issue with ng_vlan nomatch connected to the bridge
- Reply: Benoit Chesneau : "Re: issue with ng_vlan nomatch connected to the bridge"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 29 Apr 2022 07:17:23 UTC
I have an issue with the way the nomatch hook is working. I have linked the nomatch hook from a lan to a bridge but I can only get the native vlan in it. I can't even ping new link added to this bridge. Maybe I am missing some connection?
My goal is to be able to catch non filtered vlan in an ng_bridge so I can use them (an dpass newcreated vlan) from a firewall vm in bhyve.
Following the advice of a previous thread, I have created a vlan peer over the lagg0 created using ifconfig and 3 bridge, 2 connected to filtered vlan (102 and 200) and 1 to nomatch. This is sumarised in the following diagram: https://imgur.com/a/aDfUQz6
The configuration is the following:
```
mkpeer lagg0: vlan lower downstream
name lagg0:lower vlan0
mkpeer vlan0: bridge 102 link0
mkpeer vlan0: bridge 200 link0
mkpeer vlan0: bridge nomatch link0
msg vlan0: addfilter { vid=102 hook="102" }
msg vlan0: addfilter { vid=200 hook="200" }
name vlan0:102 bgpnet
name vlan0:200 services
name vlan0:nomatch public
msg lagg0: setpromisc 1msg lagg0: setautosrc 0
```
Should I connect the nomatch bridge to downstream or anything else? Why Can't I ping the VM connected to that bridge while it can get its IP using DHCP?
Any help is welcome :)
BenoƮt