From nobody Mon Jun 3 19:02:04 2024 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VtNQW2NRdz5JqNp for ; Mon, 03 Jun 2024 19:02:43 +0000 (UTC) (envelope-from freebsd@walstatt-de.de) Received: from smtp052.goneo.de (smtp052.goneo.de [85.220.129.60]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4VtNQV1xJlz4R9J for ; Mon, 3 Jun 2024 19:02:42 +0000 (UTC) (envelope-from freebsd@walstatt-de.de) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=walstatt-de.de header.s=DKIM001 header.b=oqoW5nwu; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@walstatt-de.de designates 85.220.129.60 as permitted sender) smtp.mailfrom=freebsd@walstatt-de.de Received: from hub2.goneo.de (hub2.goneo.de [IPv6:2001:1640:5::8:53]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp5.goneo.de (Postfix) with ESMTPS id E95E2240C2A for ; Mon, 3 Jun 2024 21:02:33 +0200 (CEST) Received: from hub2.goneo.de (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by hub2.goneo.de (Postfix) with ESMTPS id 3B85F240524 for ; Mon, 3 Jun 2024 21:02:32 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=walstatt-de.de; s=DKIM001; t=1717441352; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=A+JwO+ER+MFxzPIgLRHiSYjOBAHbGHMnK+KXXB5LqdU=; b=oqoW5nwu5+LeUUh5/fxLSDND5hADFtAFAflSL1oK81iU/jOJJOSutC6VCZqap/PCVH36Nk xV/M0SueLOVqG0GQgi/AXw3yuIiwGne1ZZ5WvzrjncD2lCwASTmvel1WLbzoChI2APP0Vu 87w4vMkFd1dIN6QlFDlC9/+E/+niQssd8j/tX9sTf+NP8BNAQCsjolz1FiGPZqfoK4aNhD eFt/DC3GkJPBss7OXOft7kjFweqog+K/d+j7ubtFDWI8p75pCO5C68ObmVhxTWuY9HcLqX qx7hV5n3Jm0ClxXXXNxzKQWNp0HtZ82vCSCx4NoHaw32csLIGunloIA++SFThg== Received: from thor.intern.walstatt.dynvpn.de (dynamic-089-012-030-072.89.12.pool.telefonica.de [89.12.30.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by hub2.goneo.de (Postfix) with ESMTPSA id 1101724050D for ; Mon, 3 Jun 2024 21:02:32 +0200 (CEST) Date: Mon, 3 Jun 2024 21:02:04 +0200 From: FreeBSD User To: FreeBSD CURRENT Subject: bridge: no traffic with vnet (epair) beyond bridge device Message-ID: <20240603210231.64889de0@thor.intern.walstatt.dynvpn.de> Organization: walstatt-de.de List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-UID: 51dddf X-Rspamd-UID: 796c86 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.998]; R_DKIM_ALLOW(-0.20)[walstatt-de.de:s=DKIM001]; R_SPF_ALLOW(-0.20)[+ip4:85.220.129.0/25]; MIME_GOOD(-0.10)[text/plain]; RCPT_COUNT_ONE(0.00)[1]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:25394, ipnet:85.220.128.0/17, country:DE]; MIME_TRACE(0.00)[0:+]; HAS_ORG_HEADER(0.00)[]; MISSING_XM_UA(0.00)[]; RCVD_TLS_ALL(0.00)[]; DMARC_NA(0.00)[walstatt-de.de]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; TO_DN_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[walstatt-de.de:+] X-Rspamd-Queue-Id: 4VtNQV1xJlz4R9J Hello, I'm running a dual socket NUMA CURRENT host (Fujitsu RX host) running several jails. Jails are attached to a bridge device (bridge1), the physical device on that bridge is igb1 (i350 based NIC). The bridge is created via host's rc scripts, adding and/or deleting epair members of the bridge is performed by the jail.conf script. I do not know how long the setup worked, but out of the blue, last week after a longish poudriere run after updating the host to most recent CURRENT (as of today, latest update kernel and world) and performing "etcupdate" on both the host and all jails, traffic beyond the bridge is not seen on the network! All jails can communicate with each other. Traffic from the host itself is routed via igb0 to network and back via igb1 onto the bridge. I check all setups for net.link.bridge: net.link.bridge.ipfw: 0 net.link.bridge.log_mac_flap: 1 net.link.bridge.allow_llz_overlap: 0 net.link.bridge.inherit_mac: 0 net.link.bridge.log_stp: 0 net.link.bridge.pfil_local_phys: 0 net.link.bridge.pfil_member: 0 net.link.bridge.ipfw_arp: 0 net.link.bridge.pfil_bridge: 0 net.link.bridge.pfil_onlyip: 0 I did not change anything (knowingly). I also have an oldish box running single socket processor, also driven by the very same CURRENT and similar, but not identical setup. The box is running very well and the bridge is working as expected. I was wondering if something in detail has changed in the handling of jails, epair and bridges. I followed the setup "after the book", nothing suspicious. Maybe someone has a clue what might break the bridge. By the way: ifconfig bridge1 looks as always, igb1 as member and it doesn't make any difference whether I force the bridge to inherit igb1's MAC or not. We also checked for the switches whether BPDU Guard may have been triggered, but everything looks good from the outside - execept the fact the brdiged interface seems inactive (but up) from the outside ... Kind regards oh -- O. Hartmann