0

I have a situation very similar to this one where packets are being dropped after arriving on a tun0 interface. I confirmed with pwru that fib_validate_source is showing up before the packet gets dropped.

the log when dropped (sent from 172.18.0.4) is:

0xffff9da411342600 6   ~bin/ssh:1160736 4026531840 0            tun0:92      0x0800 1500  172   172.18.0.4:56050->172.19.0.2:23000(udp) fib_validate_source
0xffff9da411342600 6   ~bin/ssh:1160736 4026531840 0            tun0:92      0x0800 1500  172   172.18.0.4:56050->172.19.0.2:23000(udp) __fib_validate_source
0xffff9da411342600 6   ~bin/ssh:1160736 4026531840 0            tun0:92      0x0800 1500  172   172.18.0.4:56050->172.19.0.2:23000(udp) kfree_skb_reason(SKB_DROP_REASON_NOT_SPECIFIED)

When not dropped (sent from 172.18.0.2) it is:

0xffff9da255b84400 8   ~bin/ssh:1160736 4026531840 0            tun0:92      0x0800 1500  76    172.18.0.2:46311->172.19.0.2:23000(udp) fib_validate_source
0xffff9da255b84400 8   ~bin/ssh:1160736 4026531840 0            tun0:92      0x0800 1500  76    172.18.0.2:46311->172.19.0.2:23000(udp) __fib_validate_source
0xffff9da255b84400 8   ~bin/ssh:1160736 4026531840 0            tun0:92      0x0800 1500  76    172.18.0.2:46311->172.19.0.2:23000(udp) ip_forward

Is there a way to disable source validation? The solution suggested in the question I linked is to change the source IP of these packets; that's not something I control.

I tried doing sudo sysctl -w net.ipv4.<interface>.all.rp_filter=0 for each of:

  • the incoming tun0 interface
  • the expect outgoing bm interface
  • all
  • default

But I still see the same results from pwru.

Improve this question

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.