From nobody Fri Mar 31 09:49:39 2023 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PnwVv3l64z42Dl4 for ; Fri, 31 Mar 2023 09:49:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PnwVv2d1Fz3DQS for ; Fri, 31 Mar 2023 09:49:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1680256183; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=edi3b0JoONsl9quCJOQ3nKFXV6PAcOW0pgl9qlzCsXU=; b=YDyAq3t5+g9mU5fYsRiF3b9x43d1LwjT6I2qekjwSRE3WpbPNqjkljUAMLt4MbkiY7dXyx qePDHzDLWMAlGgHEqGSVQp81r9rRbou4jlTEh3UV2tatuLaUnIzTiO+J36awS5Vi92O2hW 29BoCXuPo0RLkGLApvMi1GBPJ1iD+Yzyp37Mt9DOd6RWX+lthcsZVXN74TrBT1emxjwNtp 5h6lFh9eMQkdm7WwU2QHNCuLDmJPOdwdf1vXT23W0lG234s6KmvoL9v7ZRJY1+oti8xbrP XTqO1/G0f4iuryRNiSiCnEI4Kxu7Cds30zvPIkOh4O5P+Zr/sag+3rTZZ4w32A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1680256183; a=rsa-sha256; cv=none; b=WuevfBMnLXmvD+bwqpge8TM7ccpSBZ1ZpUJ0vNkNCK/FYaoQMktsvQUrrvdaU8Uf54yndS wASL2ikIHJYz97D7W+t9lwO5DL7UR/ky72msFBorp2Kj1ee3CRl5GmFT4eeE0cIdCxRbkY nRoB29CvJxtl/biUlrI4wgtTaEXK2N/A7Ea81CDvg4dPfphFwEO3aBHym0t8PXTGb0+XYH ZCjKayGqE33p6BUGT08J2geSAzNn9l+pqdVZuQ9TmosMinjIZ+/qRGD4XMzta/ZszsMXbz EX3KwY9nA3571lbe+aAvdP2SJtSRTyylx1LWypUQ9lTeKrahoB5bJDGJeZgGng== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PnwVv1hmvzprP for ; Fri, 31 Mar 2023 09:49:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 32V9nhlc041364 for ; Fri, 31 Mar 2023 09:49:43 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 32V9nhXM041363 for jail@FreeBSD.org; Fri, 31 Mar 2023 09:49:43 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 240106] VNET issue with ARP and routing sockets in jails Date: Fri, 31 Mar 2023 09:49:39 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: zlei@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D240106 --- Comment #30 from Zhenlei Huang --- (In reply to Kristof Provost from comment #13) Let bridge(4) ignore all packets with vlan tag might be too aggressive. All tagged packets are ignored. I'd propose to make bridge(4) decide by configuration. That is something similar with hardware switches. Some syntax like this: ``` # ifconfig bridge0 vlan 10,20,100-200 # ifconfig bridge0 addm em0 link-type trunk # ifconfig bridge0 addm em1 link-type hybrid # ifconfig bridge0 addm em2 link-type access # ifconfig bridge0 addm em0 trunk vlan 10,100-110 # ifconfig bridge0 addm em1 hybrid vlan all # ifconfig bridge0 addm em2 access vlan 20 ``` Then bridge(4) determines to accept tagged / untagged packets by checking t= he configuration of port member. For example, as the syntax above, bridge0 is interested in vlan 10,20,100-2= 00, any packets received on em1 without vlan tag 10,20,100-200 will be ignored = and returned for local processing. As for em2, tagged packets are ignored, and untagged packets will be add vl= an tag 20 and processed normally (by bridge0). --=20 You are receiving this mail because: You are the assignee for the bug.=