From owner-freebsd-net@FreeBSD.ORG Thu Mar 17 07:30:25 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A36616A4CE for ; Thu, 17 Mar 2005 07:30:25 +0000 (GMT) Received: from roadrunner.metaflex.com (roadrunner.metaflex.com [209.246.232.249]) by mx1.FreeBSD.org (Postfix) with SMTP id 975B743D1D for ; Thu, 17 Mar 2005 07:30:24 +0000 (GMT) (envelope-from nlandys@atrask.lt) Received: (qmail 7084 invoked by uid 511); 16 Mar 2005 06:30:06 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 16 Mar 2005 06:30:06 -0000 Date: Tue, 15 Mar 2005 22:30:06 -0800 (PST) From: Nerius Landys X-X-Sender: nlandys@roadrunner.metaflex.com To: freebsd-net@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: transparent bridge and ARP proxy confusion X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2005 07:30:25 -0000 I came across this bug (or feature) in the FreeBSD "transparent bridge" module, and am wondering whether or not anyone can shed some light on it. By "transparent bridge", I mean that my /boot/loader.conf file has the line bridge_load="YES" and that my /etc/rc.conf file has the line ifconfig_fxp0="inet 192.168.0.6 netmask 255.255.255.0" and that my /etc/sysctl.conf file has the lines net.link.ether.bridge.enable=1 net.link.ether.bridge.config=fxp0,fxp1 I have the following network topology: +======================================+ | FreeBSD 5.3 as transparent bridge | | | | | | 192.168.0.6 | | / | | / | | fxp0 fxp1 | | 00:02:b3:da:50:ba 00:02:b3:da:50:bb | +======================================+ / \ / \ / \ / \ 100baseTX / \ / 10baseT/UTP \ / \ / \ / \ +=========================+ +=========================+ | An old crufty Linux | | 00:0e:0c:68:e3:94 | | box that plays no | | / | | role in this | | 192.168.0.2 | | discussion | | (A non-BSD box) | +=========================+ +=========================+ The bug (or feature) is that the FreeBSD bridge appears not to make up its mind about which of its two MAC addresses (00:02:b3:da:50:ba and 00:02:b3:da:50:bb) to send as the "owner" of IP address 192.168.0.6. The details, gotten with tcpdump, are as follows. First, I boot up all three machines. The output of 'arp -na' on the FreeBSD host returns the following output: # arp -na ? (192.168.0.6) at 00:02:b3:da:50:ba on fxp0 permanent [ethernet] The 192.168.0.2 host's ARP cache is empty at this point. I start 'tcpdump -ne' on the 192.168.0.2 host. Now I ping host 192.168.0.2 from the FreeBSD host 192.168.0.6: # ping 192.168.0.2 PING 192.168.0.2 (192.168.0.2): 56 data bytes 64 bytes from 192.168.0.2: icmp_seq=0 ttl=64 time=1.058 ms ^C --- 192.168.0.2 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.058/1.058/1.058/0.000 ms On host 192.168.0.2, the tcpdump output: 00:10:53.445868 0:2:b3:da:50:ba Broadcast arp 60: arp who-has 192.168.0.2 tell 192.168.0.6 00:10:53.445888 0:e:c:68:e3:94 0:2:b3:da:50:ba arp 42: arp reply 192.168.0.2 is-at 0:e:c:68:e3:94 00:10:53.446615 0:2:b3:da:50:bb 0:e:c:68:e3:94 ip 98: 192.168.0.6 > 192.168.0.2: icmp: echo request 00:10:53.446634 0:e:c:68:e3:94 0:2:b3:da:50:ba ip 98: 192.168.0.2 > 192.168.0.6: icmp: echo reply 00:10:58.442471 0:e:c:68:e3:94 0:2:b3:da:50:ba arp 42: arp who-has 192.168.0.6 tell 192.168.0.2 00:10:58.442925 0:2:b3:da:50:bb 0:e:c:68:e3:94 arp 60: arp reply 192.168.0.6 is-at 0:2:b3:da:50:bb As we see here, The FreeBSD host started with an ARP request, claiming its interface to be 192.168.0.6 at the MAC ending in 'ba'. Once it learns the information that it asks for (the second frame), it sends out its request ICMP 'ping' packet (the third frame), claiming its return address to be different this time, namely the MAC address ending in 'bb'. Finally, in the sixth frame, it claims its MAC address for its locally configured "bridge endpoint" to be the one ending in 'bb', not 'ba'. My first guess as to why this may be happening is that ARP is not *really* part of the IP layer, and perhaps the MAC address handling is slightly different in the two modules - ARP and IP. Although, looking at the sixth frame captured and comparing it to the first, I'm still shrugging my shoulders. This MAC address inconsistency is causing no problems on my network. I'm just curious as to why this isn't behaving the way I want it to behave -- I want it to behave such that only the MAC address ending in 'ba' is ever transmitted as the source MAC address of a frame originating from this FreeBSD host. Being the curious type, I experimented with OpenBSD, installing it onto the same host which ran FreeBSD, and also acting as a transparent bridge. With OpenBSD it behaves as I would expect, as a transparent bridge and not as an "ARP proxy" part of the time. Let me note that Ethernet frames exchanged between the two non-BSD hosts on my network (pictured above) behave fully transparently; that is, Ethernet frames sent by 192.168.0.2 destined for the "old crufty Linux box" have a source MAC address of 00:0e:0c:68:e3:94 as recorded by tcpdump running on the "old crufty Linux box". The 'ifconfig' output from the FreeBSD bridge: fxp0: flags=8943 mtu 1500 options=8 inet6 fe80::202:b3ff:feda:50ba%fxp0 prefixlen 64 scopeid 0x1 inet 192.168.0.6 netmask 0xffffff00 broadcast 192.168.0.255 ether 00:02:b3:da:50:ba media: Ethernet autoselect (10baseT/UTP) status: active fxp1: flags=8943 mtu 1500 options=8 inet6 fe80::202:b3ff:feda:50bb%fxp1 prefixlen 64 scopeid 0x2 ether 00:02:b3:da:50:bb media: Ethernet autoselect (100baseTX ) status: active Any insights appreciated. Thanks. -Nerius