From nobody Fri Oct 10 06:50:58 2025 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cjcpM3fr1z6BSxG for ; Fri, 10 Oct 2025 06:51:07 +0000 (UTC) (envelope-from ivy@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cjcpM36ryz3SbK; Fri, 10 Oct 2025 06:51:07 +0000 (UTC) (envelope-from ivy@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1760079067; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Q27vPKN7mMv4fozpLb+PNCd3bcuA+IpGR1rE+gJ3oaY=; b=oUZ9If2/Ef8F/GuYeM4Oc3W83AbXErZBKotoXZk2BJKyyOLi6+ELHkTPUNWOMbFSnyKG7m ELeviws4nPz8OF18uhK9YO90zhGak0G++XxP64ZxDDdwjSHIx9Z8nkKOH+a+BjLxCslOr2 6YZFv9zu3Bp6hpWyvlAVXEudSexYeJFLcks88BBhi42+XvDxWDfNMuBLTzO51LtcvgK3v3 hfEtY9d596xgODcH1fiKUDxnXrDRB/C90Y03h5n5SfYfmtesK7N9BzuwZE9DMSvf6QJZPy WPATEyiAZP0u2EcyzpqbfwqrE+zWix6ZGYYtirGWAFYF78Jbs0zqC82qdRmOwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1760079067; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Q27vPKN7mMv4fozpLb+PNCd3bcuA+IpGR1rE+gJ3oaY=; b=ncIwZyd3AOD/9op2sgS4yud7z/Ck68UuS4N95tNbJMpXly8JtaefwMuKNyvxrgChio4W9a P5RrNiQhfL4zXRUK0sgn32sCA1UVkjz6Z3cRfDOqq1A6f40bzemZLphAuTXbyVit0yx750 2GxIcG9om3mzTjajSRxcpamle/bzEmApzW+EwKw5RP2WR7/ecVr7b9dL+SWT5wvyfeEY9s 13BwnpKx6pdSX+rRZ5twddpDCJDKwIN78yGIPnXxY3u4s3zA0sf92g4CCCEvW2xL1Q1pgN FkDrG/ypUV7x5Dd8tRL39/e/XmJUgXhhGwky2qw8x8wBe0Bdvg7HGZ9Yu45o1A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1760079067; a=rsa-sha256; cv=none; b=fTHP+KrOyZf/Z0gsA8RYJPNu8AtGoDQXBU/wz7/PwjDED0Hp93ZzNWZdjme8hCLLZcuRP8 ad+MQARe8Z1DrB/8v+wfwMeJPYMzbpF9iccBHApYweNAfpOjG5jdLY+4RSWCY6bSpVvxyo F3eL9jcJoDgq1HdajYdyPmfyI6KL398bzFlHrwzgPhBWR+t+hlPuhEXpWvtKaDt8X2Dong w6F1J4+Elx3n4LgBBKYRMQLlG/603o/S2CXoxvKF1p3QeTXlZI5SLClFa0+tD1vDOJk0P0 LIo2zr+VNghJQzOeQ77mI+JTne39FDK7rT8lF/x182ESECtKI09j6T2YyVkuHA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from amaryllis.le-fay.org (amaryllis.le-fay.org [IPv6:2a00:1098:6b:400::9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: ivy/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4cjcpM0LzYzpF0; Fri, 10 Oct 2025 06:51:06 +0000 (UTC) (envelope-from ivy@freebsd.org) Date: Fri, 10 Oct 2025 07:50:58 +0100 From: Lexi Winter To: Paul Procacci Cc: "freebsd-net@freebsd.org" Subject: Re: FBSD 15 :: if_bridge help needed Message-ID: Mail-Followup-To: Paul Procacci , "freebsd-net@freebsd.org" References: List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="YEOYvmZH0qoCwBEe" Content-Disposition: inline In-Reply-To: --YEOYvmZH0qoCwBEe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Paul Procacci wrote in : > Alright, so what's the correct method here for getting the host > assigned an ip within that 1843 vlan. > Is it: > a) create a lagg0.1843 interface and assign an ip > b) create a bridge0.1843 interface and assign an ip option b) is correct. VLAN subinterfaces on bridge(4) is a new feature in 15.0 and this is now the correct way to connect the host to a VLAN in a bridge, especially when using VLAN filtering. creating a VLAN subinterface on a bridge member was supported, sort of, but the behaviour was confusing: whether the frame is handled by vlan or bridge depends on its destination Ethernet address. in 15.0, i changed this so that if you create a vlan(4) interface on an interface which is also a member of a bridge, all tagged packets will go the vlan, not the bridge. this preserves the ability to put the interface in a bridge for untagged packets and also handle tagged packets via a vlan(4) interface (which may also be in a bridge, although i don't recommend that). > From remote host: tcpdump -n -e -ttt -i igc1 host 192.168.35.154 > 00:00:01.063499 58:9c:fc:10:6f:fa > 60:be:b4:01:bf:0d, ethertype IPv4 > (0x0800), length 98: 192.168.35.154 > 192.168.35.1: ICMP echo request, > id 5948, seq 8, length 64 > So I'm seeing untagged packets arriving when they should be tagged. hm, your configuration looks correct, so i'm not sure what is causing this. could you please show the tcpdump -ev output for the packet on bridge0.1843, lagg0, and whichever external interface(s) in the lagg are handling the packet? i'd like to see whether the tag is being removed somewhere, or if it's not being added at all. could you also include the output of "ifconfig -a" on the system with the bridge? note, there is an outstanding issue where if you create bridge0.N, then destroy the bridge, then recreate the bridge, the bridge0.N interface will still exist but it won't be associated with the correct device. this doesn't seem to be the case in your situation, but it can come up when you're deleting/recreating bridges for testing, so i thought it was worth mentioning. --YEOYvmZH0qoCwBEe Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQSyjTg96lp3RifySyn1nT63mIK/YAUCaOiszwAKCRD1nT63mIK/ YLV/AP9O1fTYXOeKThhyO07hTlKGLnC4HRPADWVxaHnGlNfkZAD/fDEFLTDbezAc y1e8iuh3O212lTd99WJ8QcQ/zEl7CgI= =JfTT -----END PGP SIGNATURE----- --YEOYvmZH0qoCwBEe--