What is device/interface index 0?

Fern-X · ‎10-10-2023

In session list below, I can see reference to device/interface index 0 (see "dev=0->0/0->0"), but "diagnose sys device list" does not show such. What is device/interface index 0?

# diagnose sys session list
:
session info: proto=17 proto_state=00 duration=134 expire=45 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
state=log dirty may_dirty npu f00
statistic(bytes/packets/allow_err): org=76/1/1 reply=0/0/0 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->post, reply pre->post dev=0->0/0->0 gwy=0.0.0.0/0.0.0.0
hook=pre dir=org act=noop censored1:48499->censored2:123(0.0.0.0:0)
hook=post dir=reply act=noop censored2:123->censored1:48499(0.0.0.0:0)
misc=0 policy_id=18 auth_info=0 chk_client_info=0 vd=1
serial=e01d0871 tos=ff/ff app_list=0 app=0 url_cat=0
sdwan_mbr_seq=0 sdwan_service_id=0
rpdb_link_id=00000000 rpdb_svc_id=0 ngfwid=n/a
npu_state=00000000
npu info: flag=0x00/0x00, offload=0/0, ips_offload=0/0, epid=0/0, ipid=0/0, vlan=0x0000/0x0000
vlifid=0/0, vtag_in=0x0000/0x0000 in_npu=0/0, out_npu=0/0, fwd_en=0/0, qid=0/0
no_ofld_reason
:

Toshi_Esumi · ‎10-10-2023

I would assume dev=0 means itself because my own 40F's NTP session (UDP(17) 123) is origined from dev=0. But I don't understand your case because the destination is also 0 and policy_id is 18. What's in policy#18?

Toshi

Fern-X · ‎10-10-2023

Hi Toshi, here:

config vdom

edit censored-vdom

config firewall policy

:

edit 18
set uuid censored
set srcintf "censored-zone"
set dstintf "censored-npu0_vlink1"
set srcaddr "censored-addgrp"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set logtraffic all
next

:

Toshi_Esumi · ‎10-10-2023

I think it speaks itself.

Zones include multiple interfaces so can't set IDs. Packets to npu_vlinks are offloaded from CPU and managed by npu so probably don't need dev IDs.

<edit>also does this vdom happen to be in transparent mode? I didn't see any gateway info either.</edit>

Toshi

Fern-X · ‎10-10-2023

The following is from exactly same "diagnose sys session list" printout (but for a TCP session, not UDP).

session info: proto=6 proto_state=06 duration=0 expire=4 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=4
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
state=log may_dirty npu synced f00
statistic(bytes/packets/allow_err): org=164/3/1 reply=112/2/1 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->post, reply pre->post dev=61->57/57->61 gwy=172.28.censored/172.28.censored
hook=pre dir=org act=noop censored3:48232->censored3:80(0.0.0.0:0)
hook=post dir=reply act=noop censored4:80->censored3:48232(0.0.0.0:0)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=18 auth_info=0 chk_client_info=0 vd=1
serial=e01fcb30 tos=ff/ff app_list=0 app=0 url_cat=0
sdwan_mbr_seq=0 sdwan_service_id=0
rpdb_link_id=00000000 rpdb_svc_id=0 ngfwid=n/a
npu_state=0x000c00
npu info: flag=0x91/0x81, offload=8/8, ips_offload=0/0, epid=140/355, ipid=355/141, vlan=0x00ae/0x0802
vlifid=194/141, vtag_in=0x00ae/0x0802 in_npu=2/1, out_npu=1/1, fwd_en=1/0, qid=4/4

Devices index 61 is for a VLAN-type interface that's a member of censored-zone zone; and 57 is for a VLAN-type interface censored-npu0_vlink1 - these, indeed... are as expected.

So, if the original printout "speaks for itself", then I'm missing it...

Toshi_Esumi · ‎10-10-2023

Then my interpretation must be wrong.

Toshi

What is device/interface index 0?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website