Project

General

Profile

Actions

Bug #14900

open

Spoofed WAN MAC plus L2TP service causes WAN interface link flap

Added by Aman Halai about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Interfaces
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

Duplicate of 11571 (I'm the same person who posted that issue which was rejected).

Posted on forum here with no responses: https://forum.netgate.com/topic/183437/possible-bug-spoofed-wan-mac-plus-l2tp-service-causes-wan-interface-link-flap?_=1697806686922 but have done some more testing since then.

I've encountered what might be a bug in a specific, niche setup. If a MAC address is spoofed on the WAN interface, and is used with an L2TP service (such as the Andrews and Arnold one in the UK, the WAN link flaps every 5-10 seconds.

This has been tested on a box which has Intel I226 NICs (igc), Intel X710s (ixl) and an I350-T4 (igb). This has previously also occured on VMWare (vmx) NICs. This doesn't seem to be a NIC simply not liking MAC spoofing if its occurring on different ones. If I spoof the MAC and do not use the L2TP service, everything runs fine without issue, so again, unlikely to be the NIC deciding it doesn't want to cooperate.

Rebooting or rerooting brings everything back up and it works, however the L2TP uptime counter is blank. If I edit ANY interface, it starts link flapping again.

Log readout attached. I am happy to provide temporary login details for the L2TP to anyone from Netgate who wants to try and replicate it.


Files

new 12.txt (24.1 KB) new 12.txt Aman Halai, 10/20/2023 01:04 PM

No data to display

Actions

Also available in: Atom PDF