From owner-freebsd-bugs@freebsd.org  Sun Jul 22 20:16:41 2018
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 311711054BEF
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Sun, 22 Jul 2018 20:16:41 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id B87968301D
 for <freebsd-bugs@freebsd.org>; Sun, 22 Jul 2018 20:16:40 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 73BF71054BEE; Sun, 22 Jul 2018 20:16:40 +0000 (UTC)
Delivered-To: bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4F7611054BED
 for <bugs@mailman.ysv.freebsd.org>; Sun, 22 Jul 2018 20:16:40 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.ysv.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id C92F28301C
 for <bugs@FreeBSD.org>; Sun, 22 Jul 2018 20:16:39 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 03EE7215C7
 for <bugs@FreeBSD.org>; Sun, 22 Jul 2018 20:16:39 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w6MKGcFZ021547
 for <bugs@FreeBSD.org>; Sun, 22 Jul 2018 20:16:38 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w6MKGcgr021546
 for bugs@FreeBSD.org; Sun, 22 Jul 2018 20:16:38 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 229970] [ipfw] if_bridge(4) with physical denies igb trafiic
Date: Sun, 22 Jul 2018 20:16:39 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: CURRENT
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: ohartmann@walstatt.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
Message-ID: <bug-229970-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Jul 2018 20:16:41 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229970

            Bug ID: 229970
           Summary: [ipfw] if_bridge(4) with physical denies igb trafiic
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: ohartmann@walstatt.org

This is related to FreeBSD 12.0-CURRENT #254 r336614: Sun Jul 22 21:33:36 C=
EST
2018 amd64. The custom kernel is compiled with VIMAGE.

The host has igb0 (Intel I350 Gigabit Network Connection) as its own physic=
al
device.=20

[...]
igb0: <Intel(R) PRO/1000 PCI-Express Network Driver> mem
0xf7900000-0xf79fffff,0xf7a04000-0xf7a07fff irq 16 at device 0.0 on pci1
igb0: attach_pre capping queues at 8
igb0: using 1024 tx descriptors and 1024 rx descriptors
igb0: msix_init qsets capped at 8
igb0: pxm cpus: 4 queue msgs: 9 admincnt: 1
igb0: using 4 rx queues 4 tx queues=20
igb0: Using MSIX interrupts with 5 vectors
igb0: allocated for 4 tx_queues
igb0: allocated for 4 rx_queues
igb0: netmap queues/slots: TX 4/1024, RX 4/1024

[...]
igb0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0=
 mtu
1500
=20=20=20=20
options=3Da520b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_M=
AGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6>
        ether xx:xx:xx:xx:xx:xx
        inet 192.168.8.5 netmask 0xffffff00 broadcast 192.168.0.255=20
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active




igb0 is member of a if_bridge(4) with other epair(4) pseudo NICs:

[...]
bridge1000: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 m=
tu
1500
        ether 03:44:f4:a7:c0:08
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: epair52b flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 10 priority 128 path cost 2000
        member: epair3b flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 9 priority 128 path cost 2000
        member: igb0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 1 priority 128 path cost 20000
        groups: bridge

The following settings has been conducted accordingly:

[...]
net.link.bridge.ipfw: 0
net.link.bridge.allow_llz_overlap: 0
net.link.bridge.inherit_mac: 0
net.link.bridge.log_stp: 1
net.link.bridge.pfil_local_phys: 0
net.link.bridge.pfil_member: 0
net.link.bridge.ipfw_arp: 0
net.link.bridge.pfil_bridge: 0
net.link.bridge.pfil_onlyip: 0

On the host (owner of igb0) and on each of the jails IPFW is running, on the
jails as OPEN or as WORKSTATION, same for the host.

Pinging or ssh from one epair host to another on the bridge1000 or pinging =
the
outside world like freebsd.org works well. Pinging the host associated with
igb0 doesn't work! It doesn't work from any host on that specific if_bridge=
(4)
igb0 is member of.

Weird: if I ping from the host owning igb0 any of the jails within the
bridge1000 works and after this "init" pinging igb0's IP from the jails on
bridge1000 also worls like a charme as any other network traffic as expecte=
d!

I have a very similar setup on a host with Broadcom bcm NICs. I do not see =
the
problem there.

I do not know whether this is igb, ipfw related.

--=20
You are receiving this mail because:
You are the assignee for the bug.=