From nobody Wed Dec 20 17:04:36 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwKg644qmz558gf for ; Wed, 20 Dec 2023 17:04:50 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from mail.punkt.de (mail.punkt.de [217.29.41.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4SwKg55ZXPz4qwH for ; Wed, 20 Dec 2023 17:04:49 +0000 (UTC) (envelope-from hausen@punkt.de) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of hausen@punkt.de designates 217.29.41.227 as permitted sender) smtp.mailfrom=hausen@punkt.de; dmarc=none Received: from smtpclient.apple (unknown [IPv6:2003:a:d59:3800:fcdc:57c5:13f5:f2f8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.punkt.de (Postfix) with ESMTPSA id D39736DDA0 for ; Wed, 20 Dec 2023 18:04:46 +0100 (CET) From: "Patrick M. Hausen" Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.200.91.1.1\)) Subject: Display of bridge member interfaces cut short - bug or intention? Message-Id: Date: Wed, 20 Dec 2023 18:04:36 +0100 To: FreeBSD Net X-Mailer: Apple Mail (2.3774.200.91.1.1) X-Spamd-Result: default: False [-1.79 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.99)[-0.993]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:217.29.32.0/20]; MIME_GOOD(-0.10)[text/plain]; RCVD_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:16188, ipnet:217.29.32.0/20, country:DE]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; TO_DN_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_NA(0.00)[punkt.de]; RCVD_TLS_ALL(0.00)[] X-Rspamd-Queue-Id: 4SwKg55ZXPz4qwH X-Spamd-Bar: - Hi all, as some probably know we provide web hosting services and we use jails = for that. On some particular host we have 255 vnet jails all of which are = connected to the external interface of the host - renamed to "inet0" in our environment - = via if_bridge(4) and all managed with iocage. root@ph003:~ # grep inet0 /iocage/jails/vpro*/config.json|wc -l 255 Of these 251 also have a second epair interface connected to a private = bridge named "priv1". These are used for connections to the central database = server which should not be exposed to the Internet. root@ph003:~ # grep priv1 /iocage/jails/vpro*/config.json | wc -l 251 While looking for a different problem to my great suprise I found today = that ifconfig truncates the list of member interfaces for both bridge = instances. And both to the same value of 102, although the member numbers are = (albeit slightly) different: root@ph003:~ # ifconfig inet0|grep member:|wc -l 102 root@ph003:~ # ifconfig priv1 | grep member: | wc -l 102 All 255 jails are connected to the external network and perfectly = reachable from the Internet. That's why I conclude that the display is wrong, not the = bridge configuration. What's happening here? Is this intentional or shall I file a bug report? More importantly: either way is this only cosmetic or will we hit = another unexpected limit of the number of interfaces that can be members of a bridge any = time soon? Kind regards, Patrick --=20 punkt.de GmbH Patrick M. Hausen .infrastructure Sophienstr. 187 76185 Karlsruhe Tel. +49 721 9109500 https://infrastructure.punkt.de info@punkt.de AG Mannheim 108285 Gesch=C3=A4ftsf=C3=BChrer: Daniel Lienert, Fabian Stein