From nobody Thu Sep 4 11:22:49 2025 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cHcXT6Q2Gz65p1V for ; Thu, 04 Sep 2025 11:22:49 +0000 (UTC) (envelope-from ronald-lists@klop.ws) Received: from csmtpq4-prd-nl1-vfz.edge.unified.services (csmtpq4-prd-nl1-vfz.edge.unified.services [84.116.50.10]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4cHcXT4M5wz4FTM for ; Thu, 04 Sep 2025 11:22:49 +0000 (UTC) (envelope-from ronald-lists@klop.ws) Authentication-Results: mx1.freebsd.org; none Received: from csmtp6-prd-nl1-vfz.nl1.unified.services ([100.107.80.89] helo=csmtp6-prd-nl1-vfz.edge.unified.services) by csmtpq4-prd-nl1-vfz.edge.unified.services with esmtp (Exim 4.95) (envelope-from ) id 1uu83D-004681-B5 for net@freebsd.org; Thu, 04 Sep 2025 13:22:47 +0200 Received: from [192.168.11.193] ([83.81.212.149]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 256/256 bits) (Client did not present a certificate) by csmtp6-prd-nl1-vfz.edge.unified.services with ESMTPSA id u83CuCXBFNfllu83CueG9Q; Thu, 04 Sep 2025 13:22:47 +0200 X-Env-Mailfrom: ronald-lists@klop.ws X-Env-Rcptto: net@freebsd.org X-SourceIP: 83.81.212.149 X-CNFS-Analysis: v=2.4 cv=ZaXnNtVA c=1 sm=1 tr=0 ts=68b97687 cx=a_exe a=Nc53Z2ow9H1LzmqsIe95fw==:117 a=Nc53Z2ow9H1LzmqsIe95fw==:17 a=IkcTkHD0fZMA:10 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=rOx9sIFfjiGhwqEi5M4A:9 a=QEXdDO2ut3YA:10 a=0EyHQldr3sK6dN3ijPvV:22 X-Authenticated-Sender: emnvandam@casema.nl Message-ID: <1a91faca-69ef-410d-95ad-2d371c84f759@klop.ws> Date: Thu, 4 Sep 2025 13:22:49 +0200 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: bridge new vlan and iftagged "none" To: net@freebsd.org References: <481902534.1074.1756977663370@localhost> Content-Language: en-US From: Ronald Klop Cc: Lexi Winter In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4xfIP9nFtfFulhv+DuoUz2UxevfL8uf7X03imz6TnUxLYOHqHcH7Ax2IkAs/OiuV6fEkspQ5vr8UTd2K2iO2afE0r0kH0Jrrww13c2AbVBJISAAVADm4n4 2psOOLmAXGhoNPwgyor5M9Kz9KwSYBUL39gcZx4KAqYfSJ/11V6eVZ++Tid4KOa2bBrxWhESiWebjlxtbYC9YFaTAMGJEEr1pgc= X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:6830, ipnet:84.116.0.0/16, country:NL] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: 4cHcXT4M5wz4FTM Op 04-09-2025 om 12:52 schreef Lexi Winter: > hi Roland, > > Ronald Klop: >> member: epair4a flags=143 >> port 15 priority 128 path cost 2000 vlan protocol 802.1q > > based on this configuration, epair4a should neither accept nor send any > traffic. When I saw my mail again I realized that I copy-pasted the bridge config with VLANFILTER enabled. That didn't match with the case I wrote about. So with VLANFILTER enabled epair4a didn't receive/send any traffic as expected. But genet0 didn't receive anything either so little happened on the machine. :-) With VLANFILTER disabled epair4a did receive traffic and also broadcasts on vlan 3. I don't know if this is expected. Interestingly, with VLANFILTER disabled the "untagged 3" interfaces also saw broadcast traffic which was not destined for vlan 3. >> epair4a still receives all traffic, so also traffic for vlan 3. > > however, it seems like there's an issue filtering outgoing traffic from > the host itself. could you please try the attached patch and see if it > makes any difference? With the story above is the patch still needed? I will test anyway to see what happens. It is a RPI4, so compiling is a bit slow. Regards, Ronald.