Date: Wed, 20 Dec 2023 20:55:30 +0000 From: DtxdF <DtxdF@disroot.org> To: freebsd-net@freebsd.org, "Patrick M. Hausen" <hausen@punkt.de>, FreeBSD Net <freebsd-net@freebsd.org> Subject: Re: Display of bridge member interfaces cut short - bug or intention? Message-ID: <30AEAEFC-F46F-452F-BFE6-760A21811793@disroot.org> In-Reply-To: <E7DE9D4C-A3E5-4BBE-83D3-D003E4DF9CF2@punkt.de> References: <E7DE9D4C-A3E5-4BBE-83D3-D003E4DF9CF2@punkt.de>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Hi Patrick, I have opened a bug in BugZilla [1] some time ago, it seems to be related. Truncating the output can be a problem with automation tools that rely on the output of ifconfig(8) to perform some tasks. [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275491 El 20 de diciembre de 2023 5:04:36 p. m. UTC, "Patrick M. Hausen" <hausen@punkt.de> escribió: >Hi all, > >as some probably know we provide web hosting services and we use jails for that. > >On some particular host we have 255 vnet jails all of which are connected to the >external interface of the host - renamed to "inet0" in our environment - via >if_bridge(4) and all managed with iocage. > >root@ph003:~ # grep inet0 /iocage/jails/vpro*/config.json|wc -l > 255 > >Of these 251 also have a second epair interface connected to a private bridge >named "priv1". These are used for connections to the central database server >which should not be exposed to the Internet. > >root@ph003:~ # grep priv1 /iocage/jails/vpro*/config.json | wc -l > 251 > >While looking for a different problem to my great suprise I found today that >ifconfig truncates the list of member interfaces for both bridge instances. >And both to the same value of 102, although the member numbers are (albeit slightly) >different: > >root@ph003:~ # ifconfig inet0|grep member:|wc -l > 102 >root@ph003:~ # ifconfig priv1 | grep member: | wc -l > 102 > >All 255 jails are connected to the external network and perfectly reachable from >the Internet. That's why I conclude that the display is wrong, not the bridge >configuration. > >What's happening here? Is this intentional or shall I file a bug report? > >More importantly: either way is this only cosmetic or will we hit another unexpected >limit of the number of interfaces that can be members of a bridge any time soon? > >Kind regards, >Patrick >-- >punkt.de GmbH >Patrick M. Hausen >infrastructure > >Sophienstr. 187 >76185 Karlsruhe > >Tel. +49 721 9109500 > >https://infrastructure.punkt.de >info@punkt.de > >AG Mannheim 108285 >Geschäftsführer: Daniel Lienert, Fabian Stein > > [-- Attachment #2 --] <html><head></head><body><div dir="auto">Hi Patrick,<br><br>I have opened a bug in BugZilla [1] some time ago, it seems to be related.<br><br>Truncating the output can be a problem with automation tools that rely on the output of ifconfig(8) to perform some tasks.<br><br>[1] <a href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275491">https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275491</a></div><br><br><div class="gmail_quote"><div dir="auto">El 20 de diciembre de 2023 5:04:36 p. m. UTC, "Patrick M. Hausen" <hausen@punkt.de> escribió:</div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"> <pre class="k9mail"><div dir="auto">Hi all,<br><br>as some probably know we provide web hosting services and we use jails for that.<br><br>On some particular host we have 255 vnet jails all of which are connected to the<br>external interface of the host - renamed to "inet0" in our environment - via<br>if_bridge(4) and all managed with iocage.<br><br>root@ph003:~ # grep inet0 /iocage/jails/vpro*/config.json|wc -l<br> 255<br><br>Of these 251 also have a second epair interface connected to a private bridge<br>named "priv1". These are used for connections to the central database server<br>which should not be exposed to the Internet.<br><br>root@ph003:~ # grep priv1 /iocage/jails/vpro*/config.json | wc -l<br> 251<br><br>While looking for a different problem to my great suprise I found today that<br>ifconfig truncates the list of member interfaces for both bridge instances.<br>And both to the same value of 102, although the member numbers are (albeit slightly)<br>different:<br><br>root@ph003:~ # ifconfig inet0|grep member:|wc -l<br> 102<br>root@ph003:~ # ifconfig priv1 | grep member: | wc -l<br> 102<br><br>All 255 jails are connected to the external network and perfectly reachable from<br>the Internet. That's why I conclude that the display is wrong, not the bridge<br>configuration.<br><br>What's happening here? Is this intentional or shall I file a bug report?<br><br>More importantly: either way is this only cosmetic or will we hit another unexpected<br>limit of the number of interfaces that can be members of a bridge any time soon?<br><br>Kind regards,<br>Patrick<br></div></pre></blockquote></div></body></html>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?30AEAEFC-F46F-452F-BFE6-760A21811793>