Hi --
I came across an issue with outgoing tcp6 connections after upgrading to 9.1-RELEASE.
Whenever I try to connect to a distant IPv6 service using tcp6 I do run into timeouts, e.g.:
If I disable pf, I'll succeed:
The relevant part of tcpdump snippet at the outgoing server looks like:
My pf rule regarding outgoing tcp6 is simply:
I did try "flags any" and/or "no state", but to no avail.
I did test with and seeing thea issue regarding tcp6:
RELEASE #0 r244594
PRERELEASE #0 r244694
PRERELEASE (GENERIC) #0 r244811
There is no issue with 9.0-RELEASE-p5 (r244773) and the very same pf configuration. It just happened after upgrading to 9.1-RELEASE.
Is anyone else experiencing the same issue?
P.S. upd6 works as expected.
I came across an issue with outgoing tcp6 connections after upgrading to 9.1-RELEASE.
Whenever I try to connect to a distant IPv6 service using tcp6 I do run into timeouts, e.g.:
Code:
9.1> nc -6vw 1 a:b:c:d::1 53
nc: connect to a:b:c:d::1 port 53 (tcp) failed: Operation timed out
If I disable pf, I'll succeed:
Code:
9.1> pfctl -d
No ALTQ support in kernel
ALTQ related functions disabled
pf disabled
9.1> nc -6vw 1 a:b:c:d::1 53
Connection to a:b:c:d::1 53 port [tcp/domain] succeeded!
The relevant part of tcpdump snippet at the outgoing server looks like:
Code:
9.1> tcpdump -n -e -ttt -s 256 -vvv -p -i em0
ethertype IPv6 (0x86dd), length 94: (flowlabel 0xd704f, hlim 64, next-header TCP (6) payload length: 40) w:x:y:z::1.60238 > a:b:c:d::1.53: Flags [S], cksum 0x9471 (incorrect -> 0x7830), seq 406663917, win 65535, options [mss 1440,nop,wscale 6,sackOK,TS val 35873618 ecr 0], length 0
My pf rule regarding outgoing tcp6 is simply:
Code:
pass out log on em0 inet6 proto tcp all flags S/SA modulate state
I did try "flags any" and/or "no state", but to no avail.
I did test with and seeing thea issue regarding tcp6:
RELEASE #0 r244594
PRERELEASE #0 r244694
PRERELEASE (GENERIC) #0 r244811
There is no issue with 9.0-RELEASE-p5 (r244773) and the very same pf configuration. It just happened after upgrading to 9.1-RELEASE.
Is anyone else experiencing the same issue?
P.S. upd6 works as expected.