https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255678

Marek Zarychta <***@plan-b.pwste.edu.pl> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |***@plan-b.pwste.edu.
| |pl

--- Comment #2 from Marek Zarychta <***@plan-b.pwste.edu.pl> ---
(In reply to martin.larsson2 from comment #0)
Have you tried to check if it works on 13.0-STABLE? There is a couple of fixes
committed to stable/13 which maybe solved the issue. Please take a look at bug
255089 and bug 255273. See commits de703e98e6c863874aa6012e3ce1a61eee58c846 and
6f1e5d9169a9cbd65b480cb7c1012c3360d2ba06.
https://cgit.freebsd.org/src/commit/?id=de703e98e6c863874aa6012e3ce1a61eee58c846
https://cgit.freebsd.org/src/commit/?id=6f1e5d9169a9cbd65b480cb7c1012c3360d2ba06

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255678

--- Comment #3 from ***@gmail.com ---
I installed 13.0-STABLE kernel and /boot only which seemed to work.

result is that I can see the route being added now and no errors.
but regardless of settings in kernel-pfkey.conf it always add external route
now.
and thus it doesnt work anyways.

Internet:
Destination Gateway Flags Netif Expire
default 213.80.11.16 UGS igb1
10.11.12.0/24 213.80.11.16 US igb1

my cfg

kernel-pfkey {

# Size of the receive buffer for the event socket (0 for default size).
# events_buffer_size = 0

# Whether to load the plugin. Can also be an integer to increase the
# priority of this plugin.
load = yes
route_via_internal = yes
}

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255678

--- Comment #4 from Tobias Brunner <***@strongswan.org> ---
Please increase the log level for KNL to 2. Then check the log message starting
with "installing route:". Does it list the correct (internal) interface?

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255678

--- Comment #5 from ***@gmail.com ---
Mon, 2021-05-17, 15:58:12 07[KNL] adding policy 10.11.12.0/24 ===
192.168.5.0/24 in
Mon, 2021-05-17, 15:58:12 07[KNL] adding policy 192.168.5.0/24 ===
10.11.12.0/24 out
Mon, 2021-05-17, 15:58:12 07[KNL] getting a local address in traffic selector
192.168.5.0/24
Mon, 2021-05-17, 15:58:12 07[KNL] using host 192.168.5.10
Mon, 2021-05-17, 15:58:12 07[KNL] using 213.80.11.16 as nexthop to reach
19.4.13.19
Mon, 2021-05-17, 15:58:12 07[KNL] 192.168.5.10 is on interface igb0
Mon, 2021-05-17, 15:58:12 07[KNL] installing route: 10.11.12.0/24 via
213.80.11.16 src 192.168.5.10 dev igb0
Mon, 2021-05-17, 15:58:12 07[CHD] CHILD_SA rolfen{1} state change: CREATED =>
ROUTED

seems internal interface is correctly detected

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255678

--- Comment #6 from Marek Zarychta <***@plan-b.pwste.edu.pl> ---
You can try to increase net.route.algo.debug_level by changing this sysctl, but
it might be dependent on kernel "options FIB_ALGO" which is enabled by default
only in CURRENT.

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255678

--- Comment #7 from Tobias Brunner <***@strongswan.org> ---
OK, that interface name is passed via RTA_IFP attribute to the kernel when
installing the route. Maybe it doesn't like that the gateway (presumably) is
not reachable via that interface, so it changes it.

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255678

Kristof Provost <***@freebsd.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |***@freebsd.org
Assignee|***@FreeBSD.org |***@FreeBSD.org

--- Comment #8 from Kristof Provost <***@freebsd.org> ---
Net bug, not a pf issue. (In this context PF is protocol family, not packet
filter)