From owner-freebsd-net@FreeBSD.ORG Tue Oct 11 06:39:51 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC8CA16A41F for ; Tue, 11 Oct 2005 06:39:51 +0000 (GMT) (envelope-from vulture@netvulture.com) Received: from rackman.netvulture.com (adsl-63-197-17-60.dsl.snfc21.pacbell.net [63.197.17.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C06B43D45 for ; Tue, 11 Oct 2005 06:39:49 +0000 (GMT) (envelope-from vulture@netvulture.com) Received: from [66.160.199.14] (1202.nthair.com [66.160.199.14] (may be forged)) (authenticated bits=0) by rackman.netvulture.com (8.13.5/8.13.5) with ESMTP id j9B6dTWO092124; Mon, 10 Oct 2005 23:39:30 -0700 (PDT) Message-ID: <434B5E27.1010208@netvulture.com> Date: Mon, 10 Oct 2005 23:39:35 -0700 From: Jonathan Feally User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jonathan Feally References: <4348B6AF.8020207@netvulture.com> In-Reply-To: <4348B6AF.8020207@netvulture.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-MailScanner-Information: Please contact your system administrator for more information X-MailScanner: Found to be clean X-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (score=-2.779, required 2.5, ALL_TRUSTED -2.82, AWL 0.04) Cc: freebsd-net@freebsd.org Subject: Re: Having issues with bridging vlan and em in 5.4-STABLE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Oct 2005 06:39:51 -0000 After further testing I have found 2 issues pertaining to my problem. a. ) MAC on returning packets from box are that of the vlan199 parent interface's instead of that of the other em0 interface. b.) The dns responses are leaving the box on the vlan, but the dst port number is getting scrambled in the process. tcpdump on the box shows in and out on the same ports, but the host shows out on one and in on something else. Is this an issue with the bridging code, the vlan code, or both?? I have em0 and em1 set with the following flags UP, BROADCAST, RUNNING, PROMISC, SIMPLEX, MULTICAST options: RXCSUM, TXCSUM, VLAN_MTU, POLLING vlan199 flags UP, BROADCAST, RUNNING, PROMISC, SIMPLEX, MULTICAST vlan199 has no options. Anybody else run into this problem? I am running 5-STABLE as of today. -Jon Jonathan Feally wrote: > I'm trying to setup a machine that will be both routing traffic and > bridging 2 segments of one network with ipfw processing on that > bridged network. The routing seems to be OK and bridging is also OK > from Side to side, however when trying to talk to the IP of the > machine from another machine on the bridged network i am seeing packet > loss. > > Setup > > > em0 x.y.199.254 connected to segment with outgoing router at > x.y.199.1. Lets call this Side A > em1 no IP. Internal interface with all the vlans attached to it > vlan199 no IP configured as tagged vlan 199 attached to em1. We'll > call this Side B. > 10 more vlans configured with IP's for the routing portion. No packet > loss in the routed scenario. > > em0 and vlan199 are bridged > > Host at x.y.199.101 connected to Side B can reach all hosts connected > to Side A except for the bridging machine > Using nslookup on .101 to .254 as a test, tcpdump on vlan199 shows > packets in from .101 to .254 and the returning packets from .254 to > .101. em0 does not show any packets in or out. However packets are not > being returned to the .101 host. > IPFW is not a culprit here as I have tried it with ipfw add 1 allow ip > from any to any. > > Moving the IP of .254 from em0 to vlan199 results in the same packet > loss execpt on the Side A now. > > Not all traffic from Side B to .254 and back is lost. dhcp and icmp do > seem to be working. I am leaning towards an issue with BIND, however > it does bother me that tcpdump sees packets leaving vlan199. > > Anybody have any ideas?? Thanks in advance. > > -Jon > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"