From owner-freebsd-questions@FreeBSD.ORG  Sat Jun  6 18:50:38 2015
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id DC52EC5F
 for <freebsd-questions@freebsd.org>; Sat,  6 Jun 2015 18:50:37 +0000 (UTC)
 (envelope-from aew.freebsd@wrede.ca)
Received: from mail.wapanafa.org (unknown [IPv6:2001:4dd0:ff00:91b4::10])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 7439D16AC
 for <freebsd-questions@freebsd.org>; Sat,  6 Jun 2015 18:50:37 +0000 (UTC)
 (envelope-from aew.freebsd@wrede.ca)
Received: from wapaserver (localhost [127.0.0.1])
 by mail.wapanafa.org (Postfix) with ESMTP id E39294D2997
 for <freebsd-questions@freebsd.org>; Sat,  6 Jun 2015 20:50:18 +0200 (CEST)
X-Virus-Scanned: amavisd-new at wapanafa.org
Received: from mail.wapanafa.org ([127.0.0.1])
 by wapaserver (mail.wapanafa.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ZVrpDD2VtxW0 for <freebsd-questions@freebsd.org>;
 Sat,  6 Jun 2015 20:50:18 +0200 (CEST)
Received: from node-77b1pkmaws0hosz3596.ipv6.teksavvy.com (unknown
 [IPv6:2607:f2c0:f00e:f400:1ac:1ef3:a588:f05a])
 by mail.wapanafa.org (Postfix) with ESMTPSA id 227464D2888
 for <freebsd-questions@freebsd.org>; Sat,  6 Jun 2015 20:50:18 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wrede.ca; s=S201404;
 t=1433616618; bh=gSPXjAeeLh/jo9cRmYic6cykGVj+Zu6pgb9p3AS+6Rk=;
 h=From:Subject:Date:To;
 b=hayUoTNAuQ8KHLCjHuNErYfGNJEh0tBmW7q3ibCW9TrBtPkJ36qXZQnu2x+4m+wiF
 Jep08JhwI5CQQg/2ErnjvJ1DVceb7mDizaOMBXOcE0XWci6X6AIvxrdDxymcsKsRLj
 t2mTFwtsmSpJmVf+EZ6jR3Njy/lpNshoE/ojuC9g=
From: Andreas Wrede <aew.freebsd@wrede.ca>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Subject: Bridge(4) not learning 
Message-Id: <C7ABE54B-8E5E-4933-998E-73BBABA472B0@wrede.ca>
Date: Sat, 6 Jun 2015 14:50:16 -0400
To: freebsd-questions@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
X-Mailer: Apple Mail (2.2098)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Jun 2015 18:50:38 -0000

On a FreeBSD 10.1/amd64 system, I have a bridge(4) configured with a =
tap(4) and igb(4) interface as members:

# ifconfig tap0 create up
# ifconfig bridge0 create addm tap0 addm igb1 up

igb1 is the interface to the local LAN with 192.168.0.1 as the servers =
IP address, tap0 is used by openvpn. (igb0 is used for the outside pppoe =
connection via mpd5)

# ifconfig igb1
igb1: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> =
metric 0 mtu 1500
	=
options=3D400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO>
	ether c8:0a:a9:c8:7e:87
	inet6 fe80::ca0a:a9ff:fec8:7e87%igb1 prefixlen 64 scopeid 0x2=20
	inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255=20
	nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: Ethernet autoselect (1000baseT <full-duplex>)
	status: active

#  ifconfig tap0
tap0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> =
metric 0 mtu 1500
	options=3D80000<LINKSTATE>
	ether 00:bd:b3:c4:2e:00
	inet6 fe80::2bd:b3ff:fec4:2e00%tap0 prefixlen 64 scopeid 0x7=20
	nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>
	media: Ethernet autoselect
	status: active
	Opened by PID 16731

#  ifconfig  bridge0 =20
bridge0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 =
mtu 1500
	ether 02:b6:bc:d0:88:00
	nd6 options=3D1<PERFORMNUD>
	id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
	maxage 20 holdcnt 6 proto stp maxaddr 2000 timeout 1200
	root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
	member: igb1 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
	        ifmaxaddr 0 port 2 priority 128 path cost 20000
	member: tap0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
	        ifmaxaddr 0 port 7 priority 128 path cost 2000000

With openvpn configured, I can now connect and ping 192.168.0.1 from a =
remote host.

However no other host on the local LAN (192.168.0.0/24) is reachable!=20

Looking at the addresses the bridge has learned I only see the remote =
host's address on the tap(4) side:

#  ifconfig  bridge0 addr
f6:68:1f:e6:cf:38 Vlan1 tap0 114 flags=3D0<>
#

No addresses from the igb1 side of the bridge are ever learned. Pinging =
a host on the LAN from the remote host produces the expected arp =
requests and replies on the LAN side but the bridge never learns the =
address, thus packets are not forwarded back to the remote host.

Things I have tried without success:
- disabled the pf firewall
- entered static mac address (ifconfig bridge0 static igb1 =
00:13:20:3f:e5:ff)

I have the same setup working properly on another FreeBSD 10.1 system. =
The only difference (besides IP address values) are the network =
interfaces, the other setup uses a em(4) interface.

Is there any other configuration setting I am missing or does bridging =
just now woke with igb(4)s?

--=20
    aew