Bug 257038 - em(4): Panic on HTTP traffic to or from jail through vxlan(4)
Summary: em(4): Panic on HTTP traffic to or from jail through vxlan(4)
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 13.0-RELEASE
Hardware: amd64 Any
: --- Affects Some People
Assignee: freebsd-net (Nobody)
Keywords: crash, needs-qa
Depends on:
Reported: 2021-07-07 09:00 UTC by capra-freebsd
Modified: 2021-07-08 20:31 UTC (History)
7 users (show)

See Also:
koobs: maintainer-feedback? (bryanv)
koobs: maintainer-feedback? (np)
koobs: mfc-stable13?

core.txt (170.78 KB, application/x-troff-man)
2021-07-07 09:00 UTC, capra-freebsd
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description capra-freebsd 2021-07-07 09:00:28 UTC
Created attachment 226282 [details]

After upgrading to 13.0-RELEASE my host panics when I try to open a http connection to a jail (or opening a connection from the jail) . I'm using vxlan to separate my networks, worked great on 12.x. 

the problem seems to occur here:

line 55
Core.txt attached, additional Info 
Comment 1 Kristof Provost freebsd_committer 2021-07-07 09:17:54 UTC
Please describe your setup in sufficient detail to reproduce it.

The core file suggests that you've created or wound up in a traffic loop, which is resulting in a stack overflow. That's not something we can debug without understanding your setup.
Comment 2 capra-freebsd 2021-07-07 10:15:25 UTC
I'll try to describe my Setup as good as I possible: 
I have one physical IF connected, it's called em0. 

I have 2 vxlan interfaces, endpoint is my router
ifconfig_em0="inet netmask mtu 4000"
create_args_vxlan43="vxlanid 43 vxlanlocal vxlanremote"
ifconfig_vxlan43="inet netmask up"
create_args_vxlan44="vxlanid 44 vxlanlocal vxlanremote"
ifconfig_vxlan44="inet netmask up"

therefore I have to use fibs to have several routing tables, they are pretty simple 
setfib 1 route add -net -iface vxlan44
setfib 2 route add -net -iface vxlan43

# Default route
setfib 1 route add default
setfib 2 route add default

furthermore I use bhyve based virtual machines in my setup, they are connected to the vxlan interfaces and work just fine. 
phcn  standard  vm-phcn  -        no       -    -     vxlan43
DMZ   standard  vm-DMZ   -        no       -    -     vxlan44

the problem starts with the jail that are connected to vxlans, for example this one:
cat /zroot/iocage/jails/phcn-zabbix/config.json 
    "boot": 0,
    "depends": "psql",
    "exec_fib": "2",
    "host_hostname": "phcn-zabbix",
    "host_hostuuid": "phcn-zabbix",
    "ip4_addr": "lo1|,vxlan43|",
    "jail_zfs_dataset": "iocage/jails/phcn-zabbix/data",
    "last_started": "2021-07-07 10:06:19",
    "release": "12.2-RELEASE-p6"

when I try to connect to the zabbix webui, or if I use the jail console to 
curl www.google.de  the host crashes.