NetBSD Problem Report #30851

From  Wed Jul 27 18:31:29 2005
Return-Path: <>
Received: from ( [])
	by (Postfix) with ESMTP id D825E63B104
	for <>; Wed, 27 Jul 2005 18:31:28 +0000 (UTC)
Message-Id: <>
Date: Wed, 27 Jul 2005 19:31:21 +0100
Sender: "Patrick Welche,SCC,ext.35710," <>
Subject: bge breaks ipnat
X-Send-Pr-Version: 3.95

>Number:         30851
>Category:       kern
>Synopsis:       bad NAT with bge
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Jul 27 18:32:00 +0000 2005
>Originator:     Patrick Welche
>Release:        NetBSD 3.99.7

cvs of 20 July 2005 11:12 UTC
Architecture: i386
Machine: i386
When bge(4) is the external interface on which an ipnat mapping is defined,
the return packets are blocked because of "bad NAT" as they don't match
the state table.
Rather like in kern/29660, though this is a different Dell GX280, find a
computer with a

bge0 at pci2 dev 0 function 0: Broadcom BCM5751 Gigabit Ethernet
bge0: interrupting at irq 11
bge0: ASIC BCM5750 A1 (0x4001), Ethernet address 00:11:43:7c:6c:94
brgphy0 at bge0 phy 1: BCM5750 1000BASE-T media interface, rev. 0
brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto

and some other network card, eg. ex.

map bge0 ->

block in log all
block out log all
pass in  quick log on ex0  proto tcp from any to any port = http flags S/SA keep state
pass out quick log on bge0 proto tcp from any to any port = http flags S/SA keep state

Then run ipmon, and get a client to connect through the Dell. Watch the
packets go out, and get blocked on return to the bge with bad NAT.

Swap the bge for a ex(4) 3Com 3c905C-TX. Maybe this combined with
kern/29660 might point to a fix given that these have the same chip?


NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD:,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.