Re: tap(4), bridge(4), rump server networking: seeing duplicated packets

[Leonardo Taccari <leot%NetBSD.org@localhost>]

Leonardo Taccari writes:
> [...]
> I'm trying to setup two separate rump servers based on
> <https://www.netbsd.org/docs/rump/sptut.html> in order to generate and
> record some network traffic via tcpdump(8).
> I was able to setup two bridged tap-s interface and they are able to
> communicate. However, when observing on an interface the packets seems
> duplicated. I would expect to have no duplicate packets.
> [...]

Martin (<martin>) off list kindly pointed out shmif(4) - that is
simpler, does not require any root privileges and for the purpose of
capturing traffic is probably even better!
Thanks Martin!

For completeness, here the setup to spin up the rump servers, assuming
that `/tmp/shmif` is the regular file that will be used for shmif(4):

```
$ export RUMP_SERVER=unix:///tmp/rump0
$ rump_allserver ${RUMP_SERVER}
$ rump.ifconfig shmif0 create
$ rump.ifconfig shmif0 linkstr "/tmp/shmif"
$ rump.ifconfig shmif0 10.0.0.1/24 up
```

...and 2nd rump server:

```
$ export RUMP_SERVER=unix:///tmp/rump1
$ rump_allserver ${RUMP_SERVER}
$ rump.ifconfig shmif0 create
$ rump.ifconfig shmif0 linkstr "/tmp/shmif"
$ rump.ifconfig shmif0 10.0.0.2/24 up
```

OK, from the 1st rump server let's verify that this work:

```
$ rump.ping -c 1 10.2
PING 10.2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: icmp_seq=0 ttl=255 time=3.235939 ms

----10.2 PING Statistics----
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 3.235939/3.235939/3.235939/0.000000 ms
```

...and then we can try to initiate a TCP transmission... in the 2nd rump
server we start listening via socat:

```
$ export LD_PRELOAD=/usr/lib/librumphijack.so
$ socat TCP-LISTEN:1234 -
```

...and from the 1st rump server:

```
$ export LD_PRELOAD=/usr/lib/librumphijack.so
$ echo 'frobnitz' | socat - TCP-CONNECT:10.0.0.2:1234
```

From the host we could not capture the PCAP directly but there is
shmif_dumpbus(1) exactly for that purpose:

```
$ shmif_dumpbus -p - /tmp/shmif 2>/dev/null | tcpdump -nr - tcp
reading from file -, link-type EN10MB (Ethernet), snapshot length 1518
01:03:06.250004 IP 10.0.0.1.54039 > 10.0.0.2.1234: Flags [S], seq 758414778, win 32768, options [mss 1460,nop,wscale 3,sackOK,TS val 1 ecr 0], length 0
01:03:33.990004 IP 10.0.0.2.1234 > 10.0.0.1.54039: Flags [S.], seq 2274318360, ack 758414779, win 32768, options [mss 1460,nop,wscale 3,sackOK,TS val 1 ecr 1], length 0
01:03:06.250004 IP 10.0.0.1.54039 > 10.0.0.2.1234: Flags [.], ack 1, win 4197, options [nop,nop,TS val 1 ecr 1], length 0
01:03:06.250004 IP 10.0.0.1.54039 > 10.0.0.2.1234: Flags [P.], seq 1:10, ack 1, win 4197, options [nop,nop,TS val 1 ecr 1], length 9
01:03:06.250004 IP 10.0.0.1.54039 > 10.0.0.2.1234: Flags [F.], seq 10, ack 1, win 4197, options [nop,nop,TS val 1 ecr 1], length 0
01:03:33.990004 IP 10.0.0.2.1234 > 10.0.0.1.54039: Flags [.], ack 11, win 4196, options [nop,nop,TS val 1 ecr 1], length 0
01:03:34.510004 IP 10.0.0.2.1234 > 10.0.0.1.54039: Flags [F.], seq 1, ack 11, win 4196, options [nop,nop,TS val 2 ecr 1], length 0
01:03:06.770004 IP 10.0.0.1.54039 > 10.0.0.2.1234: Flags [.], ack 2, win 4197, options [nop,nop,TS val 2 ecr 2], length 0
```

I have not still figured out why the bridge-d tap-s ends up with
duplicated packets but at least for the problem to generate and capture
traffic shmif(4) definitely did the trick.


Thanks again Martin!