Dropped UDP Packets
-
Hi,
I am seeing a very strange issue.
Traffic generally flows fine, ICMP and TCP traffic has no issues. However, UDP packets, at least some, are not being forwarded.
LAN: 172.20.77.0./24
Remote Network: 172.20.81.0/24The packets in question look like this:
Or like this in the built in packet capture:
They show up in FW states on the LAN interface.
But the packet is not forwarded. I can capture it on the incoming interface, but not the outgoing interface. I also cannot match the traffic on a FW rule. Even with a general rule on the LAN interface with just the source and destination IP, and any protocol will not match the traffic. Any idea what is happening here?
I have tried to disable pf scrub on the routers, but it has not effect on the issue. The traffic still does not appear on the outgoing interface, and cannot be matching by a FW rule.
The router is running pfSense 23.05.1
-
@DEHAAS UPDATE: I can see the rule beeing hit once or twice while the router is booting. However, once it is fully booted, the traffic is no longer forwarded. I am still out of ideas, but maybe this information can help spark an idea somewhere
-
@DEHAAS I believe I have found the problem to be routing related. A state is created for a wrong path as the correct path does not exist when seeing the first packet. The correct path is learned later via OSPF, but the old state is not cleared. I have created a separate thread in the FRR package section of the forum: https://forum.netgate.com/topic/181321/state-not-cleared-after-routing-change. It appeared as some UDP traffic being dropped, as this was the only traffic which had a state created before routes had converged.