizeof(*gh); > MH_ALIGN(m, m->m_len); > > + /* use the interface's rdomain when sending keepalives. */ > + m->m_pkthdr.ph_rtableid = sc->sc_if.if_rdomain; > + > /* build the ip header */ > ip = mtod(m, struct ip *); > > > dmesg: > OpenBSD 5.8-current (GENERIC) #1458: Fri Nov 6 05:12:57 MST 2015 > [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC > real mem = 251592704 (239MB) > avail mem = 240001024 (228MB) > mpath0 at root > scsibus0 at mpath0: 256 targets > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe1000 (10 entries) > bios0: vendor innotek GmbH version "VirtualBox" date 12/01/2006 > bios0: innotek GmbH VirtualBox > acpi0 at bios0: rev 2 > acpi0: sleep states S0 S5 > acpi0: tables DSDT FACP APIC SSDT > acpi0: wakeup devices > acpitimer0 at acpi0: 3579545 Hz, 32 bits > acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat > cpu0 at mainbus0: apid 0 (boot processor) > cpu0: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz, 3228.03 MHz > cpu0: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,MWAIT,SSSE3,NXE,LONG,LAHF > cpu0: 4MB 64b/line 16-way L2 cache > cpu0: smt 0, core 0, package 0 > mtrr: CPU supports MTRRs but not enabled by BIOS > cpu0: apic clock running at 1000MHz > cpu0: mwait min=64, max=64 > ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 11, 24 pins > acpiprt0 at acpi0: bus 0 (PCI0) > acpicpu0 at acpi0: C1(@1 halt!) > acpibat0 at acpi0: BAT0 not present > acpiac0 at acpi0: AC unit online > acpivideo0 at acpi0: GFX0 > pci0 at mainbus0 bus 0 > pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02 > pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00 > pciide0 at pci0 dev 1 function 1 "Intel 82371AB IDE" rev 0x01: DMA, > channel 0 configured to compatibility, channel 1 configured to compatibility > wd0 at pciide0 channel 0 drive 0: <VBOX HARDDISK> > wd0: 128-sector PIO, LBA, 2048MB, 4194304 sectors > wd1 at pciide0 channel 0 drive 1: <VBOX HARDDISK> > wd1: 128-sector PIO, LBA, 8192MB, 16777216 sectors > wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 > wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 > atapiscsi0 at pciide0 channel 1 drive 0 > scsibus1 at atapiscsi0: 2 targets > cd0 at scsibus1 targ 0 lun 0: <VBOX, CD-ROM, 1.0> ATAPI 5/cdrom removable > cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 > vga1 at pci0 dev 2 function 0 "InnoTek VirtualBox Graphics Adapter" rev 0x00 > wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) > wsdisplay0: screen 1-5 added (80x25, vt100 emulation) > em0 at pci0 dev 3 function 0 "Intel 82540EM" rev 0x02: apic 1 int 19, > address 08:00:27:27:df:c8 > "InnoTek VirtualBox Guest Service" rev 0x00 at pci0 dev 4 function 0 not > configured > auich0 at pci0 dev 5 function 0 "Intel 82801AA AC97" rev 0x01: apic 1 > int 21, ICH AC97 > ac97: codec id 0x83847600 (SigmaTel STAC9700) > audio0 at auich0 > ohci0 at pci0 dev 6 function 0 "Apple Intrepid USB" rev 0x00: apic 1 int > 22, version 1.0 > piixpm0 at pci0 dev 7 function 0 "Intel 82371AB Power" rev 0x08: SMBus > disabled > isa0 at pcib0 > isadma0 at isa0 > pckbc0 at isa0 port 0x60/5 irq 1 irq 12 > pckbd0 at pckbc0 (kbd slot) > wskbd0 at pckbd0: console keyboard, using wsdisplay0 > pms0 at pckbc0 (aux slot) > wsmouse0 at pms0 mux 0 > pcppi0 at isa0 port 0x61 > spkr0 at pcppi0 > usb0 at ohci0: USB revision 1.0 > uhub0 at usb0 "Apple OHCI root hub" rev 1.00/1.00 addr 1 > vscsi0 at root > scsibus2 at vscsi0: 256 targets > softraid0 at root > scsibus3 at softraid0: 256 targets > root on wd0a (e57c71436647abdf.a) swap on wd0b dump on wd0b > gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2 > gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2 > gre1: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 2 > --
