Date: Wed, 13 Jul 2022 21:43:38 +0100 From: Norman Gray <gray@nxg.name> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Why can't I add a loopback interface to a bridge? Message-ID: <988896FB-9986-4955-A3B7-9CEC810D8E6E@nxg.name>
next in thread | raw e-mail | index | archive | help
Greetings.
Why can't I add a loopback interface to a bridge?
I thought I should be able to do this, and the fact that I can't suggests=
I'm misunderstanding something significant.
If I do
# ifconfig bridge create
bridge0
# ifconfig lo create
lo1
# ifconfig bridge0 addm lo1
ifconfig: BRDGADD lo1: Invalid argument
#
The only things I can find which match this error are eg <https://lists.f=
reebsd.org/pipermail/freebsd-net/2007-December/016114.html>, from 2007, w=
hich I don't think describes my situation.
What I'm aiming to do is to set up a bridge to VNET-isolated jails, so I =
can subsequently selectively route and NAT packets from those jails to th=
e rest of the network.
My mental model here is that I create an interface lo1 and then 'plug it =
in to the bridge', so that I can subsequently forward packets from lo1 to=
the real network interface. This mental model is clearly defective, but=
I can't see where.
I'm also following Michael Lucas's Jails book where, in Ch.9, he describe=
s what (I think) I'm trying to do via:
ifconfig_em1_name=3D=E2=80=9Djailether=E2=80=9D
ifconfig_jailether=3D=E2=80=9Dup=E2=80=9D
cloned_interfaces=3D=E2=80=9Dbridge0 bridge1 lo1=E2=80=9D
ifconfig_bridge0_name=3D=E2=80=9Djailetherbridge=E2=80=9D
ifconfig_bridge1_name=3D=E2=80=9Djailprivbridge=E2=80=9D
ifconfig_lo1_name=3D=E2=80=9Djailpriv=E2=80=9D
ifconfig_jailetherbridge=3D=E2=80=9Daddm jailether up=E2=80=9D
ifconfig_jailprivbridge=3D=E2=80=9Daddm jailpriv up=E2=80=9D
(He's illustrating the more intricate situation of managing two bridges, =
renaming as he goes, but I'm only concerned with the simpler case of doin=
g a similar thing with one; but I can't see how what I'm doing is differe=
nt from this; that book refers to FreeBSD 12, so I suppose this could be =
a version-specific puzzle).
The 'Advanced Networking' chapter of the handbook [1] instead describes a=
ssigning an IP address to the bridge interface, and doesn't mention the l=
oopback interface in this context.
I'm doing this in a fresh FreeBSD 13.1-RELEASE system (I'm experimenting =
within a UTM/QEMU VM on macOS 12.3.1, but the same thing happens with 13.=
1-RELEASE on a real machine, so this isn't, as I briefly speculated, beca=
use the VM network is somehow odd).
Thanks for any illumination.
Norman
[1] https://docs.freebsd.org/en/books/handbook/advanced-networking/
-- =
Norman Gray : https://nxg.me.uk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?988896FB-9986-4955-A3B7-9CEC810D8E6E>