From owner-freebsd-virtualization@freebsd.org Thu Oct 22 07:56:44 2020 Return-Path: Delivered-To: freebsd-virtualization@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 491E0441E03 for ; Thu, 22 Oct 2020 07:56:44 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from mail.punkt.de (mail.punkt.de [IPv6:2a00:b580:8000:11:1c6b:7032:35e9:5616]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CH07H1n46z4W6C for ; Thu, 22 Oct 2020 07:56:43 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from [217.29.46.74] (kagate.punkt.de [217.29.33.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.punkt.de (Postfix) with ESMTPSA id B8559149B1; Thu, 22 Oct 2020 09:56:40 +0200 (CEST) From: "Patrick M. Hausen" Message-Id: Content-Type: multipart/signed; boundary="Apple-Mail=_A83E54F4-A6CC-4CAB-ADD4-1DE2A8FE37F2"; protocol="application/pgp-signature"; micalg=pgp-sha256 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\)) Subject: Re: When is a switch not a switch? Date: Thu, 22 Oct 2020 09:56:39 +0200 In-Reply-To: <6267599d-bc0c-6d63-bb19-1fc695e53997@druid.net> Cc: freebsd-virtualization@freebsd.org To: D'Arcy Cain References: <57c32e6d-5572-3d3b-1a57-f3064bee7dc2@druid.net> <20201020065630.GE8272@funkthat.com> <3ed627e2-d99a-107e-4135-8aef1ad4ec71@druid.net> <30A67F82-312E-4651-A5E7-2E2AD926FF24@punkt.de> <973b1b56-817f-6976-e5d3-34cfbc373b13@druid.net> <723CA318-80E9-4A6B-91ED-E791A40CC2C0@punkt.de> <6267599d-bc0c-6d63-bb19-1fc695e53997@druid.net> X-Mailer: Apple Mail (2.3445.104.17) X-Rspamd-Queue-Id: 4CH07H1n46z4W6C X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of hausen@punkt.de designates 2a00:b580:8000:11:1c6b:7032:35e9:5616 as permitted sender) smtp.mailfrom=hausen@punkt.de X-Spamd-Result: default: False [-3.28 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:b580::/32]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; HAS_ATTACHMENT(0.00)[]; ARC_NA(0.00)[]; DMARC_NA(0.00)[punkt.de]; NEURAL_HAM_LONG(-1.00)[-0.998]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.39)[-0.386]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-0.99)[-0.995]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:16188, ipnet:2a00:b580::/32, country:DE]; SUBJECT_ENDS_QUESTION(1.00)[]; MAILMAN_DEST(0.00)[freebsd-virtualization]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Oct 2020 07:56:44 -0000 --Apple-Mail=_A83E54F4-A6CC-4CAB-ADD4-1DE2A8FE37F2 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi! > Am 22.10.2020 um 04:47 schrieb D'Arcy Cain : > public: flags=3D8843 metric 0 = mtu 1500 > ether 02:9d:b2:b8:78:00 > inet 98.158.139.65 netmask 0xffffffe0 broadcast 98.158.139.95 > id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 > maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 > root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 > member: eth0 flags=3D143 > ifmaxaddr 0 port 1 priority 128 path cost 55 > groups: bridge > nd6 options=3D9 > tap0: [...] tap0 is not a member of your bridge. With the VM running you can try ifconfig public addm tap0 and check if that changes things. Then go back to the drawing board and probably let vm-bhyve manage all that stuff. Just make sure to configure your physical interface with the hardware acceleration features disabled. You *can* put the IP address on the physical interface and have vm-bhyve create the bridge. I honestly don't know why the documentation explicitly states that you should not. FreeNAS has been running like = this for years and only supports the "correct" configuration since 11.3 or = so. On the other hand coming from Cisco and friends putting the address on the topmost layer 3 interface does make perfect sense to me - so e.g. on a Cisco switch you have physical ports that are members of a VLAN and if you run anything layer 3 on that box, of course the address goes on the VLAN, not the port ... But give vm-bhyve a spin with the address on the physical. Or use two different physical interfaces - one for the host, one for the "public" = bridge. HTH, Patrick -- punkt.de GmbH Patrick M. Hausen .infrastructure Kaiserallee 13a 76133 Karlsruhe Tel. +49 721 9109500 https://infrastructure.punkt.de info@punkt.de AG Mannheim 108285 Gesch=C3=A4ftsf=C3=BChrer: J=C3=BCrgen Egeling, Daniel Lienert, Fabian = Stein --Apple-Mail=_A83E54F4-A6CC-4CAB-ADD4-1DE2A8FE37F2 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEgzqrjO/mj9CSsTg2kG8u4u3aiVwFAl+ROzcACgkQkG8u4u3a iVygIAgAsfdcJLK9HQXeSTjdcckL50UsVuMWXIPat029dNlfm8GUyPlDoU3/axfg m6xsDj0cy4UGW20ZHjl+7vsF5UvgjSU7CNg1iF08Z8X4PscIiUj7oX6b034HG52U 6NQ/H9ma22pum+ae6/73hU9+sgftHqXuMo4Akbis4qRTsMtviBaaW++B/pVt40nS 6aAKN/75srHfcL7lE9rkAk3fku+wGwje3X7s6ZYuSRZcXotuvwrMOEyIcaUlSONF a1UfL4vWsBWddFt4qx7gO40C6nDIxK31qaQQEReY9Pgbd+7Ds/04mKTigt+lU+oZ Qti3b41klkPvrf6p99IiX1nG4tGT2g== =JDnA -----END PGP SIGNATURE----- --Apple-Mail=_A83E54F4-A6CC-4CAB-ADD4-1DE2A8FE37F2--