1.4 | BFD Bug - martian source

Hallo togehter,

i found a strange behavior in BFD in VyOS 1.4 - maybe a bug?

In my GNS3 Setup (to simulate and test a CG-NAT Setup) i found these log entry spam:

Jan 03 09:43:09 kernel: IPv4: martian source 10.10.10.10 from 10.10.10.10, on dev eth2
Jan 03 09:43:09 kernel: ll header: 00000000: 0c ba a6 1d 00 02 0c 07 af 5c 00 02 08 00
Jan 03 09:43:09 kernel: IPv4: martian source 10.10.10.10 from 10.10.10.10, on dev eth2
Jan 03 09:43:09 kernel: ll header: 00000000: 0c ba a6 1d 00 02 0c 07 af 5c 00 02 08 00
Jan 03 09:43:09 kernel: IPv4: martian source 10.10.10.10 from 10.10.10.10, on dev eth2
Jan 03 09:43:09 kernel: ll header: 00000000: 0c ba a6 1d 00 02 0c 07 af 5c 00 02 08 00
Jan 03 09:43:09 kernel: IPv4: martian source 10.10.10.10 from 10.10.10.10, on dev eth2
Jan 03 09:43:09 kernel: ll header: 00000000: 0c ba a6 1d 00 02 0c 07 af 5c 00 02 08 00
Jan 03 09:43:09 kernel: IPv4: martian source 10.10.10.10 from 10.10.10.10, on dev eth2
Jan 03 09:43:09 kernel: ll header: 00000000: 0c ba a6 1d 00 02 0c 07 af 5c 00 02 08 00

First i thought, i got a routing loop, but it still continuous if all other interfaces are disconnected.
Here ist my bfd config, working in 1.3 correctly (IPs changed)

vyos@vyos# show protocols bfd
peer 10.10.10.9 {
echo-mode
source {
address 10.10.10.10 #remove the source address doenst change something in this behavior
}
}
vyos@vyos# run show bfd peer 10.10.10.9
peer 10.10.10.9 local-address 10.10.10.10 vrf default
ID: 1489440218
Remote ID: 1606131191
Active mode
Status: up
Uptime: 5 minute(s), 31 second(s)
Diagnostics: ok
Remote diagnostics: ok
Peer Type: configured
RTT min/avg/max: 1000/1745/1947 usec
Local timers:
Detect-multiplier: 3
Receive interval: 300ms
Transmission interval: 300ms
Echo receive interval: 50ms
Echo transmission interval: 50ms
Remote timers:
Detect-multiplier: 3
Receive interval: 300ms
Transmission interval: 300ms
Echo receive interval: 50ms

Here is a screenshot from Wireshark capture

image825×412 10.1 KB

However, the problem seems to only occur in IPv4.
What do you think?

best regards
Hannibal

@Hannibal
Looking on your screenshots everything is ok. It is BFD Echo mode.
In Echo mode BFD creates to types of packets.
Control and echo.
Control packets have different IP source and IP destination.
In echo packets IP destination = IP source. But they have different MAC addresses.
Therefore, when a router receives a BFD echo packet, it does not forward it to the CPU, because the destination IP address is not that router’s IP address, and the packet is forwarded back.
So it is a normal situation.

My Mistake. Reading the RFC will help.
But is this spam into the log wanted? In 1.3 it doesnt happen

set firewall log-martians disable