Date: Sun, 18 May 2025 19:53:14 +0100 From: Jessica Clarke <jrtc27@freebsd.org> To: Mitchell Horne <mhorne@freebsd.org> Cc: Lexi Winter <ivy@FreeBSD.org>, "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@FreeBSD.org> Subject: Re: git: b61850c4e6f6 - main - bridge(4): default net.link.bridge.member_ifaddrs to false Message-ID: <E0215FA7-F317-48EE-954C-15B0FA0ED7F3@freebsd.org> In-Reply-To: <d839f137-b43b-416b-968f-439301f0a5c6@freebsd.org> References: <202505150004.54F04FhR046897@gitrepo.freebsd.org> <d839f137-b43b-416b-968f-439301f0a5c6@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17 May 2025, at 22:18, Mitchell Horne <mhorne@freebsd.org> wrote: > On 5/14/25 21:04, Lexi Winter wrote: >> The branch main has been updated by ivy: >>=20 >> URL: = https://cgit.FreeBSD.org/src/commit/?id=3Db61850c4e6f6b0f21b36da7238db969d= 9090309e >>=20 >> commit b61850c4e6f6b0f21b36da7238db969d9090309e >> Author: Lexi Winter <ivy@FreeBSD.org> >> AuthorDate: 2025-05-14 14:26:24 +0000 >> Commit: Lexi Winter <ivy@FreeBSD.org> >> CommitDate: 2025-05-15 00:02:52 +0000 >>=20 >> bridge(4): default net.link.bridge.member_ifaddrs to false >>=20 >> As discussed on arch@, this behaviour is broken and confuses = users, so >> disable it by default. For 15.0-RELEASE, allow it to be = re-enabled >> using a sysctl, but the sysctl will be removed in 16.0R. >>=20 >=20 > Hi Lexi, >=20 > I just updated my workstation past this commit. I found that my main > ethernet interface didn't receive an IP address, and had to set the > sysctl to proceed as before. >=20 > I have the following network configuration lines in my rc.conf: >=20 > ifconfig_re0=3D"DHCP" > cloned_interfaces=3D"bridge0 tap0" > ifconfig_bridge0=3D"addm re0 addm tap0 up" I also have a setup like this, as I suspect many do. The handbook even gives this configuration in places[1] (though note it=E2=80=99s = inconsistent in whether the interface or bridge should have the address). The lack of interaction with devd to automatically run dhclient as re0 comes and goes is also rather sucky, especially if re0 is wlan0. I appreciate that there may well be good technical reasons why this shouldn=E2=80=99t = be what people do, but (a) it is for specifically this case and I think it=E2=80=99s a bit shortsighted to go and break something we still = document today as correct (b) the UX needs improving specifically for bridging a real interface to one or more tap ones before we enforce this. Jess [1] = https://docs.freebsd.org/en/books/handbook/virtualization/#virtualization-= bhyve-prep > The simple setup is so that I can pass the tap0 device to QEMU/bhyve = VMs > for networking. >=20 > What adjustment do I need to make to the above configuration to = achieve > the intended result "correctly"? I understand it is probably an easy > fix, but I have a neanderthal's understanding of ifconfig :) >=20 > Many thanks, > Mitchell >=20 >> Relnotes: yes >> Reviewed by: kp, des >> Approved by: des (mentor) >> Differential Revision: https://reviews.freebsd.org/D50328 >> --- >> UPDATING | 5 +++++ >> share/man/man4/bridge.4 | 18 ++++++++++++------ >> sys/net/if_bridge.c | 4 ++-- >> 3 files changed, 19 insertions(+), 8 deletions(-) >>=20 >> diff --git a/UPDATING b/UPDATING >> index d46db9e13794..ce2b60ea9353 100644 >> --- a/UPDATING >> +++ b/UPDATING >> @@ -27,6 +27,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 15.x IS = SLOW: >> world, or to merely disable the most expensive debugging = functionality >> at runtime, run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) >>=20 >> +20250513: >> + The bridge(4) sysctl net.link.bridge.member_ifaddrs now defaults to = 0, >> + meaning that interfaces added to a bridge may not have IP addresses >> + assigned. Refer to bridge(4) for more information. >> + >> 20250507: >> UMASS quirks and auto-quirk probing has been overhauled. CAM now = won't >> send SYNCHRONIZE CACHE unless MODE PAGE 8 is present and valid. This >> diff --git a/share/man/man4/bridge.4 b/share/man/man4/bridge.4 >> index 2c3bfd6aedfa..45dea82325bc 100644 >> --- a/share/man/man4/bridge.4 >> +++ b/share/man/man4/bridge.4 >> @@ -36,7 +36,7 @@ >> .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF = ADVISED OF THE >> .\" POSSIBILITY OF SUCH DAMAGE. >> .\" >> -.Dd May 5, 2025 >> +.Dd May 13, 2025 >> .Dt IF_BRIDGE 4 >> .Os >> .Sh NAME >> @@ -163,14 +163,20 @@ To allow the host to communicate with bridge = members, IP addresses >> should be assigned to the >> .Nm >> interface itself, not to the bridge's member interfaces. >> -Assigning IP addresses to bridge member interfaces is unsupported, = but >> -for backward compatibility, it is permitted if the >> +Attempting to assign an IP address to a bridge member interface, or = add >> +a member interface with an assigned IP address to a bridge, will = return >> +an >> +.Dv EINVAL >> +.Dq ( "Invalid argument" ) >> +error. >> +For compatibility with older releases where this was permitted, = setting >> +the >> .Xr sysctl 8 >> variable >> .Va net.link.bridge.member_ifaddrs >> -is set to 1, which is the default. >> -In a future release, this sysctl may be set to 0 by default, or may = be >> -removed entirely. >> +to 1 will permit this configuration. >> +This sysctl variable will be removed in >> +.Fx 16.0. >> .Sh IPV6 SUPPORT >> .Nm >> supports the >> diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c >> index 199418c4aa99..475977adf68a 100644 >> --- a/sys/net/if_bridge.c >> +++ b/sys/net/if_bridge.c >> @@ -504,10 +504,10 @@ SYSCTL_BOOL(_net_link_bridge, OID_AUTO, = log_mac_flap, >> "Log MAC address port flapping"); >>=20 >> /* allow IP addresses on bridge members */ >> -VNET_DEFINE_STATIC(bool, member_ifaddrs) =3D true; >> +VNET_DEFINE_STATIC(bool, member_ifaddrs) =3D false; >> #define V_member_ifaddrs VNET(member_ifaddrs) >> SYSCTL_BOOL(_net_link_bridge, OID_AUTO, member_ifaddrs, >> - CTLFLAG_RW | CTLFLAG_VNET, &VNET_NAME(member_ifaddrs), true, >> + CTLFLAG_RW | CTLFLAG_VNET, &VNET_NAME(member_ifaddrs), false, >> "Allow layer 3 addresses on bridge members"); >>=20 >> static bool
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0215FA7-F317-48EE-954C-15B0FA0ED7F3>