On Monday 21 May 2007 07:17:07 pm Jack Vogel wrote: > On 5/21/07, Sten Spans <sten_at_blinkenlights.nl> wrote: > > On Mon, 21 May 2007, Ian FREISLICH wrote: > > > > > Hi > > > > > > We've noticed an issue on our firewalls where the first em device > > > in the system hijacks inbound port 623 tcp and udp. The OS never > > > sees this traffic. Interestingly, em1 and em2 do not appear to be > > > afflicted by this problem. Some reading I've done points to a > > > similar conclusion: > > > > > > http://blogs.sun.com/shepler/entry/port_623_or_the_mount > > > > > > I've looked at the bios, but I can't find any settings that remotely > > > hint IPMI or RMCP+ or serial-over-lan. > > > > > > Does anyone know how I can stop the card or system from stealing > > > port 623 in hardware or must I just stop using em0 (and/or Intel NICS)? > > > > Does "ifconfig em0 promisc" help ? > > That fixed firmware related vanishing ipv6 packets on fxp and em. > > Is this happening even with the latest CURRENT driver, there is code in > it now that is supposed to stop the firmware from doing that, at least > that was the theory :) We still see this at work. We use this workaround in /etc/sysctl.conf: net.inet.ip.portrange.lowlast=665 It seems that the em0 interface always snoops 623 looking for RCMP packets for IPMI (or ASF). -- John BaldwinReceived on Fri Jul 13 2007 - 10:49:25 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:14 UTC