Re: BUG: tools/testing/selftests/net/l2_tos_ttl_inherit.sh hangs when selftest restarted

[Mirsad Goran Todorovac <mirsad.todorovac@xxxxxxxxxxxx>]

On 08. 01. 2023. 17:41, Guillaume Nault wrote:
> On Sun, Jan 08, 2023 at 03:49:05PM +0100, Mirsad Goran Todorovac wrote:
>> On 08. 01. 2023. 15:04, Guillaume Nault wrote:
>>
>>> For some reasons, your host doesn't accept the VXLAN packets received
>>> over veth0. I guess there are some firewalling rules incompatible with
>>> this tests script.
>>
>> That beats me. It is essentially a vanilla desktop AlmaLinux (CentOS fork)
>> installation w 6.2-rc2 vanilla torvalds tree kernel.
>>
>> Maybe DHCPv4+DHCPv6 assigned address got in the way?
> 
> I don't think so. The host sends an administratively prohibited
> error. That's not an IP address conflict (and the script uses reserved
> IP address ranges which shouldn't conflict with those assigned to regular
> host).
> 
> The problem looks more like what you get with some firewalling setup
> (like an "iptables XXX -j REJECT --reject-with icmp-admin-prohibited"
> command).

To eliminate that, the only rules that seem to be enabled are those automatic,
as this is essentially a desktop machine. This reminds me that I forgot to
install fail2ban, I thought it came with the system ...

[root@pc-mtodorov linux_torvalds]# iptables-save
# Generated by iptables-save v1.8.4 on Sun Jan  8 18:50:53 2023
*filter
:INPUT ACCEPT [15241235:25618772171]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [13209318:19634265528]
:LIBVIRT_INP - [0:0]
:LIBVIRT_OUT - [0:0]
:LIBVIRT_FWO - [0:0]
:LIBVIRT_FWI - [0:0]
:LIBVIRT_FWX - [0:0]
COMMIT
# Completed on Sun Jan  8 18:50:53 2023
# Generated by iptables-save v1.8.4 on Sun Jan  8 18:50:53 2023
*security
:INPUT ACCEPT [15163987:25613250223]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [13209319:19634265904]
COMMIT
# Completed on Sun Jan  8 18:50:53 2023
# Generated by iptables-save v1.8.4 on Sun Jan  8 18:50:53 2023
*raw
:PREROUTING ACCEPT [15241455:25618791347]
:OUTPUT ACCEPT [13209321:19634266304]
COMMIT
# Completed on Sun Jan  8 18:50:53 2023
# Generated by iptables-save v1.8.4 on Sun Jan  8 18:50:53 2023
*mangle
:PREROUTING ACCEPT [15241455:25618791347]
:INPUT ACCEPT [15241235:25618772171]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [13209322:19634266440]
:POSTROUTING ACCEPT [13211416:19634553617]
:LIBVIRT_PRT - [0:0]
-A POSTROUTING -j LIBVIRT_PRT
-A LIBVIRT_PRT -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
COMMIT
# Completed on Sun Jan  8 18:50:53 2023
# Generated by iptables-save v1.8.4 on Sun Jan  8 18:50:53 2023
*nat
:PREROUTING ACCEPT [282314:13237147]
:INPUT ACCEPT [207948:8194212]
:POSTROUTING ACCEPT [1351498:86025578]
:OUTPUT ACCEPT [1351498:86025578]
:LIBVIRT_PRT - [0:0]
-A POSTROUTING -j LIBVIRT_PRT
-A LIBVIRT_PRT -s 192.168.122.0/24 -d 224.0.0.0/24 -j RETURN
-A LIBVIRT_PRT -s 192.168.122.0/24 -d 255.255.255.255/32 -j RETURN
-A LIBVIRT_PRT -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
-A LIBVIRT_PRT -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
-A LIBVIRT_PRT -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
COMMIT
# Completed on Sun Jan  8 18:50:53 2023
[root@pc-mtodorov linux_torvalds]# 
[root@pc-mtodorov linux_torvalds]# ip6tables-save
# Generated by ip6tables-save v1.8.4 on Sun Jan  8 18:52:56 2023
*filter
:INPUT ACCEPT [8458:771878]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9605:895758]
:LIBVIRT_INP - [0:0]
:LIBVIRT_OUT - [0:0]
:LIBVIRT_FWO - [0:0]
:LIBVIRT_FWI - [0:0]
:LIBVIRT_FWX - [0:0]
-A INPUT -j LIBVIRT_INP
-A FORWARD -j LIBVIRT_FWX
-A FORWARD -j LIBVIRT_FWI
-A FORWARD -j LIBVIRT_FWO
-A OUTPUT -j LIBVIRT_OUT
COMMIT
# Completed on Sun Jan  8 18:52:56 2023
# Generated by ip6tables-save v1.8.4 on Sun Jan  8 18:52:56 2023
*security
:INPUT ACCEPT [7327:586054]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9605:895758]
COMMIT
# Completed on Sun Jan  8 18:52:56 2023
# Generated by ip6tables-save v1.8.4 on Sun Jan  8 18:52:56 2023
*raw
:PREROUTING ACCEPT [10028:893325]
:OUTPUT ACCEPT [9605:895758]
COMMIT
# Completed on Sun Jan  8 18:52:56 2023
# Generated by ip6tables-save v1.8.4 on Sun Jan  8 18:52:56 2023
*mangle
:PREROUTING ACCEPT [9679:867735]
:INPUT ACCEPT [8458:771878]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9605:895758]
:POSTROUTING ACCEPT [10500:1051905]
:LIBVIRT_PRT - [0:0]
-A POSTROUTING -j LIBVIRT_PRT
COMMIT
# Completed on Sun Jan  8 18:52:56 2023
# Generated by ip6tables-save v1.8.4 on Sun Jan  8 18:52:56 2023
*nat
:PREROUTING ACCEPT [252:33745]
:INPUT ACCEPT [105:21315]
:POSTROUTING ACCEPT [2041:188025]
:OUTPUT ACCEPT [2041:188025]
:LIBVIRT_PRT - [0:0]
-A POSTROUTING -j LIBVIRT_PRT
COMMIT
# Completed on Sun Jan  8 18:52:56 2023
[root@pc-mtodorov linux_torvalds]# 

>>> I can probably help with the l2tp.sh failure and maybe with the
>>> fcnal-test.sh hang. Please report them in their own mail thread.
>>
>> Then I will Cc: you for sure on those two.
>>
>> But I cannot promise that this will be today. In fact, tomorrow is prognosed
>> rain so I'd better use the remaining blue-sky-patched day to do some biking ;-)
> 
> No hurry :)

:)

-- 
Mirsad Goran Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
 
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
The European Union