From owner-freebsd-virtualization@FreeBSD.ORG Thu Sep 2 14:30:07 2010 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 504881065740 for ; Thu, 2 Sep 2010 14:30:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [IPv6:2001:4068:10::3]) by mx1.freebsd.org (Postfix) with ESMTP id DEAAA8FC14 for ; Thu, 2 Sep 2010 14:30:06 +0000 (UTC) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 0582C41C65E; Thu, 2 Sep 2010 16:30:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([192.168.74.103]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id 4wYc6MBzrsoz; Thu, 2 Sep 2010 16:30:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 710A241C64C; Thu, 2 Sep 2010 16:30:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id CB83A4448F3; Thu, 2 Sep 2010 14:28:46 +0000 (UTC) Date: Thu, 2 Sep 2010 14:28:46 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Frank Razenberg In-Reply-To: <4C7FB15D.8040906@zzattack.org> Message-ID: <20100902142102.R31898@maildrop.int.zabbadoz.net> References: <4C7E8E7C.7090708@zzattack.org> <4C7F8551.6020901@zzattack.org> <4C7FA623.2010802@zzattack.org> <20100902134953.C31898@maildrop.int.zabbadoz.net> <4C7FB15D.8040906@zzattack.org> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: FreeBSD virtualization mailing list Subject: Re: duplicate epair ipv6 addresses X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Sep 2010 14:30:07 -0000 On Thu, 2 Sep 2010, Frank Razenberg wrote: Hey Frank, > I do have an openvpn setup which also creates a bridge. At one point in time > it conflicted with the bridge0 interface used for the jails. The openvpn 'up' > script did the following: > > #!/bin/sh > /sbin/ifconfig bridge0 create > /sbin/ifconfig bridge0 addm nfe0 addm $dev up > /sbin/ifconfig $dev up > > It may have executed a couple of times while bridge0 already existed and had > the epairs as members. I don't recall the epair's 'a'-end having different > ethernet addresses before, but I haven't specifically looked at them. I don't > believe I do any manual collision detection. Ok, then this is strange than unless if_bridge(4) is doing it. No, doesn't seem so and I wouldn't have expected it either: lion3# ifconfig epair99 create epair99a lion3# ifconfig epair99a epair99a: flags=8842 metric 0 mtu 1500 ether 02:00:00:00:09:0a lion3# ifconfig epair99b epair99b: flags=8842 metric 0 mtu 1500 ether 02:00:00:00:0a:0b lion3# ifconfig bridge0 create lion3# ifconfig bridge0 up lion3# ifconfig bridge0 addm epair99a lion3# ifconfig epair99a epair99a: flags=8942 metric 0 mtu 1500 ether 02:00:00:00:09:0a lion3# ifconfig epair99a up lion3# ifconfig epair99b up lion3# ifconfig epair99a epair99a: flags=8943 metric 0 mtu 1500 ether 02:00:00:00:09:0a lion3# ifconfig bridge0 bridge0: flags=8843 metric 0 mtu 1500 ether be:de:50:ce:29:3b id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: epair99a flags=143 ifmaxaddr 0 port 9 priority 128 path cost 2000 lion3# ifconfig bridge0 addm ix1 lion3# ifconfig epair99a epair99a: flags=8943 metric 0 mtu 1500 ether 02:00:00:00:09:0a lion3# ifconfig bridge0 bridge0: flags=8843 metric 0 mtu 1500 ether be:de:50:ce:29:3b id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: ix1 flags=143 ifmaxaddr 0 port 6 priority 128 path cost 20000 member: epair99a flags=143 ifmaxaddr 0 port 9 priority 128 path cost 2000 As you can see the epair99a interface still has the same ether address 02:00:00::0a as when intiially created. There is either some memory corruption or other magic happening for you. > I'm not sure whether this answers your questions, if you need any more info > please let me know. Are you having multiple machines with epairs bridge to the same LAN? If so you may have collisions of epairb nodes with overlapping ether addresses, which IPv6 ND6 DAD (duplicate address detection) would notice. You would probably find multiple 02:00:00:00:07:0b addresses on different machines. Which also means that you'll have to do manual ether address assignments (see 3rd paragraph of the DESCRIPTION section in the epair(4) manual page. /bz -- Bjoern A. Zeeb Welcome a new stage of life.