iked(8) producing bad-ip-version 7 error with vxlan(4) traffic

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

iked(8) producing bad-ip-version 7 error with vxlan(4) traffic

Jason Tubnor
>Synopsis:      iked(8) producing bad-ip-version 7 error with vxlan(4)
traffic
>Category:      system
>Environment:
        System      : OpenBSD 6.4
        Details     : OpenBSD 6.4 (GENERIC.MP) #364: Thu Oct 11 13:30:23
MDT 2018
                         [hidden email]:
/usr/src/sys/arch/amd64/compile/GENERIC.MP

        Architecture: OpenBSD.amd64
        Machine     : amd64
>Description:
        When overlaying vxlan(4) across an encapsulated iked(8) P-t-P link,
most traffic will not pass over the tunnel correctly with iked throwing
bad-ip-version 7 (encap) errors.  This configuration has worked correctly
since installation (6.1, 6.2 and 6.3) so it appears to be a regression in
6.4.

When sending non-vxlan traffic over the same encapsulated link, traffic
parses correctly.

Here is standard ICMP traffic working correctly (6.4) - tcpdump -ni enc0:

10:53:42.599210 (authentic,confidential): SPI 0xe91e969e: 192.168.1.1 >
192.168.1.2: icmp: echo request (encap)
10:53:42.599353 (authentic,confidential): SPI 0xbd87d799: 192.168.1.2 >
192.168.1.1: icmp: echo reply (encap)
10:53:43.605130 (authentic,confidential): SPI 0xe91e969e: 192.168.1.1 >
192.168.1.2: icmp: echo request (encap)
10:53:43.605257 (authentic,confidential): SPI 0xbd87d799: 192.168.1.2 >
192.168.1.1: icmp: echo reply (encap)
10:53:44.605047 (authentic,confidential): SPI 0xe91e969e: 192.168.1.1 >
192.168.1.2: icmp: echo request (encap)
10:53:44.605163 (authentic,confidential): SPI 0xbd87d799: 192.168.1.2 >
192.168.1.1: icmp: echo reply (encap)
10:53:45.604928 (authentic,confidential): SPI 0xe91e969e: 192.168.1.1 >
192.168.1.2: icmp: echo request (encap)
10:53:45.605055 (authentic,confidential): SPI 0xbd87d799: 192.168.1.2 >
192.168.1.1: icmp: echo reply (encap)
10:53:46.605464 (authentic,confidential): SPI 0xe91e969e: 192.168.1.1 >
192.168.1.2: icmp: echo request (encap)
10:53:46.605585 (authentic,confidential): SPI 0xbd87d799: 192.168.1.2 >
192.168.1.1: icmp: echo reply (encap)

ICMP traffic over the vxlan unicast tunnel (6.4) - tcpdump -ni enc0:

10:54:48.205135 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1 > 10.1.1.2: icmp: echo request [tos
0x10] (encap)
10:54:48.205297 (unprotected): SPI 0x0000e49e: 192.168.1.2.4789 >
192.168.1.1.4789: vxlan 32: 10.1.1.2 > 10.1.1.1: icmp: echo reply [tos
0x10] (encap)
10:54:48.205691 (authentic,confidential): SPI 0xbd87d799: bad-ip-version 7
(encap)
10:54:49.214858 (authentic,confidential): SPI 0xe91e969e: ipcomp
192.168.1.1 > 192.168.1.2 cpi 0x67F8 flags 0 next 4
10:54:49.215033 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1 > 10.1.1.2: icmp: echo request [tos
0x10] (encap)
10:54:49.215161 (unprotected): SPI 0x0000e49e: 192.168.1.2.4789 >
192.168.1.1.4789: vxlan 32: 10.1.1.2 > 10.1.1.1: icmp: echo reply [tos
0x10] (encap)
10:54:49.215529 (authentic,confidential): SPI 0xbd87d799: bad-ip-version 7
(encap)
10:54:49.578170 (unprotected): SPI 0x0000e49e: 192.168.1.2.4789 >
192.168.1.1.4789: vxlan 32: 10.15.51.2.51111 > 10.18.128.101.6970: [|tcp]
[tos 0x60] [tos 0x10] (encap)
10:54:49.578572 (authentic,confidential): SPI 0xbd87d799: bad-ip-version 7
(encap)
10:54:50.152863 (unprotected): SPI 0x0000e49e: 192.168.1.2.4789 >
192.168.1.1.4789: vxlan 32: 10.15.51.2.51111 > 10.18.128.101.6970: [|tcp]
[tos 0x60] [tos 0x10] (encap)
10:54:50.153257 (authentic,confidential): SPI 0xbd87d799: bad-ip-version 7
(encap)
10:54:50.215014 (authentic,confidential): SPI 0xe91e969e: ipcomp
192.168.1.1 > 192.168.1.2 cpi 0x67F8 flags 0 next 4
10:54:50.215175 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1 > 10.1.1.2: icmp: echo request [tos
0x10] (encap)
10:54:50.215311 (unprotected): SPI 0x0000e49e: 192.168.1.2.4789 >
192.168.1.1.4789: vxlan 32: 10.1.1.2 > 10.1.1.1: icmp: echo reply [tos
0x10] (encap)
10:54:50.215682 (authentic,confidential): SPI 0xbd87d799: bad-ip-version 7
(encap)
10:54:51.214532 (authentic,confidential): SPI 0xe91e969e: ipcomp
192.168.1.1 > 192.168.1.2 cpi 0x67F8 flags 0 next 4
10:54:51.215249 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1 > 10.1.1.2: icmp: echo request [tos
0x10] (encap)
10:54:51.215415 (unprotected): SPI 0x0000e49e: 192.168.1.2.4789 >
192.168.1.1.4789: vxlan 32: 10.1.1.2 > 10.1.1.1: icmp: echo reply [tos
0x10] (encap)
10:54:51.215742 (authentic,confidential): SPI 0xbd87d799: bad-ip-version 7
(encap)

RIPv2 traffic over the vxlan unicast tunnel (6.4) - tcpdump -ni enc0:

11:28:43.780968 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1.520 > 224.0.0.9.520: RIPv2-resp
[items 25]:[|rip] [tos 0xc0] [ttl 1] [tos 0x10] (encap)
11:28:43.781095 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1.520 > 224.0.0.9.520: RIPv2-resp
[items 25]:[|rip] [tos 0xc0] [ttl 1] [tos 0x10] (encap)
11:28:43.781164 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1.520 > 224.0.0.9.520: RIPv2-resp
[items 25]:[|rip] [tos 0xc0] [ttl 1] [tos 0x10] (encap)
11:28:43.781229 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1.520 > 224.0.0.9.520: RIPv2-resp
[items 25]:[|rip] [tos 0xc0] [ttl 1] [tos 0x10] (encap)
11:28:43.781294 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1.520 > 224.0.0.9.520: RIPv2-resp
[items 25]:[|rip] [tos 0xc0] [ttl 1] [tos 0x10] (encap)
11:28:43.781358 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1.520 > 224.0.0.9.520: RIPv2-resp
[items 25]:[|rip] [tos 0xc0] [ttl 1] [tos 0x10] (encap)
11:28:43.781422 (authentic,confidential): SPI 0x000067f8: 192.168.1.1.4789
> 192.168.1.2.4789: vxlan 32: 10.1.1.1.520 > 224.0.0.9.520: RIPv2-resp
[items 25]:[|rip] [tos 0xc0] [ttl 1] [tos 0x10] (encap)


ICMP traffic over the vxlan unicast tunnel (6.3) - tcpdump -ni enc0:

11:20:10.460263 (unprotected): SPI 0x0000a488: 192.168.1.3.4789 >
192.168.1.1.4789: udp 188 [tos 0x10] (encap)
11:20:10.460507 (authentic,confidential): SPI 0x83e0635f: ipcomp
192.168.1.3 > 192.168.1.1 cpi 0xA488 flags 0 next 4 [tos 0x10]
11:20:10.990811 (unprotected): SPI 0x0000a488: 192.168.1.3.4789 >
192.168.1.1.4789: udp 130 [tos 0x10] (encap)
11:20:10.991047 (authentic,confidential): SPI 0x83e0635f: ipcomp
192.168.1.3 > 192.168.1.1 cpi 0xA488 flags 0 next 4 [tos 0x10]
11:20:12.017212 (authentic,confidential): SPI 0xfc048000: ipcomp
192.168.1.1 > 192.168.1.3 cpi 0x3571 flags 0 next 4
11:20:12.017302 (authentic,confidential): SPI 0x00003571: 192.168.1.1.4789
> 192.168.1.3.4789: udp 106 [tos 0x10] (encap)
11:20:12.017343 (unprotected): SPI 0x0000a488: 192.168.1.3.4789 >
192.168.1.1.4789: udp 106 [tos 0x10] (encap)
11:20:12.017464 (authentic,confidential): SPI 0x83e0635f: ipcomp
192.168.1.3 > 192.168.1.1 cpi 0xA488 flags 0 next 4 [tos 0x10]
11:20:13.017519 (authentic,confidential): SPI 0xfc048000: ipcomp
192.168.1.1 > 192.168.1.3 cpi 0x3571 flags 0 next 4
11:20:13.017558 (authentic,confidential): SPI 0x00003571: 192.168.1.1.4789
> 192.168.1.3.4789: udp 106 [tos 0x10] (encap)
11:20:13.017592 (unprotected): SPI 0x0000a488: 192.168.1.3.4789 >
192.168.1.1.4789: udp 106 [tos 0x10] (encap)
11:20:13.017774 (authentic,confidential): SPI 0x83e0635f: ipcomp
192.168.1.3 > 192.168.1.1 cpi 0xA488 flags 0 next 4 [tos 0x10]
11:20:14.018006 (authentic,confidential): SPI 0xfc048000: ipcomp
192.168.1.1 > 192.168.1.3 cpi 0x3571 flags 0 next 4
11:20:14.018098 (authentic,confidential): SPI 0x00003571: 192.168.1.1.4789
> 192.168.1.3.4789: udp 106 [tos 0x10] (encap)
11:20:14.018161 (unprotected): SPI 0x0000a488: 192.168.1.3.4789 >
192.168.1.1.4789: udp 106 [tos 0x10] (encap)
11:20:14.018311 (authentic,confidential): SPI 0x83e0635f: ipcomp
192.168.1.3 > 192.168.1.1 cpi 0xA488 flags 0 next 4 [tos 0x10]
11:20:14.642415 (unprotected): SPI 0x0000a488: 192.168.1.3.4789 >
192.168.1.1.4789: udp 159 [tos 0x10] (encap)
11:20:14.642668 (authentic,confidential): SPI 0x83e0635f: ipcomp
192.168.1.3 > 192.168.1.1 cpi 0xA488 flags 0 next 4 [tos 0x10]
11:20:15.017511 (authentic,confidential): SPI 0xfc048000: ipcomp
192.168.1.1 > 192.168.1.3 cpi 0x3571 flags 0 next 4
11:20:15.017603 (authentic,confidential): SPI 0x00003571: 192.168.1.1.4789
> 192.168.1.3.4789: udp 106 [tos 0x10] (encap)
11:20:15.017638 (unprotected): SPI 0x0000a488: 192.168.1.3.4789 >
192.168.1.1.4789: udp 106 [tos 0x10] (encap)
11:20:15.017758 (authentic,confidential): SPI 0x83e0635f: ipcomp
192.168.1.3 > 192.168.1.1 cpi 0xA488 flags 0 next 4 [tos 0x10]



>How-To-Repeat:
        - Setup a simple P-t-P iked(8) link using public keying.  Something
like:

/etc/iked.conf
ikev2 active ipcomp esp from 192.168.1.2 to 192.168.1.1 \
        peer 192.168.1.1 srcid 192.168.1.2

        - Initiate the link
        - Create a vxlan(4) unicast tunnel across the link at both ends.

/etc/hostname.vxlan32
inet 10.1.1.2 255.255.255.252 10.1.1.3
tunnel 192.168.1.2 192.168.1.1 vnetid 32
up

        - Send packets across the tunnel.  In my tests, simple ICMP
echo/reply didn't complete (dropped).

>Fix:
        Roll back to OpenBSD 6.3#11

dmesg:
OpenBSD 6.4 (GENERIC.MP) #364: Thu Oct 11 13:30:23 MDT 2018
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2129870848 (2031MB)
avail mem = 2056110080 (1960MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x7f957000 (10 entries)
bios0: vendor BHYVE version "1.00" date 03/14/2014
bios0: bhyve BHYVE
acpi0 at bios0: rev 2
acpi0: sleep states S5
acpi0: tables DSDT FACP HPET APIC MCFG SPCR
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihpet0 at acpi0: 16777216 Hz
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2400.04 MHz, 06-4d-08
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,PBE,SSE3,PCLMUL,DTES64,DS-CPL,SSSE3,CX16,xTPR,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,RDRAND,HV,NXE,LONG,LAHF,3DNOWP,ITSC,ERMS,ARAT,MELTDOWN
cpu0: 1MB 64b/line 16-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: CPU supports MTRRs but not enabled by BIOS
cpu0: apic clock running at 134MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Atom(TM) CPU C2758 @ 2.40GHz, 2406.49 MHz, 06-4d-08
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,PBE,SSE3,PCLMUL,DTES64,DS-CPL,SSSE3,CX16,xTPR,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,RDRAND,HV,NXE,LONG,LAHF,3DNOWP,ITSC,ERMS,ARAT,MELTDOWN
cpu1: 1MB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 11, 32 pins, remapped
acpimcfg0 at acpi0
acpimcfg0: addr 0xe0000000, bus 0-255
acpiprt0 at acpi0: bus 0 (PC00)
acpicmos0 at acpi0
pvbus0 at mainbus0: bhyve
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 vendor "AMD", unknown product 0x7432 rev 0x00
ahci0 at pci0 dev 3 function 0 "Intel 82801H AHCI" rev 0x00: msi, AHCI 1.3
ahci0: port 0: 6.0Gb/s
scsibus1 at ahci0: 32 targets
cd0 at scsibus1 targ 0 lun 0: <BHYVE, BHYVE DVD-ROM, 001> ATAPI 5/cdrom
removable
ahci1 at pci0 dev 4 function 0 "Intel 82801H AHCI" rev 0x00: msi, AHCI 1.3
ahci1: port 0: 6.0Gb/s
scsibus2 at ahci1: 32 targets
sd0 at scsibus2 targ 0 lun 0: <ATA, BHYVE SATA DISK, 001> SCSI3 0/direct
fixed t10.ATA_BHYVE_SATA_DISK_BHYVE-87C4-5CC5-37AE
sd0: 9216MB, 512 bytes/sector, 18874368 sectors, thin
ahci2 at pci0 dev 5 function 0 "Intel 82801H AHCI" rev 0x00: msi, AHCI 1.3
ahci2: port 0: 6.0Gb/s
scsibus3 at ahci2: 32 targets
sd1 at scsibus3 targ 0 lun 0: <ATA, BHYVE SATA DISK, 001> SCSI3 0/direct
fixed t10.ATA_BHYVE_SATA_DISK_BHYVE-D160-63B5-B0CD
sd1: 18432MB, 512 bytes/sector, 37748736 sectors, thin
ahci3 at pci0 dev 6 function 0 "Intel 82801H AHCI" rev 0x00: msi, AHCI 1.3
ahci3: port 0: 6.0Gb/s
scsibus4 at ahci3: 32 targets
sd2 at scsibus4 targ 0 lun 0: <ATA, BHYVE SATA DISK, 001> SCSI3 0/direct
fixed t10.ATA_BHYVE_SATA_DISK_BHYVE-078D-BE9C-9618
sd2: 360MB, 512 bytes/sector, 738240 sectors
virtio0 at pci0 dev 7 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio0: address 58:9c:fc:02:3b:e8
virtio0: msix shared
virtio1 at pci0 dev 7 function 1 "Qumranet Virtio Network" rev 0x00
vio1 at virtio1: address 58:9c:fc:09:5d:ab
virtio1: msix shared
virtio2 at pci0 dev 7 function 2 "Qumranet Virtio Network" rev 0x00
vio2 at virtio2: address 58:9c:fc:07:07:c3
virtio2: msix shared
virtio3 at pci0 dev 7 function 3 "Qumranet Virtio Network" rev 0x00
vio3 at virtio3: address 58:9c:fc:0a:51:aa
virtio3: msix shared
virtio4 at pci0 dev 7 function 4 "Qumranet Virtio Network" rev 0x00
vio4 at virtio4: address 58:9c:fc:0a:29:26
virtio4: msix shared
virtio5 at pci0 dev 7 function 5 "Qumranet Virtio Network" rev 0x00
vio5 at virtio5: address 58:9c:fc:0b:d5:58
virtio5: msix shared
unknown vendor 0xfb5d product 0x40fb (class display subclass VGA, rev 0x00)
at pci0 dev 8 function 0 not configured
xhci0 at pci0 dev 9 function 0 "Intel 7 Series xHCI" rev 0x00: msi, xHCI 0.0
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "Intel xHCI root hub" rev
3.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 "Intel 82371SB ISA" rev 0x00
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
efifb0 at mainbus0: 800x600, 32bpp
wsdisplay0 at efifb0 mux 1: console (std, vt100 emulation), using wskbd0
wsdisplay0: screen 1-5 added (std, vt100 emulation)
uhidev0 at uhub0 port 1 configuration 1 interface 0 "BHYVE HID Tablet" rev
3.00/0.00 addr 2
uhidev0: iclass 3/1
ums0 at uhidev0: 3 buttons, Z dir
wsmouse1 at ums0 mux 0
vscsi0 at root
scsibus5 at vscsi0: 256 targets
softraid0 at root
scsibus6 at softraid0: 256 targets
root on sd0a (7d6b34f708017a06.a) swap on sd0b dump on sd0b

usbdevs:
Controller /dev/usb0:
addr 01: 8086:0000 Intel, xHCI root hub
         super speed, self powered, config 1, rev 1.00
         driver: uhub0
addr 02: fb5d:0001 BHYVE, HID Tablet
         high speed, self powered, config 1, rev 0.00, iSerialNumber 01
         driver: uhidev0

pcidump:
Domain /dev/pci0:
 0:0:0: AMD unknown
        0x0000: Vendor ID: 1022 Product ID: 7432
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 06 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR empty (00000000)
        0x0014: BAR empty (00000000)
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 00 Line: ff Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x10: PCI Express
                Link Speed: 2.5 / 2.5 GT/s Link Width: x1 / x1
        0x0100: Enhanced Capability 0x00: Unknown
        0x0000: 74321022 00100007 06000000 00000000
        0x0010: 00000000 00000000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00000000
        0x0030: 00000000 00000040 00000000 000000ff
        0x0040: 00420010 00000000 00000000 00000411
        0x0050: 00110000 00000000 00010000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:3:0: Intel 82801H AHCI
        0x0000: Vendor ID: 8086 Product ID: 2821
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 01 Subclass: 06 Interface: 01 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR empty (00000000)
        0x0014: BAR empty (00000000)
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR mem 32bit addr: 0xc0000000/0x00000400
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 01 Line: 05 Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 28218086 00100007 01060100 00000000
        0x0010: 00000000 00000000 00000000 00000000
        0x0020: 00000000 c0000000 00000000 00000000
        0x0030: 00000000 00000040 00000000 00000105
        0x0040: 00870005 fee00000 00000000 00000060
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:4:0: Intel 82801H AHCI
        0x0000: Vendor ID: 8086 Product ID: 2821
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 01 Subclass: 06 Interface: 01 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR empty (00000000)
        0x0014: BAR empty (00000000)
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR mem 32bit addr: 0xc0000400/0x00000400
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 01 Line: 06 Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 28218086 00100007 01060100 00000000
        0x0010: 00000000 00000000 00000000 00000000
        0x0020: 00000000 c0000400 00000000 00000000
        0x0030: 00000000 00000040 00000000 00000106
        0x0040: 00870005 fee00000 00000000 00000061
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:5:0: Intel 82801H AHCI
        0x0000: Vendor ID: 8086 Product ID: 2821
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 01 Subclass: 06 Interface: 01 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR empty (00000000)
        0x0014: BAR empty (00000000)
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR mem 32bit addr: 0xc0000800/0x00000400
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 01 Line: 07 Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 28218086 00100007 01060100 00000000
        0x0010: 00000000 00000000 00000000 00000000
        0x0020: 00000000 c0000800 00000000 00000000
        0x0030: 00000000 00000040 00000000 00000107
        0x0040: 00870005 fee00000 00000000 00000062
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:6:0: Intel 82801H AHCI
        0x0000: Vendor ID: 8086 Product ID: 2821
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 01 Subclass: 06 Interface: 01 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR empty (00000000)
        0x0014: BAR empty (00000000)
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR mem 32bit addr: 0xc0000c00/0x00000400
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 01 Line: 0a Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 28218086 00100007 01060100 00000000
        0x0010: 00000000 00000000 00000000 00000000
        0x0020: 00000000 c0000c00 00000000 00000000
        0x0030: 00000000 00000040 00000000 0000010a
        0x0040: 00870005 fee00000 00000000 00000063
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:7:0: Qumranet Virtio Network
        0x0000: Vendor ID: 1af4 Product ID: 1000
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 02 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 80 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR io addr: 0x00002000/0x0020
        0x0014: BAR mem 32bit addr: 0xc0002000/0x00002000
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 1af4 Product ID: 0001
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 01 Line: 0b Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x11: Extended Message Signalled Interrupts
(MSI-X)
        0x004c: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 10001af4 00100007 02000000 00800000
        0x0010: 00002001 c0002000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00011af4
        0x0030: 00000000 00000040 00000000 0000010b
        0x0040: 80024c11 00000001 00001001 00800005
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:7:1: Qumranet Virtio Network
        0x0000: Vendor ID: 1af4 Product ID: 1000
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 02 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 80 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR io addr: 0x00002020/0x0020
        0x0014: BAR mem 32bit addr: 0xc0004000/0x00002000
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 1af4 Product ID: 0001
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 02 Line: 0c Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x11: Extended Message Signalled Interrupts
(MSI-X)
        0x004c: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 10001af4 00100007 02000000 00800000
        0x0010: 00002021 c0004000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00011af4
        0x0030: 00000000 00000040 00000000 0000020c
        0x0040: 80024c11 00000001 00001001 00800005
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:7:2: Qumranet Virtio Network
        0x0000: Vendor ID: 1af4 Product ID: 1000
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 02 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 80 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR io addr: 0x00002040/0x0020
        0x0014: BAR mem 32bit addr: 0xc0006000/0x00002000
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 1af4 Product ID: 0001
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 03 Line: 0e Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x11: Extended Message Signalled Interrupts
(MSI-X)
        0x004c: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 10001af4 00100007 02000000 00800000
        0x0010: 00002041 c0006000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00011af4
        0x0030: 00000000 00000040 00000000 0000030e
        0x0040: 80024c11 00000001 00001001 00800005
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:7:3: Qumranet Virtio Network
        0x0000: Vendor ID: 1af4 Product ID: 1000
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 02 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 80 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR io addr: 0x00002060/0x0020
        0x0014: BAR mem 32bit addr: 0xc0008000/0x00002000
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 1af4 Product ID: 0001
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 04 Line: 0f Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x11: Extended Message Signalled Interrupts
(MSI-X)
        0x004c: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 10001af4 00100007 02000000 00800000
        0x0010: 00002061 c0008000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00011af4
        0x0030: 00000000 00000040 00000000 0000040f
        0x0040: 80024c11 00000001 00001001 00800005
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:7:4: Qumranet Virtio Network
        0x0000: Vendor ID: 1af4 Product ID: 1000
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 02 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 80 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR io addr: 0x00002080/0x0020
        0x0014: BAR mem 32bit addr: 0xc000a000/0x00002000
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 1af4 Product ID: 0001
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 01 Line: 0b Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x11: Extended Message Signalled Interrupts
(MSI-X)
        0x004c: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 10001af4 00100007 02000000 00800000
        0x0010: 00002081 c000a000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00011af4
        0x0030: 00000000 00000040 00000000 0000010b
        0x0040: 80024c11 00000001 00001001 00800005
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:7:5: Qumranet Virtio Network
        0x0000: Vendor ID: 1af4 Product ID: 1000
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 02 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 80 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR io addr: 0x000020a0/0x0020
        0x0014: BAR mem 32bit addr: 0xc000c000/0x00002000
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 1af4 Product ID: 0001
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 02 Line: 0c Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x11: Extended Message Signalled Interrupts
(MSI-X)
        0x004c: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 10001af4 00100007 02000000 00800000
        0x0010: 000020a1 c000c000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00011af4
        0x0030: 00000000 00000040 00000000 0000020c
        0x0040: 80024c11 00000001 00001001 00800005
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:8:0: unknown unknown
        0x0000: Vendor ID: fb5d Product ID: 40fb
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 03 Subclass: 00 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR mem 32bit addr: 0xc000e000/0x00000080
        0x0014: BAR mem 32bit addr: 0xc1000000/0x01000000
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 00 Line: ff Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 40fbfb5d 00100007 03000000 00000000
        0x0010: c000e000 c1000000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00000000
        0x0030: 00000000 00000040 00000000 000000ff
        0x0040: 00840005 00000000 00000000 00000000
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000000 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:9:0: Intel 7 Series xHCI
        0x0000: Vendor ID: 8086 Product ID: 1e31
        0x0004: Command: 0007 Status: 0010
        0x0008: Class: 0c Subclass: 03 Interface: 30 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR mem 32bit addr: 0xc2000000/0x00001000
        0x0014: BAR empty (00000000)
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 01 Line: 0e Min Gnt: 00 Max Lat: 00
        0x0040: Capability 0x05: Message Signalled Interrupts (MSI)
        0x0000: 1e318086 00100007 0c033000 00000000
        0x0010: c2000000 00000000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00000000
        0x0030: 00000000 00000040 00000000 0000010e
        0x0040: 00810005 fee00000 00000000 00000064
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 00000030 00000000 00000000 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000
 0:31:0: Intel 82371SB ISA
        0x0000: Vendor ID: 8086 Product ID: 7000
        0x0004: Command: 0007 Status: 0000
        0x0008: Class: 06 Subclass: 01 Interface: 00 Revision: 00
        0x000c: BIST: 00 Header Type: 00 Latency Timer: 00 Cache Line Size:
00
        0x0010: BAR empty (00000000)
        0x0014: BAR empty (00000000)
        0x0018: BAR empty (00000000)
        0x001c: BAR empty (00000000)
        0x0020: BAR empty (00000000)
        0x0024: BAR empty (00000000)
        0x0028: Cardbus CIS: 00000000
        0x002c: Subsystem Vendor ID: 0000 Product ID: 0000
        0x0030: Expansion ROM Base Address: 00000000
        0x0038: 00000000
        0x003c: Interrupt Pin: 00 Line: ff Min Gnt: 00 Max Lat: 00
        0x0000: 70008086 00000007 06010000 00000000
        0x0010: 00000000 00000000 00000000 00000000
        0x0020: 00000000 00000000 00000000 00000000
        0x0030: 00000000 00000000 00000000 000000ff
        0x0040: 00000000 00000000 00000000 00000000
        0x0050: 00000000 00000000 00000000 00000000
        0x0060: 0a070605 00000000 0f0e0c0b 00000000
        0x0070: 00000000 00000000 00000000 00000000
        0x0080: 00000000 00000000 00000000 00000000
        0x0090: 00000000 00000000 00000000 00000000
        0x00a0: 00000000 00000000 00000000 00000000
        0x00b0: 00000000 00000000 00000000 00000000
        0x00c0: 00000000 00000000 00000000 00000000
        0x00d0: 00000000 00000000 00000000 00000000
        0x00e0: 00000000 00000000 00000000 00000000
        0x00f0: 00000000 00000000 00000000 00000000

acpidump:
begin-base64 644 APIC.4
QVBJQ1IAAAAB60JIWVZFIEJWTUFEVCAgAQAAAEJIWVYBAAAAAADg/gEAAAAACAAAAQAAAAAIAQEB
AAAAAQwCAAAAwP4AAAAAAgoAAAIAAAAAAA==
====
begin-base64 644 DSDT.2
RFNEVKMJAAAC2UJIWVZFAEJWRFNEVAAAAQAAAElOVEwTAxggCF9TNV8SBQIKBQAIUElDTQAUDF9Q
SUMBcGhQSUNNEEeSX1NCX1uCT5FQQzAwCF9ISUQMQdAKAwhfQURSABQIX0JCTgCkAAhfQ1JTEUIM
Cr6IDQACDAAAAAAA/wAAAAABRwHAA8ADACBHAfgM+AwBCIgNAAEMAwAAAAD3DAAA+AyIDQABDAMA
AAAN//8AAADzhxcAAAwDAAAAAAAACgD//wsAAAAAAAAAAgCHFwAADAEAAAAAAAAAwP///98AAAAA
AAAAIIcXAAAMAQAAAAAAAADw//9/8AAAAAAAAIAAiisAAAwBAAAAAAAAAAAAAAAA0AAAAP//DwDQ
AAAAAAAAAAAAAAAAABAAAAAAAHkACFBQUlQSTwQEEhIEDP//AwAALkxQQ19MTktBABISBAz//wQA
AC5MUENfTE5LQgASEgQM//8FAAAuTFBDX0xOS0MAEhIEDP//BgAALkxQQ19MTktEAAhBUFJUEjIE
EgsEDP//AwAAAAoQEgsEDP//BAAAAAoREgsEDP//BQAAAAoSEgsEDP//BgAAAAoTFBhfUFJUAKAK
UElDTaRBUFJUoQakUFBSVFuCQHlMUENfCF9BRFIMAAAfAFuATFBDUgIACwABW4EzTFBDUgAAQDBQ
SVJBCFBJUkIIUElSQwhQSVJECAAgUElSRQhQSVJGCFBJUkcIUElSSAhbgjdLQkRfCF9ISUQMQdAD
AwhfQ0lEDEHQAwsIX0NSUxEYChVHAWAAYAAAAUcBZABkAAABIgIAeQBbgidNT1VfCF9ISUQMQdAP
AwhfQ0lEDEHQDxMIX0NSUxEICgUiABB5ABQuUElSVgGgCHtoCoAApAB7aAoPYKAHlWAKA6QAoAeT
YAoIpACgB5NgCg2kAKQBW4JKCkxOS0EIX0hJRAxB0AwPCF9VSUQBFBhfU1RBAKAMUElSVlBJUkGk
CguhBKQKCQhfUFJTEQkKBiP43hh5AAhDQjAxEQkKBiMAABh5AItDQjAxAUNJUkEUKV9DUlMAe1BJ
UkEKj2CgDVBJUlZgeQFgQ0lSQaEHcABDSVJBpENCMDEUDV9ESVMAcAqAUElSQRQaX1NSUwGLaAFT
SVJBglNJUkFgcHZgUElSQVuCSwpMTktCCF9ISUQMQdAMDwhfVUlECgIUGF9TVEEAoAxQSVJWUElS
QqQKC6EEpAoJCF9QUlMRCQoGI/jeGHkACENCMDIRCQoGIwAAGHkAi0NCMDIBQ0lSQhQpX0NSUwB7
UElSQgqPYKANUElSVmB5AWBDSVJCoQdwAENJUkKkQ0IwMhQNX0RJUwBwCoBQSVJCFBpfU1JTAYto
AVNJUkKCU0lSQmBwdmBQSVJCW4JLCkxOS0MIX0hJRAxB0AwPCF9VSUQKAxQYX1NUQQCgDFBJUlZQ
SVJDpAoLoQSkCgkIX1BSUxEJCgYj+N4YeQAIQ0IwMxEJCgYjAAAYeQCLQ0IwMwFDSVJDFClfQ1JT
AHtQSVJDCo9goA1QSVJWYHkBYENJUkOhB3AAQ0lSQ6RDQjAzFA1fRElTAHAKgFBJUkMUGl9TUlMB
i2gBU0lSQ4JTSVJDYHB2YFBJUkNbgksKTE5LRAhfSElEDEHQDA8IX1VJRAoEFBhfU1RBAKAMUElS
VlBJUkSkCguhBKQKCQhfUFJTEQkKBiP43hh5AAhDQjA0EQkKBiMAABh5AItDQjA0AUNJUkQUKV9D
UlMAe1BJUkQKj2CgDVBJUlZgeQFgQ0lSRKEHcABDSVJEpENCMDQUDV9ESVMAcAqAUElSRBQaX1NS
UwGLaAFTSVJEglNJUkRgcHZgUElSRFuCSwpMTktFCF9ISUQMQdAMDwhfVUlECgUUGF9TVEEAoAxQ
SVJWUElSRaQKC6EEpAoJCF9QUlMRCQoGI/jeGHkACENCMDURCQoGIwAAGHkAi0NCMDUBQ0lSRRQp
X0NSUwB7UElSRQqPYKANUElSVmB5AWBDSVJFoQdwAENJUkWkQ0IwNRQNX0RJUwBwCoBQSVJFFBpf
U1JTAYtoAVNJUkWCU0lSRWBwdmBQSVJFW4JLCkxOS0YIX0hJRAxB0AwPCF9VSUQKBhQYX1NUQQCg
DFBJUlZQSVJGpAoLoQSkCgkIX1BSUxEJCgYj+N4YeQAIQ0IwNhEJCgYjAAAYeQCLQ0IwNgFDSVJG
FClfQ1JTAHtQSVJGCo9goA1QSVJWYHkBYENJUkahB3AAQ0lSRqRDQjA2FA1fRElTAHAKgFBJUkYU
Gl9TUlMBi2gBU0lSRoJTSVJGYHB2YFBJUkZbgksKTE5LRwhfSElEDEHQDA8IX1VJRAoHFBhfU1RB
AKAMUElSVlBJUkekCguhBKQKCQhfUFJTEQkKBiP43hh5AAhDQjA3EQkKBiMAABh5AItDQjA3AUNJ
UkcUKV9DUlMAe1BJUkcKj2CgDVBJUlZgeQFgQ0lSR6EHcABDSVJHpENCMDcUDV9ESVMAcAqAUElS
RxQaX1NSUwGLaAFTSVJHglNJUkdgcHZgUElSR1uCSwpMTktICF9ISUQMQdAMDwhfVUlECggUGF9T
VEEAoAxQSVJWUElSSKQKC6EEpAoJCF9QUlMRCQoGI/jeGHkACENCMDgRCQoGIwAAGHkAi0NCMDgB
Q0lSSBQpX0NSUwB7UElSSAqPYKANUElSVmB5AWBDSVJIoQdwAENJUkikQ0IwOBQNX0RJUwBwCoBQ
SVJIFBpfU1JTAYtoAVNJUkiCU0lSSGBwdmBQSVJIW4JIBlNJT18IX0hJRAxB0AwCCF9DUlMRQgUK
TkcBIAIgAgEERwEkAiQCAQSGCQABAAAA4AAAABBHAdAE0AQBAkcBYQBhAAEBRwEABAAEAQhHAbIA
sgABAUcBhACEAAEBRwFyAHIAAQZ5AFuCK0NPTTEIX0hJRAxB0AUBCF9VSUQBCF9DUlMREAoNRwH4
A/gDAQgiEAB5AFuCLENPTTIIX0hJRAxB0AUBCF9VSUQKAghfQ1JTERAKDUcB+AL4AgEIIggAeQBb
gi1SVENfCF9ISUQMQdALAAhfQ1JTERgKFUcBcABwAAACIgABRwFyAHIAAgZ5AFuCK1BJQ18IX0hJ
RAtB0AhfQ1JTERgKFUcBIAAgAAECRwGgAKAAAQIiBAB5AFuCJVRJTVIIX0hJRAxB0AEACF9DUlMR
EAoNRwFAAEAAAQQiAQB5ABA4Ll9TQl9QQzAwW4IsSFBFVAhfSElEDEHQAQMIX1VJRAAIX0NSUxER
Cg6GCQABAADQ/gAEAAB5AA==
====
begin-base64 644 FACP.1
RkFDUPQAAAAE5kJIWVZFIEJWRkFDUCAgAQAAAEJIWVYBAAAAAJCYfwDgl38BAAkAsgAAAKChAAAA
BAAAAAAAAAQEAAAAAAAAAAAAAAgEAAAAAAAAAAAAAAQCAAQAAAAAAAAAAAAAAAAAAAAAMhIAACUF
CAABCAAB+QwAAAAAAAAGAAAAAAAAAAAAAAAA4Jd/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAA==
====
begin-base64 644 HPET.3
SFBFVDgAAAABQkJIWVZFIEJWSFBFVCAgAQAAAEJIWVYBAAAAAKQAAAAAAAAAAND+AAAAAAAAAAA=
====
begin-base64 644 MCFG.5
TUNGRzwAAAAB+UJIWVZFIEJWTUNGRyAgAQAAAEJIWVYBAAAAAAAAAAAAAAAAAADgAAAAAAAAAP8A
AAAA
====
begin-base64 644 RSDT.0
UlNEVDgAAAABo0JIWVZFIEJWRkFDUCAgAQAAACAgICATAAABADCYfwAgmH8AEJh/AACYfwDwl38=
====
begin-base64 644 SPCR.6
U1BDUlAAAAABeEJIWVZFIEJWU1BDUiAgAQAAAEJIWVYBAAAAAAAAAAEIAAD4AwAAAAAAAAEEAAAA
AAcAAQMCAAAAAAAAAAAAAAAAAAAAAAA=
====
begin-base64 644 headers
ClJTRCBQVFI6IENoZWNrc3VtPTExOCwgT0VNSUQ9QkhZVkUsIFJldmlzaW9uPTIsIFJzZHRBZGRy
ZXNzPTB4N2Y5ODQwNzQKCUxlbmd0aD0zNiwgWHNkdEFkZHJlc3M9MHgwMDAwMDAwMDdmOTg0MGU4
LCBFeHRlbmRlZCBDaGVja3N1bT0xNTcKCgpSU0RUOiBMZW5ndGg9NTYsIFJldmlzaW9uPTEsIENo
ZWNrc3VtPTE2MywKCU9FTUlEPUJIWVZFLCBPRU0gVGFibGUgSUQ9QlZGQUNQLCBPRU0gUmV2aXNp
b249MHgxLAoJQ3JlYXRvciBJRD0sIENyZWF0b3IgUmV2aXNpb249MHgxMDAwMDEzCgoKCUVudHJp
ZXM9eyAweDdmOTgzMDAwLCAweDdmOTgyMDAwLCAweDdmOTgxMDAwLCAweDdmOTgwMDAwLCAweDdm
OTdmMDAwIH0KCgoJRFNEVD0weDdmOTdlMDAwCglJTlRfTU9ERUw9QVBJQwoJU0NJX0lOVD05CglT
TUlfQ01EPTB4YjIsIEFDUElfRU5BQkxFPTB4YTAsIEFDUElfRElTQUJMRT0weGExLCBTNEJJT1Nf
UkVRPTB4MAoJUE0xYV9FVlRfQkxLPTB4NDAwLTB4NDAzCglQTTFhX0NOVF9CTEs9MHg0MDQtMHg0
MDUKCVBNMl9UTVJfQkxLPTB4NDA4LTB4NDBiCglQX0xWTDJfTEFUPTBtcywgUF9MVkwzX0xBVD0w
bXMKCUZMVVNIX1NJWkU9MCwgRkxVU0hfU1RSSURFPTAKCURVVFlfT0ZGU0VUPTAsIERVVFlfV0lE
VEg9MAoJREFZX0FMUk09MCwgTU9OX0FMUk09MCwgQ0VOVFVSWT01MAoJRmxhZ3M9e1dCSU5WRCxQ
Uk9DX0MxLFNMUF9CVVRUT04sVE1SX1ZBTF9FWFR9CgoKRFNEVDogTGVuZ3RoPTI0NjcsIFJldmlz
aW9uPTIsIENoZWNrc3VtPTIxNywKCU9FTUlEPUJIWVZFLCBPRU0gVGFibGUgSUQ9QlZEU0RULCBP
RU0gUmV2aXNpb249MHgxLAoJQ3JlYXRvciBJRD1JTlRMLCBDcmVhdG9yIFJldmlzaW9uPTB4MjAx
ODAzMTMKCgpIUEVUOiBMZW5ndGg9NTYsIFJldmlzaW9uPTEsIENoZWNrc3VtPTY2LAoJT0VNSUQ9
QkhZVkUsIE9FTSBUYWJsZSBJRD1CVkhQRVQsIE9FTSBSZXZpc2lvbj0weDEsCglDcmVhdG9yIElE
PUJIWVYsIENyZWF0b3IgUmV2aXNpb249MHgxCgoKQVBJQzogTGVuZ3RoPTgyLCBSZXZpc2lvbj0x
LCBDaGVja3N1bT0yMzUsCglPRU1JRD1CSFlWRSwgT0VNIFRhYmxlIElEPUJWTUFEVCwgT0VNIFJl
dmlzaW9uPTB4MSwKCUNyZWF0b3IgSUQ9QkhZViwgQ3JlYXRvciBSZXZpc2lvbj0weDEKCgpNQ0ZH
OiBMZW5ndGg9NjAsIFJldmlzaW9uPTEsIENoZWNrc3VtPTI0OSwKCU9FTUlEPUJIWVZFLCBPRU0g
VGFibGUgSUQ9QlZNQ0ZHLCBPRU0gUmV2aXNpb249MHgxLAoJQ3JlYXRvciBJRD1CSFlWLCBDcmVh
dG9yIFJldmlzaW9uPTB4MQoKClNQQ1I6IExlbmd0aD04MCwgUmV2aXNpb249MSwgQ2hlY2tzdW09
MTIwLAoJT0VNSUQ9QkhZVkUsIE9FTSBUYWJsZSBJRD1CVlNQQ1IsIE9FTSBSZXZpc2lvbj0weDEs
CglDcmVhdG9yIElEPUJIWVYsIENyZWF0b3IgUmV2aXNpb249MHgxCgo=
====
Reply | Threaded
Open this post in threaded view
|

Re: iked(8) producing bad-ip-version 7 error with vxlan(4) traffic

Jason Tubnor
Alternate workaround below as well as the potential cause:

On Tue, 23 Oct 2018 at 11:47, Jason Tubnor <[hidden email]> wrote:

> >Synopsis:      iked(8) producing bad-ip-version 7 error with vxlan(4)
> traffic
> >Category:      system
> >Environment:
>         System      : OpenBSD 6.4
>         Details     : OpenBSD 6.4 (GENERIC.MP) #364: Thu Oct 11 13:30:23
> MDT 2018
>                          [hidden email]:
> /usr/src/sys/arch/amd64/compile/GENERIC.MP
>
>         Architecture: OpenBSD.amd64
>         Machine     : amd64
>
>
> >How-To-Repeat:
>         - Setup a simple P-t-P iked(8) link using public keying.
> Something like:
>
> /etc/iked.conf
> ikev2 active ipcomp esp from 192.168.1.2 to 192.168.1.1 \
>         peer 192.168.1.1 srcid 192.168.1.2
>
>         - Initiate the link
>         - Create a vxlan(4) unicast tunnel across the link at both ends.
>
> /etc/hostname.vxlan32
> inet 10.1.1.2 255.255.255.252 10.1.1.3
> tunnel 192.168.1.2 192.168.1.1 vnetid 32
> up
>
>         - Send packets across the tunnel.  In my tests, simple ICMP
> echo/reply didn't complete (dropped).
>
> >Fix:
>         Roll back to OpenBSD 6.3#11
>

By removing ipcomp from both ends of the iked(8) tunnel, encapsulated
traffic flows correctly again.  So simply changing /etc/iked.conf to:

ikev2 active esp from 192.168.1.2 to 192.168.1.1 \
        peer 192.168.1.1 srcid 192.168.1.2

Fixed the issue on both 6.4-stable and 6.4-current.  I'm not sure why
ipcomp is the culprit here as there were no indications in the release
notes, however, could be due to something else when the network stack was
uplifted during development of 6.4.

Cheers.