Site Navigation

Date:      Sun, 25 Oct 2020 10:24:39 -0400
From:      D'Arcy Cain <darcy@druid.net>
To:        "Patrick M. Hausen" <hausen@punkt.de>
Cc:        freebsd-virtualization@freebsd.org
Subject:   Re: When is a switch not a switch?
Message-ID:  <f055d428-c798-f89f-04d7-09c99ef280e5@druid.net>
In-Reply-To: <FEAD843A-6E76-4299-A94F-7D4ECEB098FD@punkt.de>
References:  <57c32e6d-5572-3d3b-1a57-f3064bee7dc2@druid.net> <20201020065630.GE8272@funkthat.com> <CF189122-7D85-4BF1-9172-75D3EE0E77FB@punkt.de> <3ed627e2-d99a-107e-4135-8aef1ad4ec71@druid.net> <30A67F82-312E-4651-A5E7-2E2AD926FF24@punkt.de> <973b1b56-817f-6976-e5d3-34cfbc373b13@druid.net> <A075C069-1F89-428C-BDB7-7A9F44A4E283@punkt.de> <723CA318-80E9-4A6B-91ED-E791A40CC2C0@punkt.de> <6267599d-bc0c-6d63-bb19-1fc695e53997@druid.net> <FEAD843A-6E76-4299-A94F-7D4ECEB098FD@punkt.de>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--b28Edaxb4rJte3P4Mkhyg1ZusbveN6OZU
Content-Type: multipart/mixed; boundary="gXrCwi2FejhHNXak221rPcTwJE2IjpmFG";
 protected-headers="v1"
From: D'Arcy Cain <darcy@druid.net>
To: "Patrick M. Hausen" <hausen@punkt.de>
Cc: freebsd-virtualization@freebsd.org
Message-ID: <f055d428-c798-f89f-04d7-09c99ef280e5@druid.net>
Subject: Re: When is a switch not a switch?
References: <57c32e6d-5572-3d3b-1a57-f3064bee7dc2@druid.net>
 <20201020065630.GE8272@funkthat.com>
 <CF189122-7D85-4BF1-9172-75D3EE0E77FB@punkt.de>
 <3ed627e2-d99a-107e-4135-8aef1ad4ec71@druid.net>
 <30A67F82-312E-4651-A5E7-2E2AD926FF24@punkt.de>
 <973b1b56-817f-6976-e5d3-34cfbc373b13@druid.net>
 <A075C069-1F89-428C-BDB7-7A9F44A4E283@punkt.de>
 <723CA318-80E9-4A6B-91ED-E791A40CC2C0@punkt.de>
 <6267599d-bc0c-6d63-bb19-1fc695e53997@druid.net>
 <FEAD843A-6E76-4299-A94F-7D4ECEB098FD@punkt.de>
In-Reply-To: <FEAD843A-6E76-4299-A94F-7D4ECEB098FD@punkt.de>

--gXrCwi2FejhHNXak221rPcTwJE2IjpmFG
Content-Type: multipart/mixed;
 boundary="------------7DBD9B51885192124662C926"
Content-Language: en-US

This is a multi-part message in MIME format.
--------------7DBD9B51885192124662C926
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable

On 10/22/20 3:56 AM, Patrick M. Hausen wrote:
> Hi!
>=20
>> Am 22.10.2020 um 04:47 schrieb D'Arcy Cain <darcy@druid.net>:
>> public: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 =
mtu 1500
>>         ether 02:9d:b2:b8:78:00
>>         inet 98.158.139.65 netmask 0xffffffe0 broadcast 98.158.139.95
>>         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
>>         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
>>         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
>>         member: eth0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>>                 ifmaxaddr 0 port 1 priority 128 path cost 55
>>         groups: bridge
>>         nd6 options=3D9<PERFORMNUD,IFDISABLED>
>> tap0: [...]
>=20
> tap0 is not a member of your bridge. With the VM running you can try
>=20
> 	ifconfig public addm tap0
>=20
> and check if that changes things.

Things got stranger.  First of all, here is my current setup:

In rc.conf:
   set -- $(/sbin/ifconfig -l ether); eth0=3D$1 eth1=3D$2
   eval "ifconfig_${eth0}_name=3D\"eth0\""
   eval "ifconfig_${eth1}_name=3D\"eth1\""
   ifconfig_eth0=3D"-tso -lro -rxcsum -rxcsum6 -txcsum -txcsum6 -vlanhwta=
g=20
-vlanhwtso up"

In rc.local:
   vm switch create public
   vm switch add public eth0
   ifconfig vm-public inet 0x629e8b41/27
   ifconfig vm-public inet6 2605:2600:1001::41/64
   route add default 98.158.139.94
   route add -inet6 default 2605:2600:1001::1

This works just like a number of previous attempts.  I can ping any site =
in=20
the world but, other than to the host, I can't connect by TCP.  My test i=
s=20
ssh.  But now I just noticed that I can ssh into one other server on my=20
network.  The only difference that I can find is that the one that I can =

connect to has a HP NC382i DP Multifunction Gigabit Server Adapter - bce(=
5).=20
  It's the only one in the network with that adapter.  The host and many =

other servers are bge(5).  Here are the ifconfig entries:

eth0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric=
 0=20
mtu 1500
         options=3D80088<VLAN_MTU,VLAN_HWCSUM,LINKSTATE>
         ether 14:02:ec:31:60:d0
         media: Ethernet autoselect (1000baseT <full-duplex,master>)
         status: active
         nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vm-public: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 =
mtu 1500
         ether 1a:d8:8b:3e:51:87
         inet 98.158.139.65 netmask 0xffffffe0 broadcast 98.158.139.95
         inet6 2605:2600:1001::41 prefixlen 64
         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
         member: tap0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                 ifmaxaddr 0 port 8 priority 128 path cost 2000000
         member: eth0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                 ifmaxaddr 0 port 1 priority 128 path cost 20000
         groups: bridge vm-switch viid-4c918@
         nd6 options=3D1<PERFORMNUD>

And the remote:
bce0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric=
 0=20
mtu 1500
options=3Dc00b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN=
_HWTSO,LINKSTATE>
         ether 3c:d9:2b:f9:e2:10
         inet 98.158.139.77 netmask 0xffffffe0 broadcast 98.158.139.95
         inet6 fe80::3ed9:2bff:fef9:e210%bce0 prefixlen 64 scopeid 0x1
         inet6 2605:2600:1001::4d prefixlen 64
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active
         nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>

That PROMISC flag looked promising but turning it on on other servers did=
n't=20
help.  In any case I hope I can fix this on my host.  I think that I may =

find it hard to have everyone else in the world change their system.

--=20
D'Arcy J.M. Cain <darcy@druid.net>         |  Democracy is three wolves
http://www.druid.net/darcy/                |  and a sheep voting on
+1 416 788 2246     (DoD#0082)    (eNTP)   |  what's for dinner.
IM: darcy@VybeNetworks.com, VoIP: sip:darcy@druid.net

Disclaimer: By sending an email to ANY of my addresses you
are agreeing that:

1.  I am by definition, "the intended recipient".
2.  All information in the email is mine to do with as I see
     fit and make such financial profit, political mileage, or
     good joke as it lends itself to. In particular, I may quote
     it where I please.
3.  I may take the contents as representing the views of
     your company if I so wish.
4.  This overrides any disclaimer or statement of
     confidentiality that may be included or implied in
     your message.

--------------7DBD9B51885192124662C926--

--gXrCwi2FejhHNXak221rPcTwJE2IjpmFG--

--b28Edaxb4rJte3P4Mkhyg1ZusbveN6OZU
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

wnsEABYIACMWIQSQJTNYM0vv3aTmBCs/5DDweYZnXQUCX5WKpwUDAAAAAAAKCRA/5DDweYZnXc/5
AP4r231EOKLedkQEeL6QSmHd+N16Bk5+nNQGC0N16Q7VugD/dej98JwAa2CKJwdeQ0e57g3Szvw/
iwZRbnwyBd5+PwI=
=5qbc
-----END PGP SIGNATURE-----

--b28Edaxb4rJte3P4Mkhyg1ZusbveN6OZU--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f055d428-c798-f89f-04d7-09c99ef280e5>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact