From owner-freebsd-net@freebsd.org Tue Aug 22 08:49:00 2017 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7D6DFDD97EA for ; Tue, 22 Aug 2017 08:49:00 +0000 (UTC) (envelope-from borisbsd@gmail.com) Received: from mail-qt0-x236.google.com (mail-qt0-x236.google.com [IPv6:2607:f8b0:400d:c0d::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3719D7C8E6 for ; Tue, 22 Aug 2017 08:49:00 +0000 (UTC) (envelope-from borisbsd@gmail.com) Received: by mail-qt0-x236.google.com with SMTP id d15so23394955qta.0 for ; Tue, 22 Aug 2017 01:49:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=l1ey2MnPqeWMF4LolQnt/e+lx1HqE5KF6B3MyGqXpaU=; b=a/hjpPlR4V1M/iwQQRSt5+0wtcELSaXdBbv5FUDXZ5MCbTBFH5BYSMUF4iAqzW7ksc e43jd2IICxqwmwX5ClMsP6J3HioW7CY6fBdRb2mzh8OJ6T8YdfSthoaX/clMAceooIFI l8d9sigBaE5jab3utktouUCI0hGPNNCHmOHAo/dgo5dKzaW8sSCxNdTnjBXKR8s95sQ0 DZ5IK2g0Xt/amADpmBFHjGoOKY3DButLqEDcQZ1jJwGv+FSzz0Q7PT8OGfQnohriMMg/ 3QC1iG68lT1AQGlWyS3VY/jVSzaDm4jI0iEahbpDDvl4Je0Y2iGEWISL6S/etAV9quRs OoWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=l1ey2MnPqeWMF4LolQnt/e+lx1HqE5KF6B3MyGqXpaU=; b=Gh8psLXUp++KBwpsqmafHaM9cNm/aNNA3kvgCqVcX/yBJo2WptOb+60viW8+p9JZot c41Bin1z1qqNPSOy7DOxEpTnOXCXzw10Zvx4C5JvJe9JQedfvvRTDgAkeePzBiE6+bU8 PJBiW9Iky1NUyybxL2jYXGEYFgCs70TgIJjQ7yw98rapoI+cJfFmsnTD7S6PaklKzRcs 8tjVZdHhmo0w5dWVtbxUNgE3mxDRuzo0vHsQOhZ4TrkOe1BI9kfNyoZcrUg9pZwRTqGl uTxWU1WhTWLbapS6ZicADdH28Ghlg/g8Pyw+4iiWBw7XGc+7KCZ0CA5ZLf2amRofrmvV kS0w== X-Gm-Message-State: AHYfb5hzem+38CyuDKW3v1vCw51E7PUsCtplr/+qe2G1Gyau3Q5YEdi5 q0qyHZeH4Dy+MidDF4yNpPZsz9JvZQ== X-Received: by 10.200.55.51 with SMTP id o48mr27852206qtb.120.1503391739337; Tue, 22 Aug 2017 01:48:59 -0700 (PDT) MIME-Version: 1.0 Received: by 10.140.82.166 with HTTP; Tue, 22 Aug 2017 01:48:58 -0700 (PDT) In-Reply-To: <599BEEEF.7080807@grosbein.net> References: <599B8576.8030801@grosbein.net> <599BEEEF.7080807@grosbein.net> From: Boris Date: Tue, 22 Aug 2017 04:48:58 -0400 Message-ID: Subject: Re: bridge interface IP connectivity issue when using oce interface To: Eugene Grosbein Cc: freebsd-net@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Aug 2017 08:49:00 -0000 I own the upstream network and have full access to it. It is configured as a simple router interface (Cisco device). Before looking at that element (which I am not minimizing in the overall issue), shouldn't the VM be able to reach the IP setup on the bridge? At the moment, that does not work and it is very much local to the host. Any thoughts? On Tue, Aug 22, 2017 at 4:44 AM, Eugene Grosbein wrote: > On 22.08.2017 15:39, Boris wrote: > > Ok thanks Eugene. > > net.link.bridge.inherit_mac=1 helped get the connectivity from the > bridge however, when I start a FreeBSD bhyve VM and attached that to a tap > interface in the bridge, I don't get connectivity from the VM. > > > > SETUP: > > Gateway - 192.168.0.222/29 > > Server - 192.168.0.218/29 > > VM - 192.168.0.219/29 > > > > On the VM, I see the ARP entries for the GW and the VM itself but cannot > ping the gateway nor the host. > > This means your uplink filters traffic of your VM due to its fabricated > MAC address. > You should ask administrator of switching network you are connected to for > assistance or > hide your VM behind NAT using bridging VM traffic with tap(4) interface > instead > of real one or bridge and do routing/NAT for VM. > >