Cannot send packets in one direction (other works)

[mirabilos]

Downstream bugtracker link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016129

I have a virtual machine on a host-only network. The configuration is thus:

host$ ip a show dev virbr1
23: virbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:76:0b:a6 brd ff:ff:ff:ff:ff:ff
    inet 10.82.222.129/25 brd 10.82.222.255 scope global virbr1
       valid_lft forever preferred_lft forever
    inet6 fec0::1/64 scope site 
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe76:ba6/64 scope link 
       valid_lft forever preferred_lft forever

guest$ ip a show dev eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc jhtb state UP group default qlen 1000
    link/ether 52:54:00:b7:47:b9 brd ff:ff:ff:ff:ff:ff
    inet 10.82.222.130/25 brd 10.82.222.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fec0::2/64 scope site 
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:feb7:47b9/64 scope link 
       valid_lft forever preferred_lft forever

I can do this:

guest$ sudo tcp6 -i eth1 -y 1000 -d fec0::1 -a 22 -P 1200

But I cannot send packets in the other direction:

host$ sudo tcp6 -i virbr1 -y 1000 -d fec0::2 -a 22 -P 1200
Error while performing Neighbor Discovery for the Destination Address
Error while learning Souce Address and Next Hop
host$ sudo tcp6 -i virbr1 -y 1000 -s fec0::1 -d fec0::2 -a 22 -P 1200 -S 52:54:00:76:0b:a6 -D 52:54:00:b7:47:b9
Error while performing Neighbor Discovery for the Destination Address
Error while learning Souce Address and Next Hop
host$ sudo tcp6 -i virbr1 -y 1000 -s fe80::5054:ff:fe76:ba6 -d fe80::5054:ff:feb7:47b9 -a 22 -P 1200 -S 52:54:00:76:0b:a6 -D 52:54:00:b7:47:b9
Error while performing Neighbor Discovery for the Destination Address
Error while learning Souce Address and Next Hop

Misspelt error messages aside, why is this, even if I pass the source address? Neighbour discovery should work because…

guest$ ping6 -c 1 fec0::1
PING fec0::1(fec0::1) 56 data bytes
64 bytes from fec0::1: icmp_seq=1 ttl=64 time=0.182 ms

--- fec0::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.182/0.182/0.182/0.000 ms
host$ ping6 -c 1 fec0::2
PING fec0::2(fec0::2) 56 data bytes
64 bytes from fec0::2: icmp_seq=1 ttl=64 time=0.384 ms

--- fec0::2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.384/0.384/0.384/0.000 ms

It also doesn’t work when using link-local addresses, see the last attempt above.

[mirabilos]

It stopped working in the other direction as well, after I upgraded the VM from buster to bullseye. I suspect this upgrade to be at fault.

Downgrading just the ipv6toolkit binary package does not fix the problem.

[mirabilos]

Booting with the buster kernel, Linux 4.19.0-21-amd64 (4.19.249-2), does not magically fix this either.

[mirabilos]

Incidentally… on the host system running bullseye, switching to a buster chroot does work!

host:~ $ sudo tcp6 -i virbr1 -d fec0::2 -y 500 -a 22 -P 600; echo = $?
Error while performing Neighbor Discovery for the Destination Address
Error while learning Souce Address and Next Hop
= 1
host:~ $ schroot -prc buster
(buster-i386)host:~ $ sudo tcp6 -i virbr1 -d fec0::2 -y 500 -a 22 -P 600; echo = $?
= 0

[mirabilos]

(Workaround comment for https://github.com/orgs/community/discussions/23319 - please ignore.)

[mirabilos]

Cc libpcap maintainers; context is #1016129 on debbugs. From diffing around between a buster and a bullseye system, I could track this bug down: libpcap0.8: 1.10.0-2 500 500 http://deb.debian.org/debian bullseye/main amd64 Packages 1.10.0-2~bpo10+1 100 100 http://deb.debian.org/debian buster-backports/main amd64 Packages 1.8.1-6+deb10u1 500 500 http://deb.debian.org/debian buster/main amd64 Packages Installing 1.10.0-2~bpo10+1 on buster breaks ipv6toolkit. Installing 1.10.0-2~bpo10+1 on bullseye does not fix ipv6toolkit, installing 1.8.1-6+deb10u1 on bullseye (which temporarily breaks tcpdump) does fix ipv6toolkit. So there’s either something in the newer libpcap that breaks ipv6toolkit, or something in ipv6toolkit that’s not yet compatible with newer libpcap. bye, //mirabilos -- Yay for having to rewrite other people's Bash scripts because bash suddenly stopped supporting the bash extensions they make use of -- Tonnerre Lombard in #nosec

[guyharris]

What happens if you run with -vv which, it appears, will cause the programs to report errors from libpcap calls?

(And why are those not ALWAYS reported? "Error while performing Neighbor Discovery for the Destination Address" and "Error while learning Souce Address and Next Hop" amount to "Something bad happened, but I'm not going to tell you what it was", which aren't very helpful if you want to try to make something bad not happen.)

[mirabilos]

Guy Harris dixit:

What happens if you run with `-vv` which, it appears, will cause the programs to report errors from libpcap calls?

Not more, unfortunately: $ sudo tcp6 -i eth1 -d fec0::1 -y 500 -a 13 -P 600 -v -v -v -v -v Error while performing Neighbor Discovery for the Destination Address Error while learning Souce Address and Next Hop Would an strace (3.6 MB) be useful, or do you prefer testing this on your own Debian system/VM? bye, //mirabilos -- 21:49⎜<allamoox:#sendmail> I have a question guys, ⎜ Can I use my PC as SMTP server, I use Windows 7 . ⎜ Already googled and Installed IIS ⎜ but Still I can't send E-mail

[mcr]

On the bullseye kernel, a libpcap 1.8 works?
I'm curious if on a buster kernel, a libpcap 1.10 works?
It might also matter which kernel capture mechanism is compiled it.

[mirabilos]

Michael Richardson dixit:

On the bullseye kernel, a libpcap 1.8 works?

Yes.

I'm curious if on a buster kernel, a libpcap 1.10 works?

No. bye, //mirabilos -- When he found out that the m68k port was in a pretty bad shape, he did not, like many before him, shrug and move on; instead, he took it upon himself to start compiling things, just so he could compile his shell. How's that for dedication. -- Wouter, about my Debian/m68k revival

[guyharris]

Not more, unfortunately:

So either 1) running with four -vs doesn't cause idata->verbose_f in ipv6_to_ether() to be set to a value > 1 or 2) foundaddr isn't set to "true" at the end of ipv6_to_ether().

If it's 1), that would imply unlikely brokenness, so I'll assume it's 2), and, therefore, that no libpcap call reported an error.

That means that the Neighbor Advertisement packet wasn't seen, either because 1) it wasn't sent, 2) it wasn't received, 3) it was received but didn't make it to the PF_PACKET socket or was dropped before the filtering, or 4) it was received, made it to the PF_PACKET socket, but didn't pass the capture filter.

Did you run tcpdump or Wireshark while running tcp6, to see what traffic was sent by and received on the machine running tcp6?

[mirabilos]

Guy Harris dixit:

Did you run tcpdump or Wireshark while running tcp6, to see what traffic was sent by and received on the machine running tcp6?

I didn’t, but I can easily do that. I’m using… sudo tcp6 -i eth1 -d fec0::1 -y 500 -a 13 -P 600 … as the test command, which I know used to work, since there were quite a few I’ve tried, so to be clear which I use. Note the 23:43:58 ones came in just as I pressed ^C and definitely past the runtime of the tcp6 command. The link “should” be otherwise idle, but things like Avahi are bound to create background traffic. $ sudo tcpdump -evvlns 2000 -Xi eth1 tcpdump: listening on eth1, link-type EN10MB (Ethernet), snapshot length 2000 bytes 23:43:53.682817 52:54:00:b7:47:b9 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::5054:ff:feb7:47b9 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fec0::1 source link-address option (1), length 8 (1): 52:54:00:b7:47:b9 0x0000: 5254 00b7 47b9 0x0000: 6000 0000 0020 3aff fe80 0000 0000 0000 `.....:......... 0x0010: 5054 00ff feb7 47b9 ff02 0000 0000 0000 PT....G......... 0x0020: 0000 0001 ff00 0001 8700 49d2 0000 0000 ..........I..... 0x0030: fec0 0000 0000 0000 0000 0000 0000 0001 ................ 0x0040: 0101 5254 00b7 47b9 ..RT..G. 23:43:53.683167 52:54:00:76:0b:a6 > 52:54:00:b7:47:b9, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fec0::1 > fe80::5054:ff:feb7:47b9: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fec0::1, Flags [router, solicited, override] destination link-address option (2), length 8 (1): 52:54:00:76:0b:a6 0x0000: 5254 0076 0ba6 0x0000: 6000 0000 0020 3aff fec0 0000 0000 0000 `.....:......... 0x0010: 0000 0000 0000 0001 fe80 0000 0000 0000 ................ 0x0020: 5054 00ff feb7 47b9 8800 a369 e000 0000 PT....G....i.... 0x0030: fec0 0000 0000 0000 0000 0000 0000 0001 ................ 0x0040: 0201 5254 0076 0ba6 ..RT.v.. 23:43:54.682914 52:54:00:b7:47:b9 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::5054:ff:feb7:47b9 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fec0::1 source link-address option (1), length 8 (1): 52:54:00:b7:47:b9 0x0000: 5254 00b7 47b9 0x0000: 6000 0000 0020 3aff fe80 0000 0000 0000 `.....:......... 0x0010: 5054 00ff feb7 47b9 ff02 0000 0000 0000 PT....G......... 0x0020: 0000 0001 ff00 0001 8700 49d2 0000 0000 ..........I..... 0x0030: fec0 0000 0000 0000 0000 0000 0000 0001 ................ 0x0040: 0101 5254 00b7 47b9 ..RT..G. 23:43:54.683161 52:54:00:76:0b:a6 > 52:54:00:b7:47:b9, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fec0::1 > fe80::5054:ff:feb7:47b9: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fec0::1, Flags [router, solicited, override] destination link-address option (2), length 8 (1): 52:54:00:76:0b:a6 0x0000: 5254 0076 0ba6 0x0000: 6000 0000 0020 3aff fec0 0000 0000 0000 `.....:......... 0x0010: 0000 0000 0000 0001 fe80 0000 0000 0000 ................ 0x0020: 5054 00ff feb7 47b9 8800 a369 e000 0000 PT....G....i.... 0x0030: fec0 0000 0000 0000 0000 0000 0000 0001 ................ 0x0040: 0201 5254 0076 0ba6 ..RT.v.. 23:43:55.682967 52:54:00:b7:47:b9 > 33:33:ff:00:00:01, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::5054:ff:feb7:47b9 > ff02::1:ff00:1: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fec0::1 source link-address option (1), length 8 (1): 52:54:00:b7:47:b9 0x0000: 5254 00b7 47b9 0x0000: 6000 0000 0020 3aff fe80 0000 0000 0000 `.....:......... 0x0010: 5054 00ff feb7 47b9 ff02 0000 0000 0000 PT....G......... 0x0020: 0000 0001 ff00 0001 8700 49d2 0000 0000 ..........I..... 0x0030: fec0 0000 0000 0000 0000 0000 0000 0001 ................ 0x0040: 0101 5254 00b7 47b9 ..RT..G. 23:43:55.683294 52:54:00:76:0b:a6 > 52:54:00:b7:47:b9, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fec0::1 > fe80::5054:ff:feb7:47b9: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fec0::1, Flags [router, solicited, override] destination link-address option (2), length 8 (1): 52:54:00:76:0b:a6 0x0000: 5254 0076 0ba6 0x0000: 6000 0000 0020 3aff fec0 0000 0000 0000 `.....:......... 0x0010: 0000 0000 0000 0001 fe80 0000 0000 0000 ................ 0x0020: 5054 00ff feb7 47b9 8800 a369 e000 0000 PT....G....i.... 0x0030: fec0 0000 0000 0000 0000 0000 0000 0001 ................ 0x0040: 0201 5254 0076 0ba6 ..RT.v.. 23:43:58.805988 52:54:00:76:0b:a6 > 52:54:00:b7:47:b9, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::5054:ff:fe76:ba6 > fe80::5054:ff:feb7:47b9: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::5054:ff:feb7:47b9 source link-address option (1), length 8 (1): 52:54:00:76:0b:a6 0x0000: 5254 0076 0ba6 0x0000: 6000 0000 0020 3aff fe80 0000 0000 0000 `.....:......... 0x0010: 5054 00ff fe76 0ba6 fe80 0000 0000 0000 PT...v.......... 0x0020: 5054 00ff feb7 47b9 8700 92b7 0000 0000 PT....G......... 0x0030: fe80 0000 0000 0000 5054 00ff feb7 47b9 ........PT....G. 0x0040: 0101 5254 0076 0ba6 ..RT.v.. 23:43:58.806029 52:54:00:b7:47:b9 > 52:54:00:76:0b:a6, ethertype IPv6 (0x86dd), length 78: (hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::5054:ff:feb7:47b9 > fe80::5054:ff:fe76:ba6: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::5054:ff:feb7:47b9, Flags [solicited] 0x0000: 6000 0000 0018 3aff fe80 0000 0000 0000 `.....:......... 0x0010: 5054 00ff feb7 47b9 fe80 0000 0000 0000 PT....G......... 0x0020: 5054 00ff fe76 0ba6 8800 b130 4000 0000 ***@***.*** 0x0030: fe80 0000 0000 0000 5054 00ff feb7 47b9 ........PT....G. ^C 8 packets captured 8 packets received by filter 0 packets dropped by kernel

[guyharris]

OK, try that again, but with tcpdump running with a filter of "icmp6 and ip6[7]==255 and ip6[40]==136 and ip6[41]==0".

[mirabilos]

@guyharris here:

$ sudo tcpdump -evvlns 2000 -Xi eth1 "icmp6 and ip6[7]==255 and ip6[40]==136 and ip6[41]==>
tcpdump: listening on eth1, link-type EN10MB (Ethernet), snapshot length 2000 bytes
00:09:25.590900 52:54:00:76:0b:a6 > 52:54:00:b7:47:b9, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fec0::1 > fe80::5054:ff:feb7:47b9: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fec0::1, Flags [router, solicited, override]
          destination link-address option (2), length 8 (1): 52:54:00:76:0b:a6
            0x0000:  5254 0076 0ba6
        0x0000:  6000 0000 0020 3aff fec0 0000 0000 0000  `.....:.........
        0x0010:  0000 0000 0000 0001 fe80 0000 0000 0000  ................
        0x0020:  5054 00ff feb7 47b9 8800 a369 e000 0000  PT....G....i....
        0x0030:  fec0 0000 0000 0000 0000 0000 0000 0001  ................
        0x0040:  0201 5254 0076 0ba6                      ..RT.v..
00:09:26.591051 52:54:00:76:0b:a6 > 52:54:00:b7:47:b9, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fec0::1 > fe80::5054:ff:feb7:47b9: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fec0::1, Flags [router, solicited, override]
          destination link-address option (2), length 8 (1): 52:54:00:76:0b:a6
            0x0000:  5254 0076 0ba6
        0x0000:  6000 0000 0020 3aff fec0 0000 0000 0000  `.....:.........
        0x0010:  0000 0000 0000 0001 fe80 0000 0000 0000  ................
        0x0020:  5054 00ff feb7 47b9 8800 a369 e000 0000  PT....G....i....
        0x0030:  fec0 0000 0000 0000 0000 0000 0000 0001  ................
        0x0040:  0201 5254 0076 0ba6                      ..RT.v..
00:09:27.591131 52:54:00:76:0b:a6 > 52:54:00:b7:47:b9, ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) fec0::1 > fe80::5054:ff:feb7:47b9: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is fec0::1, Flags [router, solicited, override]
          destination link-address option (2), length 8 (1): 52:54:00:76:0b:a6
            0x0000:  5254 0076 0ba6
        0x0000:  6000 0000 0020 3aff fec0 0000 0000 0000  `.....:.........
        0x0010:  0000 0000 0000 0001 fe80 0000 0000 0000  ................
        0x0020:  5054 00ff feb7 47b9 8800 a369 e000 0000  PT....G....i....
        0x0030:  fec0 0000 0000 0000 0000 0000 0000 0001  ................
        0x0040:  0201 5254 0076 0ba6                      ..RT.v..
^C
3 packets captured
3 packets received by filter
0 packets dropped by kernel

[mcr]

It sounds like if we have the capture that we can build a regression test that shows the different between 1.8 and 1.10, or are there kernel issues I'm missing?