Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 10 Nov 2022 16:28:50 +0300
From:      =?UTF-8?B?w5Z6a2FuIEtJUklL?= <ozkan.kirik@gmail.com>
To:        Lutz Donnerhacke <lutz@donnerhacke.de>
Cc:        FreeBSD Net <freebsd-net@freebsd.org>
Subject:   Re: Bridging LACP PDUs ?
Message-ID:  <CAAcX-AEPM%2B0FwsBY_ayjbQYJoy-h8vJEqAOsEp9RwQFhDy9zaA@mail.gmail.com>
In-Reply-To: <20221110131224.GA308@belenus.iks-jena.de>
References:  <CAAcX-AEWMfVwQhjD85wFQnFQbpoYfY41n0zk3ajB0JiJt5AXtw@mail.gmail.com> <20221110131224.GA308@belenus.iks-jena.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
Hi,

I'm trying to filter traffic through an uplink cable between two
switches. (similar to virtual wire behaviour).
So all broadcast & multicast packages should pass to the other port.
But pf or ipfw should work for L3+ packages.

Your suggestion will terminate the LACP on FreeBSD. So that if one
side's link goes down, the other LACP side cannot sense the problem by
this way. Because the connected side can receive LACP PDU's from
FreeBSD.

I read the source code of if_bridge and then I found the behaviour for
reserved multicast addresses :
https://github.com/freebsd/freebsd-src/blob/main/sys/net/if_bridge.c#L2369-=
L2372

I've defined a new sysctl to turn on/off this condition. It's working
now as I expect.

Thanks,

Lutz Donnerhacke <lutz@donnerhacke.de>, 10 Kas 2022 Per, 16:12
tarihinde =C5=9Funu yazd=C4=B1:
>
> On Tue, Nov 08, 2022 at 04:44:38PM +0300, =C3=96zkan KIRIK wrote:
> > Topology is below:
> > [switch1 - lacp] <---> [ freebsd bridge ] <---> [switch2 - lacp]
> >
> > Is there a way to pass LACP PDUs ?
>
> LACP packets are more layer1 than layer2, they must not be forwarded at
> layer2 to different endpoints.
>
> Does you setting allow the following?
>
>   [switch1 - lacp] <---> [ freebsd bridge ] <---> [switch2 - lacp]
>                                   ^
>                                   |
>                                   |
>                                   v
>                          [ switch 3 - lacp ]
>
> If not, why you are using a bridge?
>
> A typical solution is to have multiple LACPs:
>   switch1 --lacp-- lagg1 | freebsd bridge | lagg2 --lacp-- switch2
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAcX-AEPM%2B0FwsBY_ayjbQYJoy-h8vJEqAOsEp9RwQFhDy9zaA>