Hi YongHyeon, With the original unmodified .ko... ifconfig output as requested at bottom Static IP-configuration does not make a difference with the ipfw behaviour. ipfw ruleset (based on /etc/rc.firewall simple ruleset) 00010 allow ip from any to me dst-port 22 recv ue0 00010 allow tcp from me 22 to any xmit ue0 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 00400 deny ip from any to ::1 00500 deny ip from ::1 to any 00600 allow ipv6-icmp from :: to ff02::/16 00700 allow ipv6-icmp from fe80::/10 to fe80::/10 00800 allow ipv6-icmp from fe80::/10 to ff02::/16 00900 allow ipv6-icmp from any to any ip6 icmp6types 1 01000 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136 01100 deny ip from 10.16.2.1 to any in via ue0 01200 deny ip from 172.17.2.111 to any in via re0 01300 deny ip from any to 10.0.0.0/8 via ue0 01500 deny ip from any to 192.168.0.0/16 via ue0 01600 deny ip from any to 0.0.0.0/8 via ue0 01700 deny ip from any to 169.254.0.0/16 via ue0 01800 deny ip from any to 192.0.2.0/24 via ue0 01900 deny ip from any to 224.0.0.0/4 via ue0 02000 deny ip from any to 240.0.0.0/4 via ue0 02100 divert 8668 ip4 from any to any via ue0 02200 deny ip from 10.0.0.0/8 to any via ue0 02400 deny ip from 192.168.0.0/16 to any via ue0 02500 deny ip from 0.0.0.0/8 to any via ue0 02600 deny ip from 169.254.0.0/16 to any via ue0 02700 deny ip from 192.0.2.0/24 to any via ue0 02800 deny ip from 224.0.0.0/4 to any via ue0 02900 deny ip from 240.0.0.0/4 to any via ue0 03000 allow tcp from any to any established 03100 allow ip from any to any frag 03200 allow tcp from any to me dst-port 22 setup 03300 allow tcp from any to me dst-port 25 setup 03400 allow tcp from any to me dst-port 465 setup 03500 allow tcp from any to me dst-port 587 setup 03600 allow tcp from any to me dst-port 80 setup 03700 allow tcp from any to me dst-port 443 setup 03800 deny log logamount 5 ip4 from any to any in via ue0 setup proto tcp 03900 allow tcp from any to any setup 04000 allow udp from me to any dst-port 53 keep-state 04100 allow udp from me to any dst-port 123 keep-state 04200 allow ip from any to any dst-port 22 recv ue0 65535 deny ip from any to any If I remove rule 10 it will NOT work with ue0, the ruleset without rule 10 DOES work with re0. Found an older PR about em or fxp having trouble with natd when rxcsum/txcsum was enabled, that is why I started fiddling with rxcsum/txcsum and found that the NIC would be unusable without rxcsum/txcsum enabled. If only I could find that PR now (kern/170081???)... Was fixed in base... Some other post reported fake AX88772A chips (32-pin packaging vs 64 in the original) on cheap USB NICs so I checked the hardware as well and could not see an issue (64-pin packaging). # ifconfig ue0 ue0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8000b<RXCSUM,TXCSUM,VLAN_MTU,LINKSTATE> ether 00:60:6e:42:5b:53 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> media: Ethernet autoselect (100baseTX <full-duplex>) status: active # dhclient ue0 DHCPDISCOVER on ue0 to 255.255.255.255 port 67 interval 4 DHCPOFFER from 172.17.2.1 DHCPREQUEST on ue0 to 255.255.255.255 port 67 DHCPACK from 172.17.2.1 bound to 172.17.2.111 -- renewal in 43200 seconds. # ifconfig ue0 ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8000b<RXCSUM,TXCSUM,VLAN_MTU,LINKSTATE> ether 00:60:6e:42:5b:53 inet6 fe80::260:6eff:fe42:5b53%ue0 prefixlen 64 scopeid 0x7 inet 172.17.2.111 netmask 0xffffff00 broadcast 172.17.2.255 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> media: Ethernet autoselect (100baseTX <full-duplex>) status: active On Wed, Apr 10, 2013 at 4:14 AM, YongHyeon PYUN <pyunyh_at_gmail.com> wrote: > On Mon, Apr 08, 2013 at 08:45:58PM +0200, Spil Oss wrote: > > Hi YongHyeon, > > > > output from verbose boot > > > > ugen3.2: <vendor 0x0b95> at usbus3 > > axe0: <vendor 0x0b95 product 0x772b, rev 2.00/0.01, addr 2> on usbus3 > > axe0: PHYADDR 0xe0:0x10 > > miibus1: <MII bus> on axe0 > > ukphy0: <Generic IEEE 802.3u media interface> PHY 16 on miibus1 > > ukphy0: OUI 0x007063, model 0x0008, rev. 1 > > ukphy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, > > auto-flow > > ue0: <USB Ethernet> on axe0 > > ue0: bpf attached > > ue0: Ethernet address: 00:60:6e:42:5b:53 > > ue0: link state changed to UP > > ue0: link state changed to DOWN > > ue0: link state changed to UP > > AX88772B engineering sample I have still worked on latest current. > Could you use a static IP rather than using DHCP and see whether > that makes any difference?(Note, you have to revert your changes > made to axe(4) before trying that). > > Also show me the output of 'ifconfig ue0' before/after running > dhclient(8). > > > > > Apart from what I originally described... > > Networking does work, but not when packets pass through ipfw and nat. If > I > > add my ipfw rules before the divert natd rule networking works as > expected, > > without the SYN,ACK response packets are not accepted if I e.g. connect > to > > something on the axe interface. I have validated the ipfw ruleset with > the > > onboard realtek NIC and it then works as expected. > > > > # usbconfig -u 3 -a 2 dump_info > > ugen3.2: <product 0x772b vendor 0x0b95> at usbus3, cfg=0 md=HOST spd=HIGH > > (480Mbps) pwr=ON (200mA) > > > > Kind regards, > > > > Spil. > > > > > > On Mon, Apr 8, 2013 at 8:35 AM, YongHyeon PYUN <pyunyh_at_gmail.com> wrote: > > > > > On Sun, Apr 07, 2013 at 09:14:16PM +0200, Spil Oss wrote: > > > > Hi all, > > > > > > > > With checksum offloading enabled I cannot use my axe NIC (ASIX > AX88772B). > > > > > > > > ifconfig ue0 -txcsum -rxcsum > > > > will make dhclient ue0 return > > > > > > > > if I re-enable txcsum and rxcsum I get an immediate response from the > > > dhcp > > > > server. > > > > > > > > Tried to remove the csum features by commenting out > > > > ifp->if_capabilities |= IFCAP_TXCSUM | IFCAP_RXCSUM; > > > > ifp->if_hwassist = AXE_CSUM_FEATURES; > > > > (lines 855 and 856 in /usr/src/sys/dev/usb/net/if_axe.c) > > > > and rebuild the module. This does remove RXCSUM and TXCSUM from > options > > > and > > > > behaves the same as disabling the features with ifconfig (i.e. does > not > > > > work) > > > > > > > > 10.0-CURRENT r248351 > > > > > > > > Hope someone can help me... Spil. > > > > > > Last time I tried, checksum offloading worked as expected. > > > Would you show me the verbose dmesg output after attaching the > > > axe(4) NIC? > > > >Received on Wed Apr 10 2013 - 15:48:01 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:36 UTC