lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 23 May 2023 15:58:54 +0200
From: Moviuro <moviuro@...il.com>
To: netdev@...r.kernel.org
Subject: Secondary bond slave receiving packets when preferred is up

Hi there,

On 2 similar machines, some (random?) packets are received on a wireless
bond slave when the preferred eth interface is connected: this causes
local packet loss and at worst, disconnects (e.g. SSH and KDEConnect).

My setup looks fine, inspired by the Arch wiki[0], see
/proc/net/bonding/bond0 below. The archlinux community has not been able
to help so far[1].

     +-----------+                
     |Router .1  |                
     +-----+-----+                
           |                      
     +-----+-----+                
     |Switch .30 +---------------+
     +--+--------+-------------+ |
        |                      | |
        |                      | |
 +------+--+    +-----------+  | |
 | WAP .21 +~~~~+Client .111+--+ |
 +------+--+    +-----------+    |
        |                        |
        |       +-----------+    |
        +~~~~~~~+Client .149-----+
                +-----------+     

Running ping(8) for a few hours, there's nothing much going on, packet
loss is really because ICMP packets end up on the WiFi interface:

* .1 -> .149: 56436 sent, 56405 replies
* .1 -> .111: 20643 sent, 20640 replies
* .111 -> .149: 7682/7702 packets
* .149 -> .111: 14791/14792 packets

Sure enough, there's some noise on the WiFi interface:

root@149 # tcpdump -ttttnei wlp3s0 host 192.168.1.149 and not arp
2023-05-23 09:29:46.771535 11:11:11:11:11:74 > BB:BB:BB:BB:BB:33, ethertype IPv4 (0x0800), length 98: 192.168.1.1 > 192.168.1.149: ICMP echo request , id 64306, seq 53425, length 64
2023-05-23 09:36:04.710859 bb:bb:bb:bb:bb:32 > BB:BB:BB:BB:BB:33, ethertype IPv4 (0x0800), length 98: 192.168.1.111 > 192.168.1.149: ICMP echo reque st, id 1, seq 2390, length 64

root@111 # tcpdump -ttttnei wlp5s0 not arp and host 192.168.1.111
2023-05-23 09:28:33.367805 pp:pp:pp:pp:pp:af > bb:bb:bb:bb:bb:32, ethertype IPv4 (0x0800), length 457: 192.168.1.173 > 192.168.1.111: ip-proto-17
2023-05-23 09:32:29.727948 21:21:21:21:21:ec > bb:bb:bb:bb:bb:32, ethertype IPv4 (0x0800), length 74: 192.168.1.21.45194 > 192.168.1.111.8080: Flags [S], seq 519821669, win 29200, options [mss 1460,sackOK,TS val 490237620 ecr 0,nop,wscale 5], length 0
[...]
2023-05-23 10:02:36.431322 11:11:11:11:11:74 > bb:bb:bb:bb:bb:32, ethertype IPv4 (0x0800), length 758: 192.168.1.1.22 > 192.168.1.111.44028: Flags [P.], seq 2394290223:2394290915, ack 741416096, win 271, options [nop,nop,TS val 1797716987 ecr 1795972790], length 692

I have also checked that there are not ARP messages from .111 or .149 on
their WiFi interfaces:

root@111 # tcpdump -ttttnei wlp5s0 arp
2023-05-23 11:29:16.487822 00:00:00:00:00:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.26 tell 192.168.1.100, length 46
2023-05-23 11:29:17.300904 00:00:00:00:00:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.26 tell 192.168.1.100, length 46
2023-05-23 11:29:18.904718 00:00:00:00:00:54 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.26 tell 192.168.1.100, length 46
2023-05-23 11:29:20.945890 30:30:30:30:30:d4 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.1 (ff:ff:ff:ff:ff:ff) tell 192.168.1.30, length 46
2023-05-23 11:29:26.986234 30:30:30:30:30:d4 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.1 (ff:ff:ff:ff:ff:ff) tell 192.168.1.30, length 46

After removing the .111 ARP entry from the router, no ARP reply on WiFi:
(it does show up when tcpdump(8)ing on the ethernet iface)

2023-05-23 11:31:28.986766 11:11:11:11:11:74 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.111 tell 192.168.1.1, length 46
# no reply! it happened on the eth iface
2023-05-23 11:31:33.925495 30:30:30:30:30:d4 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.1 (ff:ff:ff:ff:ff:ff) tell 192.168.1.30, length 46

I connect to the WiFi network using wpa_supplicant(8). Launching
wpa_supplicant in debug mode (-dd) yields some additional messages but
they never coincide with packets getting received on the WiFi interface.

So I'm at a loss here. The bonding documentation doesn't say anything
about needing special networking hardware (on the clients or on the
network).

[0] https://wiki.archlinux.org/title/systemd-networkd#Bonding_a_wired_and_wireless_interface
[1] https://bbs.archlinux.org/viewtopic.php?id=285633

user@111 % cat /proc/net/bonding/bond0 
Ethernet Channel Bonding Driver: v6.3.2-1-clear

Bonding Mode: fault-tolerance (active-backup)
Primary Slave: enp4s0 (primary_reselect always)
Currently Active Slave: enp4s0
MII Status: up
MII Polling Interval (ms): 1000
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0

Slave Interface: wlp5s0
MII Status: up
Speed: Unknown
Duplex: Unknown
Link Failure Count: 0
Permanent HW addr: ww:ww:ww:ww:ww:c8
Slave queue ID: 0

Slave Interface: enp4s0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: ee:ee:ee:ee:ee:ac
Slave queue ID: 0

user@149 % cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v6.3.2-zen1-1.1-zen

Bonding Mode: fault-tolerance (active-backup)
Primary Slave: enp0s31f6 (primary_reselect always)
Currently Active Slave: enp0s31f6
MII Status: up
MII Polling Interval (ms): 1000
Up Delay (ms): 0
Down Delay (ms): 0
Peer Notification Delay (ms): 0

Slave Interface: wlp3s0
MII Status: up
Speed: Unknown
Duplex: Unknown
Link Failure Count: 0
Permanent HW addr: WW:WW:WW:WW:WW:70
Slave queue ID: 0

Slave Interface: enp0s31f6
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: EE:EE:EE:EE:EE:4f
Slave queue ID: 0

Networking hardware list:

* Switch https://eu.store.ui.com/eu/en/collections/unifi-switching-standard-power-over-ethernet/products/usw-24-poe
* WAP https://eu.store.ui.com/eu/en/collections/unifi-wifi-flagship-compact/products/u6-lite

Client hardware:

* 111: AsRock B550 Phantom Gaming-ITX/ax: https://pg.asrock.com/mb/AMD/B550%20Phantom%20Gaming-ITXax/index.asp#Specification
* 149: MSI Z170A SLI Plus: https://www.msi.com/Motherboard/Z170A-SLI-PLUS/Specification
* 149: Intel Corporation Dual Band Wireless-AC 7260 [Wilkins Peak 2]: https://ark.intel.com/content/www/us/en/ark/products/75439/intel-dual-band-wirelessac-7260.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ