NetBSD Problem Report #51372

From hf@spg.tu-darmstadt.de  Thu Jul 28 09:45:12 2016
Return-Path: <hf@spg.tu-darmstadt.de>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 522FA7A26F
	for <gnats-bugs@gnats.NetBSD.org>; Thu, 28 Jul 2016 09:45:12 +0000 (UTC)
Message-Id: <201607280945.u6S9j5On009307@Gstoder.nt.e-technik.tu-darmstadt.de>
Date: Thu, 28 Jul 2016 11:45:05 +0200 (CEST)
From: Hauke Fath <hf@spg.tu-darmstadt.de>
Reply-To: Hauke Fath <hf@spg.tu-darmstadt.de>
To: gnats-bugs@NetBSD.org
Cc: Hauke Fath <hf@spg.tu-darmstadt.de>
Subject: add & document carp and pfsync protocol numbers 
X-Send-Pr-Version: 3.95

>Number:         51372
>Category:       bin
>Synopsis:       add & document carp and pfsync protocol numbers
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    hauke
>State:          closed
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jul 28 09:50:00 +0000 2016
>Closed-Date:    Fri Mar 31 07:24:07 +0000 2023
>Last-Modified:  Fri Mar 31 07:24:07 +0000 2023
>Originator:     Hauke Fath
>Release:        NetBSD 7.0_STABLE
>Organization:
Technische Universitaet Darmstadt
>Environment:


System: NetBSD Gstoder 7.0_STABLE NetBSD 7.0_STABLE (MONOLITHIC) #1: Fri Apr 1 14:41:59 CEST 2016 hf@Hochstuhl:/var/obj/netbsd-builds/7/i386/sys/arch/i386/compile/MONOLITHIC i386
Architecture: i386
Machine: i386
>Description:

	The NetBSD man page for pfsync(4) says this about pf(4) filter
	rules necessary to admit the CARP and pfsync packets:


pf(4) must also be configured to allow pfsync and carp(4) traffic
through.  The following should be added to the top of /etc/pf.conf:

           pass quick on { sis2 } proto pfsync
           pass on { sis0 sis1 } proto carp


	This is obviously a copycat from the OpenBSD man page, since
	the NetBSD /etc/protocols has "vrrp" for what OpenBSD calls
	"carp" (protocol 112), and no entry at all for what OpenBSD
	calls "pfsync" (protocol 240).




>How-To-Repeat:

	Set up the recommended pf rules per pfsync(4), watch pf error
	out.


>Fix:

	In /etc/protocols, add carp as an alias for vrrp (or rather
	the other way round, since we do not have anything in the tree
	that actually does vrrp). 

	Also, add an entry for pfsync, siince we ship the thing.



>Release-Note:

>Audit-Trail:

Responsible-Changed-From-To: bin-bug-people->hauke
Responsible-Changed-By: hauke@NetBSD.org
Responsible-Changed-When: Mon, 16 Jan 2017 09:28:44 +0000
Responsible-Changed-Why:
Take - might as well...


From: Hauke Fath <hf@spg.tu-darmstadt.de>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, Hauke Fath <hf@spg.tu-darmstadt.de>
Subject: Re: bin/51372 (add & document carp and pfsync protocol numbers) --
 CVS commit: src/etc
Date: Mon, 16 Jan 2017 11:56:01 +0100

 [Re-sent - sorry, wrong bucket]

   Module Name:	src
   Committed By:	hauke
   Date:		Mon Jan 16 09:39:26 UTC 2017

    Modified Files:
   	src/etc: protocols
    Log Message:
   Add carp as an alias for vrrp - after all, we do not ship vrrp, but we
   do ship carp(4).
    Restore the pfsync entry that was added with 1.20, then wiped out by
   the 1.21 import. Please merge any wholesale imports properly.
    Remove http://www.sethwklein.net/projects/iana-etc/ which 404s.
    Should fix PR bin/51372

     To generate a diff of this commit:
   cvs rdiff -u -r1.28 -r1.29 src/etc/protocols
    Please note that diffs are not public domain; they are subject to the
   copyright notices on the relevant files.

State-Changed-From-To: open->pending-pullups
State-Changed-By: hauke@NetBSD.org
State-Changed-When: Mon, 16 Jan 2017 11:05:35 +0000
State-Changed-Why:
I committed the addition; it should be pulled up.


State-Changed-From-To: pending-pullups->needs-pullups
State-Changed-By: maxv@NetBSD.org
State-Changed-When: Mon, 12 Feb 2018 13:26:33 +0000
State-Changed-Why:
needs to be pulled up, but not yet requested


State-Changed-From-To: needs-pullups->closed
State-Changed-By: riastradh@NetBSD.org
State-Changed-When: Fri, 31 Mar 2023 07:24:07 +0000
State-Changed-Why:
netbsd-7 is now EOL, no more need for pullups


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2023 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.