From nobody Thu Nov 10 13:28:50 2022
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N7N323t2Qz4dTFs
	for <freebsd-net@mlmmj.nyi.freebsd.org>; Thu, 10 Nov 2022 13:29:02 +0000 (UTC)
	(envelope-from ozkan.kirik@gmail.com)
Received: from mail-yb1-xb35.google.com (mail-yb1-xb35.google.com [IPv6:2607:f8b0:4864:20::b35])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4N7N321kXvz47D9
	for <freebsd-net@freebsd.org>; Thu, 10 Nov 2022 13:29:02 +0000 (UTC)
	(envelope-from ozkan.kirik@gmail.com)
Authentication-Results: mx1.freebsd.org;
	none
Received: by mail-yb1-xb35.google.com with SMTP id 7so2255534ybp.13
        for <freebsd-net@freebsd.org>; Thu, 10 Nov 2022 05:29:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=CP3rL4le50nQtKLqhiPsGZiXy4CtQGnfp/rFiYVcV6I=;
        b=fKfn1OFDgx6IsNuRrexHoBFL6jFMnm+Z2XwFmbd0NHjC8zIrsQS0Oy3UrNJ5ToxqKh
         vOso6aIJm02+Wl8nqcmTXWIFugEdvEjWUCLKvyaNs5MHJrryGxwS+CZxwzupZbqKVJQ7
         zdMqnLbz0y6NE39kIOF0LQDYsPIcCnVN0iTt6Z5KOLsOV7DoFDffWCiQ0lKzJsnbr0PE
         DLqRInNzigYgsNru6UNEJEF3gZBVsCdZc+cv1Y8mjMT0jG6QKZ3as1iUsLttEgrJxc/C
         OGSkyUNr14zDHv6GQSvpxnlchz9k3qUot42yNRreBIAw5APWboV4YIvHsgwNx4hRxYgJ
         seBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=CP3rL4le50nQtKLqhiPsGZiXy4CtQGnfp/rFiYVcV6I=;
        b=0zaahKoESoUpKNNoZRHaZ4kYzF64fRpK4GRn6+YRZKOBVZHCTLEpG6KuvGV0XXPHtF
         T28BOur25NticmuHhRc0W8iyqq1f+kwwQ16oRyfinw0VzDtHOCja6GZcnBPHTeyum+yo
         10FzO0C4iGUabrHQETV5fQ3QHTEdt1n5+etiHgMUqZdJFKT67S/WTeH1IGphL4EyHVRR
         x/aWOAOKe9RjXl0ofSUZCAeX/yhzxoNdjTT+GRQV2UE9xxSmtukzWLTSpPxFeNDCoQQb
         XdkEEN22f0KDMw3UX3ie2rtEjjd1Dp8GSXOXywDo2u2sAHGcsxxpPt+sWY9HBtvGF45Q
         nNuA==
X-Gm-Message-State: ANoB5pkhS5i19EUdd65o5zslzdAoEMGiW5OPNLylgz3WOzdN8+Pgsi9B
	wntUWywVmemfdklNnCkIxd1LbzBEpb2xyfmkh8dUmfN8SVA=
X-Google-Smtp-Source: AA0mqf61xnHZE7gEoda/47XZHXvR+4ZvWX1dH9KGsZXaV9hSKOwizQaxYFBq8QQJwhFeyuf4vAIZHdzoBcBLOS9Yr+Y=
X-Received: by 2002:a05:6902:1204:b0:6d5:a135:608b with SMTP id
 s4-20020a056902120400b006d5a135608bmr24787032ybu.316.1668086941188; Thu, 10
 Nov 2022 05:29:01 -0800 (PST)
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@freebsd.org
MIME-Version: 1.0
References: <CAAcX-AEWMfVwQhjD85wFQnFQbpoYfY41n0zk3ajB0JiJt5AXtw@mail.gmail.com>
 <20221110131224.GA308@belenus.iks-jena.de>
In-Reply-To: <20221110131224.GA308@belenus.iks-jena.de>
From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= <ozkan.kirik@gmail.com>
Date: Thu, 10 Nov 2022 16:28:50 +0300
Message-ID: <CAAcX-AEPM+0FwsBY_ayjbQYJoy-h8vJEqAOsEp9RwQFhDy9zaA@mail.gmail.com>
Subject: Re: Bridging LACP PDUs ?
To: Lutz Donnerhacke <lutz@donnerhacke.de>
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: 4N7N321kXvz47D9
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
	TAGGED_FROM(0.00)[]
X-ThisMailContainsUnwantedMimeParts: N

Hi,

I'm trying to filter traffic through an uplink cable between two
switches. (similar to virtual wire behaviour).
So all broadcast & multicast packages should pass to the other port.
But pf or ipfw should work for L3+ packages.

Your suggestion will terminate the LACP on FreeBSD. So that if one
side's link goes down, the other LACP side cannot sense the problem by
this way. Because the connected side can receive LACP PDU's from
FreeBSD.

I read the source code of if_bridge and then I found the behaviour for
reserved multicast addresses :
https://github.com/freebsd/freebsd-src/blob/main/sys/net/if_bridge.c#L2369-=
L2372

I've defined a new sysctl to turn on/off this condition. It's working
now as I expect.

Thanks,

Lutz Donnerhacke <lutz@donnerhacke.de>, 10 Kas 2022 Per, 16:12
tarihinde =C5=9Funu yazd=C4=B1:
>
> On Tue, Nov 08, 2022 at 04:44:38PM +0300, =C3=96zkan KIRIK wrote:
> > Topology is below:
> > [switch1 - lacp] <---> [ freebsd bridge ] <---> [switch2 - lacp]
> >
> > Is there a way to pass LACP PDUs ?
>
> LACP packets are more layer1 than layer2, they must not be forwarded at
> layer2 to different endpoints.
>
> Does you setting allow the following?
>
>   [switch1 - lacp] <---> [ freebsd bridge ] <---> [switch2 - lacp]
>                                   ^
>                                   |
>                                   |
>                                   v
>                          [ switch 3 - lacp ]
>
> If not, why you are using a bridge?
>
> A typical solution is to have multiple LACPs:
>   switch1 --lacp-- lagg1 | freebsd bridge | lagg2 --lacp-- switch2
>