From nobody Wed May 21 14:44:46 2025 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4b2Z2X1rmmz5w1SV; Wed, 21 May 2025 14:44:52 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4b2Z2X19Jlz3j8b; Wed, 21 May 2025 14:44:52 +0000 (UTC) (envelope-from kp@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1747838692; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=VLM+lwDKwLXECLV+bvl/RH20iIJvIJ4vAKoVDOVsAWU=; b=C+GvPgBq2RFKtYcyXHabvzEhTl2xl9N2folYhpPo4DfRiTau3IYUMNMZZx6C1TS0bilJxt LnGRNWPi2Ry/EZFO10XTQ2ZMLEQTGiyrfzuJwb/SYcpeT2O4bekgD/10wh0qWrZr7/rz1X /ddxQT5h9HXbioEQOpzizOrPKWSa5XvEuIXqQSAu8/5kvUBn/XZOteVI7JaPW+/IaLumXt 3k8I1uTOU00QX5XXXnZgQIdLH4M4rO/fYVlglpb5JgVK85vUwQop8lwtPdUY4dA13mAfNM 182yb2CKvqZ4+glvgmyb1lwW0SRzNZM8dPbyh7keFEfH6wjeaCsUwiZ/k64EmQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1747838692; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=VLM+lwDKwLXECLV+bvl/RH20iIJvIJ4vAKoVDOVsAWU=; b=ZOuk8D/TXNS9CBXLGGhS7escNXi62QaTcOTK49Ubdb61nOF+2+7XrkY56gUdrZ6TtciY+D VKWZ2M9wyxpc6mHnF7TkCVAkZzZi0GfYy8ZgaGYZmhRqJm7rMGTbTtmUGFOL/ek/GGb5j2 Q5dUqqE0tFhatI0RrbU9F6tqKKh3PAeDOWigdwe4ibXoLlFOOo8YZvNjwvSFqc7kstz/U0 nAflqSxdgJpuhWvOYiT0y/uCideEqUioOmY8oUUclVeFD4OKvwSCuW9e8wpuoiDRw6Qlqc tcFwgA7XsKRpf9/bxj5FuEj+kwpZ6rsQn2hr6oR4Dh6F9mUVc9kjT7nwe+wo+A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1747838692; a=rsa-sha256; cv=none; b=KZt2gWtKgGV08PvQuK4XicA0kRjtJ6IZltPv7s62ck+/iRinXrco7BlS9GdKh58UHT4PXD 6GhBgScDXk18NhU56TQKWulFiHcu3HBU7h/BvVgvIiXx+SpHcl3o1y3cdykyg8x3V2OKon QBGCy99EJqO4nFnyOSZfUIlOqoRKF4ci5do6akKO9URNd6rK7qlyhEA13hKoN2sjTa8b7f p0rHSgUS1c/8HV3DuVUeUTxJ3nxgkY6tRAxHXiBS1Nk+aK0P+tIAF9THFLqP7DcX7x5L/g lpqDlbnXulmAEVN4N/W6z4QoKq88f5ChZQKIvNb220Eqf9GhViDM6x4tLzxEcg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from venus.codepro.be (venus.codepro.be [5.9.86.228]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mx1.codepro.be", Issuer "R11" (verified OK)) (Authenticated sender: kp) by smtp.freebsd.org (Postfix) with ESMTPSA id 4b2Z2W6Mxhz6jt; Wed, 21 May 2025 14:44:51 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: by venus.codepro.be (Postfix, authenticated sender kp) id 5B9AACB97; Wed, 21 May 2025 16:44:49 +0200 (CEST) From: Kristof Provost To: void Cc: freebsd-net@freebsd.org, current@freebsd.org, net@freebsd.org Subject: Re: HEADS UP: 15.0-CURRENT, change to bridge(4) might break some network configurations with =?utf-8?b?4oCcSW52YWxpZCBhcmd1bWVudOKAnQ==?= Date: Wed, 21 May 2025 16:44:46 +0200 X-Mailer: MailMate (2.0r6255) Message-ID: <3647A8FC-FED1-4539-8BDE-CACCF6A5FC0A@FreeBSD.org> In-Reply-To: References: List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_MailMate_72B40741-7BCB-4D0A-A38B-C7EA3C9AC3F8_=" --=_MailMate_72B40741-7BCB-4D0A-A38B-C7EA3C9AC3F8_= Content-Type: text/plain; charset=UTF-8; format=flowed; markup=markdown Content-Transfer-Encoding: quoted-printable On 21 May 2025, at 16:40, void wrote: > On Mon, May 19, 2025 at 11:33:50AM +0100, Lexi Winter wrote: >> although it's possible everyone who is affected by this is already = >> aware >> of the change, i thought i should send a heads up anyway, if only to >> have a single place to discuss this (since there was quite a lot of >> discussion). >> >> in short, following this commit... >> >> b61850c4e6f "bridge(4): default net.link.bridge.member_ifaddrs to = >> false" >> https://cgit.freebsd.org/src/commit/?id=3Db61850c4e6f6b0f21b36da7238db= 969d9090309e >> >> ...it is now impossible to use a network interface which has an IP >> address assigned to it as a bridge member, or to configure an IP >> address on an interface which is a member of a bridge. > > Hi, for the sake of clarity, when you say "IP addresses assigned to it = > as > a bridge member", do you mean assigned via eg rc.conf on the host, > or assigned, for example within a VM, or assigned within a bridge = > statement? [1] > > I have a machine with 2x NICs with static ips assigned in the > usual way in rc.conf. They are also bridge members (they have to be = > otherwise the tap interfaces on the bhyve VMs wouldn't work) > Within each vm the interfaces are assigned either static or dynamic > IPs. I don't use vm-bhyve. Do I need to worry? [2] > > [1] example - /etc/rc.conf snippet on the bhyve host > > ifconfig_bge1=3D"inet REDACTED.REAL.IP netmask 255.255.255.248 mtu 1500= = > media 1000baseT mediaopt full-duplex,master" > defaultrouter=3D"REDACTED.REAL.GATEWAY" > ifconfig_bge1_ipv6=3D"inet6 accept_rtadv" > # > # > ifconfig_bridge1=3D"addm bge1 addm tap10 addm tap11 addm tap12 \ > addm tap13 addm tap14 addm tap15 addm tap16 addm tap17 addm tap18 addm = > tap19" > # > > [2] because here bge1 has an ip addigned to it and is a bridge member Yes, that is a problem. Assign REDACTED.REAL.IP to bridge1, not to bge1. =E2=80=94 Kristof --=_MailMate_72B40741-7BCB-4D0A-A38B-C7EA3C9AC3F8_= Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

On 21 May 2025, at 16:40, void wrote:

On Mon, May 19, 2025 at 11:33:50AM +0100, Lexi Winter wro= te:

although it's possible everyone who is affected by this i= s already aware
of the change, i thought i should send a heads up anyway, if only to
have a single place to discuss this (since there was quite a lot of
discussion).

in short, following this commit...

b61850c4e6f "bridge(4): default net.link.bridge.memb= er_ifaddrs to false"
https://cgit.freebsd.org/src/commit/?id=3Db61850c4e= 6f6b0f21b36da7238db969d9090309e

...it is now impossible to use a network interface which = has an IP
address assigned to it as a bridge member, or to configure an IP
address on an interface which is a member of a bridge.

Hi, for the sake of clarity, when you say "IP addres= ses assigned to it as
a bridge member", do you mean assigned via eg rc.conf on the host, or assigned, for example within a VM, or assigned within a bridge stateme= nt? [1]

I have a machine with 2x NICs with static ips assigned in= the
usual way in rc.conf. They are also bridge members (they have to be other= wise the tap interfaces on the bhyve VMs wouldn't work)
Within each vm the interfaces are assigned either static or dynamic
IPs. I don't use vm-bhyve. Do I need to worry? [2]

[1] example - /etc/rc.conf snippet on the bhyve host

ifconfig_bge1=3D"inet REDACTED.REAL.IP netmask 255.2= 55.255.248 mtu 1500 media 1000baseT mediaopt full-duplex,master"
= defaultrouter=3D"REDACTED.REAL.GATEWAY"
ifconfig_bge1_ipv6=3D"inet6 accept_rtadv"

ifconfig_bridge1=3D"addm bge1 addm tap10 addm tap11 = addm tap12
addm tap13 addm tap14 addm tap15 addm tap16 addm tap17 addm tap18 addm ta= p19"

[2] because here bge1 has an ip addigned to it and is a b= ridge member

Yes, that is a problem. Assign REDACTED.REAL.IP to bridge= 1, not to bge1.

=E2=80=94
Kristof

--=_MailMate_72B40741-7BCB-4D0A-A38B-C7EA3C9AC3F8_=--