yellowman
pair(4) interfaces patched together moves the configured inet address to wrong pair interface in resulting config
Hello!
Given the following config (daemon configs, pf, and crontab trimmed to save space, they were all defaults, just playing around with nsh)
EDIT: this is a VM with OpenBSD 7.5, not current
nshrc
% The 'enable' command will switch to the root user.
% NSH v1.2.1-current; Compiled by [email protected] on 21-Jun-24 15:30
nshdev.localdomain/en
nshdev.localdomain(p)/show start
!
hostname nshdev.localdomain
!
motd rules
OpenBSD 7.5 (GENERIC) #79: Wed Mar 20 15:33:49 MDT 2024
OpenBSD: The proactively secure Unix-like operating system.
Please use the sendbug(1) utility to report bugs in the system.
Before reporting a bug, please try to reproduce it with the latest
version of the code. With bug reports, please try to ensure that
enough information to reproduce the problem is enclosed, and if a
known fix for it exists, include that as well.
!
interface lo0
group lo
inet ::1/128
inet 127.0.0.1/8
!
interface vio0
group egress
inet 10.10.11.209/24
media autoselect
!
interface vio1
media autoselect
shutdown
!
interface vio2
media autoselect
shutdown
!
interface vio3
inet 10.2.1.1/29
media autoselect
!
interface enc0
group enc
shutdown
!
interface pflog0
group pflog
no shutdown
!
interface lo2
rdomain 2
group lo
shutdown
!
interface lo3
rdomain 3
group lo
shutdown
!
!
ip forwarding
!
route 0.0.0.0/0 10.10.11.1 nompath
route 224.0.0.0/4 127.0.0.1 iface nompath reject
route 127.0.0.0/8 127.0.0.1 nompath reject
route ::/96 ::1 nompath reject
route ::ffff:0.0.0.0/96 ::1 nompath reject
route 2002::/24 ::1 nompath reject
route 2002:7f00::/24 ::1 nompath reject
route 2002:e000::/20 ::1 nompath reject
route 2002:ff00::/24 ::1 nompath reject
route fe80::/10 ::1 nompath reject
route fec0::/10 ::1 nompath reject
route ff01::/16 ::1 nompath reject
route ff02::/16 ::1 nompath reject
!
!
pf rules
!
pf enable
pf reload
!
snmp rules
!
resolv enable
!
ospf rules
!
ifstate rules
!
ntp rules
!
smtp rules
!
sshd rules
!
sshd enable
!
crontab rules
!
crontab install
rtable 1
!
rtable 2
!
rtable 3
!
!
Upon creating some pair(4) interfaces to test using patch to switch between different rdomains on the fly, I noted that while the interfaces are created correctly, and function correctly, the generated config does not look correct.
Let's configure some pair(4)'s:
nshdev.localdomain(config-p)/interface pair0
nshdev.localdomain(interface-pair0)/inet 172.23.1.1/30
nshdev.localdomain(interface-pair0)/exit
nshdev.localdomain(config-p)/interface pair1
nshdev.localdomain(interface-pair1)/rdomain 2
nshdev.localdomain(interface-pair1)/inet 172.23.1.2/30
nshdev.localdomain(interface-pair1)/exit
nshdev.localdomain(config-p)/interface pair2
nshdev.localdomain(interface-pair2)/rdomain 3
nshdev.localdomain(interface-pair2)/inet 172.23.1.2/30
nshdev.localdomain(interface-pair2)/exit
nshdev.localdomain(config-p)/exit
nshdev.localdomain(p)/show diff
--- startup-config
+++ running-config
@@ -50,6 +50,25 @@
group lo
shutdown
!
+interface pair0
+ group pair
+ inet 172.23.1.1/30
+ media autoselect
+!
+interface pair1
+ lladdr fe:e1:ba:d6:20:61
+ rdomain 2
+ group pair
+ inet 172.23.1.2/30
+ media autoselect
+!
+interface pair2
+ lladdr fe:e1:ba:d7:20:3a
+ rdomain 3
+ group pair
+ inet 172.23.1.2/30
+ media autoselect
+!
!
ip forwarding
!
This looks good so far. We'll write it. Now we have:
interface pair0
group pair
inet 172.23.1.1/30
media autoselect
!
interface pair1
lladdr fe:e1:ba:d6:20:61
rdomain 2
group pair
inet 172.23.1.2/30
media autoselect
!
interface pair2
lladdr fe:e1:ba:d7:20:3a
rdomain 3
group pair
inet 172.23.1.2/30
media autoselect
!
!
OK, all good! Let's patch one of them together:
nshdev.localdomain(config-p)/int pair0
nshdev.localdomain(interface-pair0)/patch pair1
nshdev.localdomain(interface-pair0)/end
% Invalid command
nshdev.localdomain(interface-pair0)/exit
nshdev.localdomain(config-p)/show diff
--- startup-config
+++ running-config
@@ -51,15 +51,17 @@
shutdown
!
interface pair0
+ patch pair1
+ rdomain 2
group pair
- inet 172.23.1.1/30
+ inet 172.23.1.2/30
media autoselect
!
interface pair1
lladdr fe:e1:ba:d6:20:61
- rdomain 2
+ patch pair0
group pair
- inet 172.23.1.2/30
+ inet 172.23.1.1/30
media autoselect
!
interface pair2
Hmm, this is odd, it swaps the inet address around. The resulting config ends up being:
interface pair0
patch pair1
rdomain 2
group pair
inet 172.23.1.2/30
media autoselect
!
interface pair1
lladdr fe:e1:ba:d6:20:61
patch pair0
group pair
inet 172.23.1.1/30
media autoselect
!
interface pair2
lladdr fe:e1:ba:d7:20:3a
rdomain 3
group pair
inet 172.23.1.2/30
media autoselect
!
The actual interfaces end up looking like this:
% pair0
Interface is up (last change 18d 19:38:35), protocol is up
Interface type Ethernet (Broadcast), hardware address fe:e1:ba:d0:cb:8b
Media type autoselect, status active
Internet address 172.23.1.1/30
rdomain 0, MTU 1500 bytes (hardmtu 65435)
27177 packets input, 7630011 bytes, 0 errors, 0 drops
27743 packets output, 9416237 bytes, 0 errors, 0 unsupported
280 input, 339 output (average bytes/packet)
0 collisions
nshdev.localdomain(p)/show int pair1
% pair1
Interface is up (last change 18d 19:37:57), protocol is up
Interface type Ethernet (Broadcast), hardware address fe:e1:ba:d2:78:e8
Media type autoselect
Internet address 172.23.1.2/30
rdomain 2, MTU 1500 bytes (hardmtu 65435)
13992 packets input, 4032844 bytes, 0 errors, 0 drops
16679 packets output, 4295862 bytes, 0 errors, 0 unsupported
288 input, 257 output (average bytes/packet)
0 collisions
nshdev.localdomain(p)/show int pair2
% pair2
Interface is up (last change 18d 19:37:48), protocol is up
Interface type Ethernet (Broadcast), hardware address fe:e1:ba:d2:78:e8
Media type autoselect, status active
Internet address 172.23.1.2/30
rdomain 3, MTU 1500 bytes (hardmtu 65435)
13750 packets input, 5383351 bytes, 0 errors, 0 drops
20888 packets output, 4351753 bytes, 0 errors, 0 unsupported
391 input, 208 output (average bytes/packet)
0 collisions
When I originally noticed this, I took time to reconfigure inet addresses several times thinking i must have mucked up the ordering. But it appears the config renderer is doing it somehow, when trying to apply the patch argument to the participating interfaces.
So initial configuration works. You can even change between pair interfaces being patched, and things work. However, as expected, on reboot, the configuration then configures them with the wrong inet addresses:
% pair0
Interface is up (last change 00:00:24), protocol is up
Interface type Ethernet (Broadcast), hardware address fe:e1:ba:d0:c4:af
Media type autoselect, status active
Internet address 172.23.1.2/30
rdomain 2, MTU 1500 bytes (hardmtu 65435)
1 packets input, 42 bytes, 0 errors, 0 drops
1 packets output, 42 bytes, 0 errors, 0 unsupported
0 collisions
nshdev.localdomain(p)/show int pair1
% pair1
Interface is up (last change 00:00:26), protocol is up
Interface type Ethernet (Broadcast), hardware address fe:e1:ba:d6:20:61
Media type autoselect, status active
Internet address 172.23.1.1/30
rdomain 0, MTU 1500 bytes (hardmtu 65435)
0 packets input, 0 bytes, 0 errors, 0 drops
1 packets output, 42 bytes, 0 errors, 0 unsupported
0 collisions
nshdev.localdomain(p)/show int pair2
% pair2
Interface is up (last change 00:00:27), protocol is up
Interface type Ethernet (Broadcast), hardware address fe:e1:ba:d7:20:3a
Media type autoselect
Internet address 172.23.1.2/30
rdomain 3, MTU 1500 bytes (hardmtu 65435)
0 packets input, 0 bytes, 0 errors, 0 drops
1 packets output, 42 bytes, 0 errors, 0 unsupported
0 collisions
Tom has confined this bug in 7.5 Current, patch command appears to swap the ips on the patched pair of interfaces workaround for now ... is to patch and un patch and patch again to (reverse x2 ) IP Swapping between the Patched pair of interface
Tom can confirm that this is not an issue with OpenBSD / ifconfig pair patch (repeating the same steps as above with ifconfig in ksh does not exhibit the same bug. It is NSH specific
Tested Stsps PR 153 and it works and resolves the issue PR 153 merged and issue resolved