Date: Tue, 4 Jun 2024 09:21:19 +0800 From: Zhenlei Huang <zlei@FreeBSD.org> To: FreeBSD User <freebsd@walstatt-de.de> Cc: FreeBSD CURRENT <freebsd-current@freebsd.org> Subject: Re: bridge: no traffic with vnet (epair) beyond bridge device Message-ID: <081448E7-E158-49BA-8758-39FAC9278EFC@FreeBSD.org> In-Reply-To: <20240603210231.64889de0@thor.intern.walstatt.dynvpn.de> References: <20240603210231.64889de0@thor.intern.walstatt.dynvpn.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Jun 4, 2024, at 3:02 AM, FreeBSD User <freebsd@walstatt-de.de> = wrote: >=20 > Hello, >=20 > I'm running a dual socket NUMA CURRENT host (Fujitsu RX host) running = several jails. Jails are > attached to a bridge device (bridge1), the physical device on that = bridge is igb1 (i350 based > NIC). The bridge is created via host's rc scripts, adding and/or = deleting epair members of the > bridge is performed by the jail.conf script. >=20 > I do not know how long the setup worked, but out of the blue, last = week after a longish > poudriere run after updating the host to most recent CURRENT (as of = today, latest update > kernel and world) and performing "etcupdate" on both the host and all = jails, traffic beyond > the bridge is not seen on the network! All jails can communicate with = each other. Traffic from > the host itself is routed via igb0 to network and back via igb1 onto = the bridge. Can you elaborate your setup of network. I'm getting confused by the = last sentence. Is it ( the network for jails ) a bridged one or routed one ? >=20 > I check all setups for net.link.bridge: >=20 > net.link.bridge.ipfw: 0 > net.link.bridge.log_mac_flap: 1 > net.link.bridge.allow_llz_overlap: 0 > net.link.bridge.inherit_mac: 0 > net.link.bridge.log_stp: 0 > net.link.bridge.pfil_local_phys: 0 > net.link.bridge.pfil_member: 0 > net.link.bridge.ipfw_arp: 0 > net.link.bridge.pfil_bridge: 0 > net.link.bridge.pfil_onlyip: 0 >=20 > I did not change anything (knowingly).=20 >=20 > I also have an oldish box running single socket processor, also driven = by the very same > CURRENT and similar, but not identical setup. The box is running very = well and the bridge is > working as expected. >=20 > I was wondering if something in detail has changed in the handling of = jails, epair and > bridges. I followed the setup "after the book", nothing suspicious. No functional changes to if_bridge / if_epair / jail since the beginning = of this year as far as I known. >=20 > Maybe someone has a clue what might break the bridge. >=20 > By the way: ifconfig bridge1 looks as always, igb1 as member and it = doesn't make any > difference whether I force the bridge to inherit igb1's MAC or not. >=20 > We also checked for the switches whether BPDU Guard may have been = triggered, but everything > looks good from the outside - execept the fact the brdiged interface = seems inactive (but up) > from the outside ... >=20 > Kind regards >=20 > oh >=20 > --=20 > O. Hartmann >=20 Best regards, Zhenlei
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?081448E7-E158-49BA-8758-39FAC9278EFC>