Date: Thu, 23 Jan 2025 10:18:01 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 238198] Traffic through a vm -> bridge(4) -> vlan -> ix(4) does not return Message-ID: <bug-238198-7501-dweo3ZRcuf@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-238198-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-238198-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238198 vlad <vladi.kamburov@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vladi.kamburov@gmail.com --- Comment #17 from vlad <vladi.kamburov@gmail.com> --- Hi there. Are there any solutions about the reported issue? Because I ran into the same tag-vlan bridge related bug on FreeBSD 14.2 release. A brief netflow topology of my vm-bhyve setup config: vm-guest -> tap_if -> bridge -> lagg0.101 -> lagg0 -> switch link aggregation(lacp proto). My configuration: The bridge and interface configuration was made trough a vm-bhyve utilities: I have two bridges:=20 First for all permitted tagged/untagged traffic # ifconfig vm-prod-untag vm-prod-untag: flags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER= _UP> metric 0 mtu 1500 options=3D0 ether 76:af:6f:48:e6:44 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: tap0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 10 priority 128 path cost 2000000 member: lagg0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 6 priority 128 path cost 10000 groups: bridge vm-switch viid-688c3@ nd6 options=3D9<PERFORMNUD,IFDISABLED> Second for tagged vlan101 # ifconfig vm-mgmt-v101 vm-mgmt-v101: flags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_= UP> metric 0 mtu 1500 options=3D0 ether 6e:09:e8:bd:9e:bb id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: tap1 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 11 priority 128 path cost 2000000 member: lagg0.101 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 9 priority 128 path cost 10000 groups: bridge vm-switch viid-55f45@ nd6 options=3D9<PERFORMNUD,IFDISABLED> # ifconfig lagg0.101 lagg0.101: flags=3D1008943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,LOWER_UP> me= tric 0 mtu 1500 description: vm-vlan/mgmt-v101/lagg0.101 options=3D0 ether 3c:ec:ef:f5:f0:54 groups: vlan vm-vlan viid-c50e3@ vlan: 101 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> # ifconfig lagg0 lagg0: flags=3D1008943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,LOWER= _UP> metric 0 mtu 1500 =20=20=20=20=20=20=20 options=3D8120b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_MAGIC,VL= AN_HWFILTER,HWSTATS> ether 3c:ec:ef:f5:f0:54 hwaddr 00:00:00:00:00:00 laggproto lacp lagghash l2,l3 laggport: igb2 flags=3D1c<ACTIVE,COLLECTING,DISTRIBUTING> laggport: igb3 flags=3D1c<ACTIVE,COLLECTING,DISTRIBUTING> groups: lagg media: Ethernet autoselect status: active nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> # vm switch list NAME TYPE IFACE ADDRESS PRIVATE MTU VLAN PORTS prod-untag standard vm-prod-untag - no - - lagg0 mgmt-v101 standard vm-mgmt-v101 - no - 101 lagg0 # vm switch info ------------------------ Virtual Switch: prod-untag ------------------------ type: standard ident: vm-prod-untag vlan: - physical-ports: lagg0 bytes-in: 249898 (244.041K) bytes-out: 0 (0.000B) virtual-port device: tap0 vm: devuan5 ------------------------ Virtual Switch: mgmt-v101 ------------------------ type: standard ident: vm-mgmt-v101 vlan: 101 physical-ports: lagg0 bytes-in: 78782 (76.935K) bytes-out: 0 (0.000B) virtual-port device: tap1 vm: devuan5 On the guest-vm tap1 interface the broadcast/multicast traffic on given vla= n is monitored: 13:36:54.002150 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:36:54.678090 e4:4e:2d:20:73:b0 > 01:00:0c:cc:cc:cd, 802.3, length 50: LL= C, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid PVST (0x010b), length 42: STP 802.1w, Rapid STP, Flags [Lea= rn, Forward], bridge-id 8065.e4:4e:2d:20:73:80.8030, length 42 13:36:55.332705 18:e8:29:e0:8f:af > 01:00:5e:7e:7f:3f, ethertype IPv4 (0x08= 00), length 60: 192.168.101.18 > 239.254.127.63: igmp v2 report 239.254.127.63 13:36:55.472674 a8:42:a1:3e:ad:3d > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 766: 192.168.101.56.32953 > 255.255.255.255.29810: UDP, length 724 13:36:55.503004 a8:42:a1:3e:ae:95 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 765: 192.168.101.50.45589 > 255.255.255.255.29810: UDP, length 723 At the bridge level MAC addresses are learned also # ifconfig vm-mgmt-v101 addr 3c:ec:ef:ed:ba:23 Vlan0 lagg0.101 1161 flags=3D0<> 18:e8:29:e0:8f:af Vlan0 lagg0.101 1179 flags=3D0<> 80:2a:a8:56:06:d8 Vlan0 lagg0.101 1194 flags=3D0<> a8:42:a1:3e:ae:2e Vlan0 lagg0.101 1190 flags=3D0<> a8:42:a1:3e:ae:1a Vlan0 lagg0.101 1199 flags=3D0<> a8:42:a1:3e:ae:5a Vlan0 lagg0.101 1199 flags=3D0<> a8:42:a1:3e:ae:9f Vlan0 lagg0.101 1197 flags=3D0<> a8:42:a1:3e:ae:0c Vlan0 lagg0.101 1197 flags=3D0<> a8:42:a1:3e:ad:70 Vlan0 lagg0.101 1195 flags=3D0<> a8:42:a1:3e:ae:11 Vlan0 lagg0.101 1194 flags=3D0<> a8:42:a1:3e:ad:3d Vlan0 lagg0.101 1193 flags=3D0<> a8:42:a1:3e:ae:95 Vlan0 lagg0.101 1193 flags=3D0<> e4:4e:2d:20:73:b0 Vlan0 lagg0.101 1199 flags=3D0<> 58:9c:fc:03:ff:48 Vlan0 tap2 1196 flags=3D0<> Debugging: When i start dhclient on guest vm, on the lagg0.101 only DHCP Requests are monitored. # tcpdump -ni lagg0.101 -e port 67 or port 68 -n tcpdump: verbose output suppressed, use -v[v]... for full protocol decode listening on lagg0.101, link-type EN10MB (Ethernet), snapshot length 262144 bytes 13:50:20.685895 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:24.542102 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:27.733103 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 On the lagg0 DHCP Request and DHCP Reply are monitored tcpdump -ni lagg0 -e vlan 101 and port 67 or port 68 -n tcpdump: verbose output suppressed, use -v[v]... for full protocol decode listening on lagg0, link-type EN10MB (Ethernet), snapshot length 262144 byt= es 13:50:20.685898 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:20.686402 d2:f7:aa:37:2c:73 > 58:9c:fc:03:ff:48, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 192.168.101.1= .67 > 192.168.101.165.68: BOOTP/DHCP, Reply, length 300 13:50:24.542106 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:24.542858 d2:f7:aa:37:2c:73 > 58:9c:fc:03:ff:48, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 192.168.101.1= .67 > 192.168.101.165.68: BOOTP/DHCP, Reply, length 300 In inbound direction somewhere between lagg0 -> lagg0.101 unicast packets a= re lost. ARP proto, the same situation. If I remove lagg0 as a member from the bridge vm-prod-untag, on the other vm-mgmt-v101 bridge the unicast tagged packets appears. No matters if we use link-aggregation lagg or physical igbX interface. Solution can be to use only tagged vlans on the same parent interface, or untagged traffic to be configured on a standalone interface. Regards, --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-238198-7501-dweo3ZRcuf>