Date: Thu, 15 May 2003 11:48:03 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: Marco Wertejuk <wertejuk@mwcis.com> Cc: freebsd-hackers@freebsd.org Subject: Re: vlan/bridging broken in 4.8-release? Message-ID: <20030515114239.Y95792@news1.macomnet.ru> In-Reply-To: <20030514184845.GA7573@maeko> References: <20030514184845.GA7573@maeko>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On 20:48+0200, May 14, 2003, Marco Wertejuk wrote: > Hello, > > I'm trying to get bridging working on vlans, and it seems as > if packet destined for the other side of the bridge > don't get forwarded from the vlan-if to the phys-if and > vice versa. > > An example: there are two hosts (foo[10.1.2.1/24], > bar[10.1.2.2/24]) and the bridge doh. All 4.8-RELEASE. > > foo is crosslinked to doh's fxp1, bar is on a hp procurve > switch in vlan 11. doh uses fxp0 to the switch and has > vlans enabled, see ifconfig on doh: > > fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 > ether 00:d0:b7:9a:1a:0e > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 > ether 00:d0:b7:9a:1a:0f > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > ether 00:d0:b7:9a:1a:0e > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > vlan: 11 parent interface: fxp0 > > Bridging is enabled between vlan0 and fxp1. > > Now, when bar tries to ping foo (traffic goes > from vlan0 to fxp1) this happens on doh: > (tcpdump -tni fxp0): > 802.1Q vlan#11 P0 arp who-has 10.1.2.1 tell 10.1.2.2 > 802.1Q vlan#11 P0 arp reply 10.1.2.1 is-at 0:d0:b7:b:1e:92 > 802.1Q vlan#11 P0 10.1.2.2 > 10.1.2.1: icmp: echo request > (tcpdump -tni vlan0): > arp who-has 10.1.2.1 tell 10.1.2.2 > arp reply 10.1.2.1 is-at 0:d0:b7:b:1e:92 > > The icmp echo request is not passed to the vlan-if > because it's not to a broadcast packet and so it is > not bridged. > > Is there a trick to get this working or do you need > more debug info? I am trying to solve some bugs in bridging code in -current. I believe we have the same bugs in -stable as well. First of all, do not use bridge.ko, use 'options BRIDGE' in your kernel config file instead. Second, try to play with net.inet.ip.check_interface sysctl. HTH -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030515114239.Y95792>