Date: Fri, 15 Mar 2019 09:10:50 -0700 (PDT) From: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net> To: Harry Schmalzbauer <freebsd@omnilan.de> Cc: Eric Bautsch <eric.bautsch@pobox.com>, net@freebsd.org Subject: Re: Bridges on VLAN-tagged interfaces. Message-ID: <201903151610.x2FGAorV030872@gndrsh.dnsmgr.net> In-Reply-To: <716a2edd-96f5-c263-2bd4-38a30808f241@omnilan.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> Am 11.03.2019 um 11:48 schrieb Eric Bautsch: > ? > > |ifconfig bridge create ifconfig bridge1 addm re0.33| > > > > If I now put an IP on that bridge instead of re0.33, it does not ping. > > > > If I do a broadcast ping from another host on that network thus > > (Solaris system issuing the ping): > > ping -sn 192.168.33.255 > > > > I can see packets arriving if I |tcpdump -i re0.33| and if I |tcpdump > > -i bridge1| > > However, on neither interface do I see any pings coming in when I ping > > it's own address (in this case 192.168.33.20). > > IP stack processes them without passing it to the interface(s), so > that's not unusual. > > > > The Solaris system issuing the pings has learned the arp address of > > the bridge though: > > Code: > > > > |root@gaspra # arp -an | grep 192.168.33.20 net1 192.168.33.20 > > 255.255.255.255 02:a7:91:b6:3a:01| > > > > If I |tcpdump -i bridge1|, I do get some packets, but not any echo > > requests: > > Code: > > > > |root@bianca # tcpdump -i bridge1 tcpdump: verbose output suppressed, > > use -v or -vv for full protocol decode listening on bridge1, link-type > > EN10MB (Ethernet), capture size 262144 bytes 11:05:26.081185 ARP, > > Request who-has 192.168.33.20 (Broadcast) tell > > juliet-punchin.swangage.co.uk, length 46 11:05:26.081197 ARP, Reply > > 192.168.33.20 is-at 02:a7:91:b6:3a:01 (oui Unknown), length 28 > > 11:05:38.201079 IP6 fe80::7285:c2ff:fea6:583c > ff02::2: ICMP6, router > > solicitation, length 16 11:06:04.079441 ARP, Request who-has > > 192.168.33.20 (Broadcast) tell juliet-punchin.swangage.co.uk, length > > 46 11:06:04.079464 ARP, Reply 192.168.33.20 is-at 02:a7:91:b6:3a:01 > > (oui Unknown), length 28 11:06:17.588644 ARP, Request who-has > > 192.168.33.20 (Broadcast) tell gaspra-punchin.swangage.co.uk, length > > 46 11:06:17.588665 ARP, Reply 192.168.33.20 is-at 02:a7:91:b6:3a:01 > > (oui Unknown), length 28| > > If I read it corretcly, all you get are ethernet broadcast frames. > (Hard) Reading next: > ? > > |root@bianca # ifconfig -a re0: > > flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 > > mtu 1500 > > options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE> > > ether 80> > <full-duplex,master>) status: active nd6 > > options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> lo0: > > flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > > options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> inet6 > > ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet > > 127.0.0.1 netmask 0xff000000 groups: lo nd6 > > options=21<PERFORMNUD,AUTO_LINKLOCAL> bridge0: > > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > > ether 02:a7:91:b6:3a:00 inet 192.168.140.85 netmask 0xffffff00 > > broadcast 192.168.140.255 id 00:00:00:00:00:00 priority 32768 > > hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 > > timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 > > member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 > > port 1 priority 128 path cost 55 groups: bridge nd6 > > options=9<PERFORMNUD,IFDISABLED> re0.33: > > flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 > > mtu 1500 options=80003<RXCSUM,TXCSUM,LINKSTATE> ether > > 80> > scopeid 0x4 groups: vlan vlan: 33 vlanpcp: 0 parent interface: re0 > > media: Ethernet autoselect (1000baseT <full-duplex,master>) status: > > active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> bridge1: > > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > > ether 02:a7:91:b6:3a:01 inet 192.168.33.20 netmask 0xffffff00 > > broadcast 192.168.33.255 id 00:00:00:00:00:00 priority 32768 hellotime > > 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 > > root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: > > re0.33 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port > > 4 priority 128 path cost 20000 groups: bridge nd6 > > options=9<PERFORMNUD,IFDISABLED> root@bianca #| > > Here you have a universally administered addresses (UAA) on the parent > interface re0, which is the same for the vlan clone re0.33, and a > locally administered addresses (LAA) on if_bridge(4), which was verified > to be announced. > In order to get through the MAC filter of the ethernet interface, re0.33 > must be in PROMISC mode. > I remember having seen two different PROMISC interface status ? never > tracked it down.? But issuing 'ifconfig re0.33 promisc' might result in > a second PROMISC status report on re0.33 and a working setup... > If so, one has to discover the mystery of the 1st PROMISC status report, > and file a bug reports probably. Oh, I think you just tickled a brain cell on another problem I was seeing in another place with bhyve, bridges and taps. I need to recreate that configuration and see if infact it is a missing promisc on an interface. Thank YOU! > Best, > -harry -- Rod Grimes rgrimes@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903151610.x2FGAorV030872>