From: Paul Donohue <linux-kernel@PaulSD•com>
To: David Ahern <dsahern@gmail•com>
Cc: "David S. Miller" <davem@davemloft•net>,
Alexey Kuznetsov <kuznet@ms2•inr.ac.ru>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6•org>,
netdev@vger•kernel.org
Subject: Re: IPv6 L2TP issues related to 93531c67
Date: Tue, 16 Jul 2019 09:56:46 -0400 [thread overview]
Message-ID: <20190716135646.GE2622@TopQuark.net> (raw)
In-Reply-To: <d6db74f5-5add-7500-1b7a-fa62302a455f@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2193 bytes --]
On Mon, Jul 15, 2019 at 12:55:48PM -0600, David Ahern wrote:
> As an FYI, gmail thinks your emails are spam.
Ugh. Thanks for letting me know. I'll look into it.
> On 7/15/19 10:18 AM, Paul Donohue wrote:
> > Reverting commit 93531c6743157d7e8c5792f8ed1a57641149d62c (identified by bisection) fixes this issue.
> That commit can not be reverted. It is a foundational piece for a lot of
> other changes. Did you mean the commit before it works and this commit
> fails?
Sorry, yes, I meant the commit before it works, and this one fails. I did not try reverting this commit on a more recent kernel.
> > It is not obvious to me how commit 93531c6743157d7e8c5792f8ed1a57641149d62c causes this issue, or how it should be fixed. Could someone take a look and point me in the right direction for further troubleshooting?
> Let's get a complete example that demonstrates the problem, and I can go
> from there. Can you take the attached script and update it so that it
> reflects the problem you are reporting? That script works on latest
> kernel as well as 4.14.133. It uses network namespaces for 2 hosts with
> a router between them.
>
> Also, check the return of the fib lookups using:
> perf record -e fib6:* -a
> <run test, ctrl-c on the record>
> perf script
>
> Checkout the fib lookup parameters and result. Do they look correct to
> you for your setup?
Unfortunately, I have a fairly complicated setup, so it took me a while to figure out which pieces were relevant ... But I think I've finally got it. The missing piece was IPsec.
After establishing an IPsec tunnel to carry the L2TP traffic, the first L2TP packet through the IPsec tunnel permanently breaks the associated L2TP tunnel. Tearing down the IPsec tunnel does not restore functionality of the L2TP tunnel - I have to tear down and re-create the L2TP tunnel before it will work again. In my real-world use case, I have two L2TP tunnels running over the same IPsec tunnel, and the first L2TP tunnel to send a packet after IPsec is established gets permanently broken, while the other L2TP tunnel works fine.
I've attached a modified version of the script which demonstrates this issue.
Thank you!
-Paul
[-- Attachment #2: l2tp.sh --]
[-- Type: application/x-sh, Size: 4977 bytes --]
next prev parent reply other threads:[~2019-07-16 13:56 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-15 16:18 IPv6 L2TP issues related to 93531c67 Paul Donohue
2019-07-15 18:55 ` David Ahern
2019-07-16 13:56 ` Paul Donohue [this message]
2019-07-16 16:46 ` David Ahern
2019-07-17 11:11 ` David Ahern
2019-07-17 15:37 ` Paul Donohue
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190716135646.GE2622@TopQuark.net \
--to=linux-kernel@paulsd$(echo .)com \
--cc=davem@davemloft$(echo .)net \
--cc=dsahern@gmail$(echo .)com \
--cc=kuznet@ms2$(echo .)inr.ac.ru \
--cc=netdev@vger$(echo .)kernel.org \
--cc=yoshfuji@linux-ipv6$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox