Router Promiscuity

My home router (an old Shuttle running OpenBSD 6.3) went down due to bad blocks on /var. I had recent backups, but my cold spare still had a 5.x install on it, so after manually fscking the old machine enough to get it back online for the day, I downloaded a fresh copy of OpenBSD 6.9, installed it, copied over all the config files, and swapped it into place.

It didn’t work. More precisely, everything worked except sending traffic out the public interface to the Internet. I couldn’t reach the gateway. I could ssh into the router from my laptop over the private interface just fine, though.

Thinking perhaps that I’d outsmarted myself by trying to preserve the MAC address of the old server to deal with the common cable-modem issue of fixating on a specific MAC, I removed that clause from the config and rebooted both router and modem.

That didn’t help, so I fired up tcpdump on the public interface to see if there was anything showing up at all, and everything started working fine.

Kill tcpdump, packets stop. Start it back up, packets flow. In other words, everything works perfectly as long as the public interface is in promiscuous mode. This isn’t one I’ve run into before in my 15-ish years of managing OpenBSD routers, or even the 6 years I’ve owned this Shuttle DS61.

I’m going to have to swap a new SSD into the other router (identical hardware), install the same configs, and do some testing. Which is a lot easier if I’m online, so for now, /etc/rc.local contains:

nohup tcpdump -n -i re0 -w /dev/null icmp &

Comments via Isso

Markdown formatting and simple HTML accepted.

Sometimes you have to double-click to enter text in the form (interaction between Isso and Bootstrap?). Tab is more reliable.