"
[This is my first posting, so please be gentle. :-[ ]
Hi all,
I have been banging my head against this for a few months now and finally pinned it down to NetFlow: When I stop the samplicate service, the DUP!s stop. I wonder whether this is to be expected, as I have found absolutely nothing on this in the doco or the internet at large. So any pointers would really great! (I also thought I post in case anyone else is experiencing the same problem, so at least they can find this posting. :) )
Setup
Problem
DUP! pings received when pinging host when NetFlow is turned on, e.g.:
When I stop the samplicate service, the duplicates stop.
The bridge setup is fairly standard and in line with libvirt and Debian doco. However, I'm pretty sure I must be overlooking something really obvious as nobody else seems to have this issue, so any light you can shed would be hugely appreciated!
Any other information required, please do let me know!
Thanks a bundle & all the best,
Andree
Hi all,
I have been banging my head against this for a few months now and finally pinned it down to NetFlow: When I stop the samplicate service, the DUP!s stop. I wonder whether this is to be expected, as I have found absolutely nothing on this in the doco or the internet at large. So any pointers would really great! (I also thought I post in case anyone else is experiencing the same problem, so at least they can find this posting. :) )
Setup
- OPNsense 22.1.7_1 (happenes with earlier versions, too)
- running as KVM/Qemu guest on Debian Bullseye host
- physical host LAN interface ('enp3s0') and LAN interface of OPNsense ('vnet6') connected via Linux bridge ('LANbridge'):
Quote3: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master LANbridge state UP mode DEFAULT group default qlen 1000
link/ether d0:50:99:7d:8a:80 brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 68 maxmtu 9194
bridge_slave state forwarding priority 32 cost 4 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8001 port_no 0x1 designated_port 32769 designated_cost 0 designated_bridge 8000.e2:cd:88:81:48:7b designated_root 8000.e2:cd:88:81:48:7b hold_timer 0.00 message_age_timer 0.00 forward_delay_timer 0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on mcast_to_unicast off neigh_suppress off group_fwd_mask 0 group_fwd_mask_str 0x0 vlan_tunnel off isolated off addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 64000 gso_max_segs 64
Quote5: LANbridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether e2:cd:88:81:48:7b brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 65535
bridge forward_delay 0 hello_time 200 max_age 2000 ageing_time 0 stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q bridge_id 8000.e2:cd:88:81:48:7b designated_root 8000.e2:cd:88:81:48:7b root_port 0 root_path_cost 0 topology_change 0 topology_change_detected 0 hello_timer 0.00 tcn_timer 0.00 topology_change_timer 0.00 gc_timer 0.00 vlan_default_pvid 1 vlan_stats_enabled 0 vlan_stats_per_port 0 group_fwd_mask 0 group_address 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0 mcast_querier 0 mcast_hash_elasticity 16 mcast_hash_max 4096 mcast_last_member_count 2 mcast_startup_query_count 2 mcast_last_member_interval 100 mcast_membership_interval 26000 mcast_querier_interval 25500 mcast_query_interval 12500 mcast_query_response_interval 1000 mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2 mcast_mld_version 1 nf_call_iptables 0 nf_call_ip6tables 0 nf_call_arptables 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 64000 gso_max_segs 64
Quote18: vnet6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master LANbridge state UNKNOWN mode DEFAULT group default qlen 1000
link/ether fe:54:00:ce:ee:0c brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 68 maxmtu 65521
tun type tap pi off vnet_hdr on persist off
bridge_slave state forwarding priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8003 port_no 0x3 designated_port 32771 designated_cost 0 designated_bridge 8000.e2:cd:88:81:48:7b designated_root 8000.e2:cd:88:81:48:7b hold_timer 0.00 message_age_timer 0.00 forward_delay_timer 0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fast_leave off mcast_flood on mcast_to_unicast off neigh_suppress off group_fwd_mask 0 group_fwd_mask_str 0x0 vlan_tunnel off isolated off addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
Problem
DUP! pings received when pinging host when NetFlow is turned on, e.g.:
QuotePING rysum.ostfriesland (192.168.1.15) 56(84) bytes of data.
64 bytes from rysum.ostfriesland (192.168.1.15): icmp_seq=1 ttl=64 time=0.580 ms
64 bytes from rysum.ostfriesland (192.168.1.15): icmp_seq=1 ttl=63 time=1.06 ms (DUP!)
64 bytes from rysum.ostfriesland (192.168.1.15): icmp_seq=2 ttl=64 time=0.969 ms
64 bytes from rysum.ostfriesland (192.168.1.15): icmp_seq=2 ttl=63 time=0.970 ms (DUP!)
64 bytes from rysum.ostfriesland (192.168.1.15): icmp_seq=3 ttl=64 time=0.836 ms
64 bytes from rysum.ostfriesland (192.168.1.15): icmp_seq=3 ttl=63 time=1.95 ms (DUP!)
^C
--- rysum.ostfriesland ping statistics ---
3 packets transmitted, 3 received, +3 duplicates, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.580/1.061/1.952/0.426 ms
When I stop the samplicate service, the duplicates stop.
The bridge setup is fairly standard and in line with libvirt and Debian doco. However, I'm pretty sure I must be overlooking something really obvious as nobody else seems to have this issue, so any light you can shed would be hugely appreciated!
Any other information required, please do let me know!
Thanks a bundle & all the best,
Andree
