From nobody Thu Jan 23 10:18:01 2025 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ydxj56r69z5kjW6 for ; Thu, 23 Jan 2025 10:18:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ydxj5381Sz3xZk for ; Thu, 23 Jan 2025 10:18:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737627481; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6FVguwtJEbtqHzaKTGKZc42U1V/Wg4NhwdOyibUwmyA=; b=wmIclpA4KB4AEYHIHk0hRuiCkeDKcBp9qOLegdrE2dGPl0bbIUiEI4QyA/44Am3qz4w+cr OMkUyxsQp4XO5opFC7b1odSebekVNR4cqsdE6Lu04Upmp+sU74q/j4PkPGmEBurX7RB4pX bUdvkXvri7FkbW4L4kt1AqGngQBXsEr+vG1VpFkOYaoegHAGkY2T5EwEad56nA660GKexm axw0bUGHcYomcwSyqY1WBHWyN0jhJto96yXA5qvdzekhKt6D6Q2CVbbtfzV8pvot2xt4tH ANWos9cUHVP3q+U7qTNnLhN1o1DNrC/AX7J72j+vz2i9ppl45NTsumI8ujKknQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737627481; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6FVguwtJEbtqHzaKTGKZc42U1V/Wg4NhwdOyibUwmyA=; b=MZCdtojrxmfmINahM6ZymtqbijVEqrMdezigFgxB9sf4vDRlW9pdAAzxYCUubn8unLXLjl lLJ3rMJN3LopzTHqHrYQMn2E+XEFwbIbq7rO3/7wFa4WSGjyvAIve8zwGxHvt7XfgWm4WN nKkKlq8Ks5z9eNY6ZcryQBJHJnCS3hqlK8kxHNq0xmop0O2XU6Or+WGno+KGm8TSzRg1MZ gqhwS7VQ07ZkZDzbuu3IK7tjjDSoWQq7KFeuiYP+hj8V2X5kz4/2eryHO+CWwLr71fx7K4 DvXoluvGn772QzAGV/YIYpMuNSGFld7QO+2gkULMQVWTqwd8XjWNy5e1Wegyhw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1737627481; a=rsa-sha256; cv=none; b=SrSN0gfwHtWIbSEOTxjYIU5hiPXKmwWWt/cZVzaL455x+6s6yNcqW3tGcXdShB8jKNZbZe ROI3T8Q0jaa65dKzST4advozgarbyCwgHpVnzSyOzTw/OulvMfM0DxwOwkppG/G8qS+7fV XSErRqwxdL8wM+inh1BihJonOW5Jjwf6oGcmovpNOtLrxAPB9mlDO2KSsIRlYWgZ4rZ3g6 dzZmgQ0cO3lQlRYHPflok/w4aaomeATZcRxV9TFpLrjmGPmFsH4MTl1Ai6Mgwuw3fCqcz4 1n9P7twI7Ybc0fY+QFCBagZNjEm1UUiljviMRBXgTtft31k1zctkHyacIvfylg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ydxj52lZKzb8y for ; Thu, 23 Jan 2025 10:18:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 50NAI1bI083203 for ; Thu, 23 Jan 2025 10:18:01 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 50NAI1bG083202 for net@FreeBSD.org; Thu, 23 Jan 2025 10:18:01 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 238198] Traffic through a vm -> bridge(4) -> vlan -> ix(4) does not return Date: Thu, 23 Jan 2025 10:18:01 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: needs-qa X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vladi.kamburov@gmail.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D238198 vlad changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vladi.kamburov@gmail.com --- Comment #17 from vlad --- Hi there. Are there any solutions about the reported issue? Because I ran into the same tag-vlan bridge related bug on FreeBSD 14.2 release. A brief netflow topology of my vm-bhyve setup config: vm-guest -> tap_if -> bridge -> lagg0.101 -> lagg0 -> switch link aggregation(lacp proto). My configuration: The bridge and interface configuration was made trough a vm-bhyve utilities: I have two bridges:=20 First for all permitted tagged/untagged traffic # ifconfig vm-prod-untag vm-prod-untag: flags=3D1008843 metric 0 mtu 1500 options=3D0 ether 76:af:6f:48:e6:44 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: tap0 flags=3D143 ifmaxaddr 0 port 10 priority 128 path cost 2000000 member: lagg0 flags=3D143 ifmaxaddr 0 port 6 priority 128 path cost 10000 groups: bridge vm-switch viid-688c3@ nd6 options=3D9 Second for tagged vlan101 # ifconfig vm-mgmt-v101 vm-mgmt-v101: flags=3D1008843 metric 0 mtu 1500 options=3D0 ether 6e:09:e8:bd:9e:bb id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: tap1 flags=3D143 ifmaxaddr 0 port 11 priority 128 path cost 2000000 member: lagg0.101 flags=3D143 ifmaxaddr 0 port 9 priority 128 path cost 10000 groups: bridge vm-switch viid-55f45@ nd6 options=3D9 # ifconfig lagg0.101 lagg0.101: flags=3D1008943 me= tric 0 mtu 1500 description: vm-vlan/mgmt-v101/lagg0.101 options=3D0 ether 3c:ec:ef:f5:f0:54 groups: vlan vm-vlan viid-c50e3@ vlan: 101 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=3D29 # ifconfig lagg0 lagg0: flags=3D1008943 metric 0 mtu 1500 =20=20=20=20=20=20=20 options=3D8120b8 ether 3c:ec:ef:f5:f0:54 hwaddr 00:00:00:00:00:00 laggproto lacp lagghash l2,l3 laggport: igb2 flags=3D1c laggport: igb3 flags=3D1c groups: lagg media: Ethernet autoselect status: active nd6 options=3D29 # vm switch list NAME TYPE IFACE ADDRESS PRIVATE MTU VLAN PORTS prod-untag standard vm-prod-untag - no - - lagg0 mgmt-v101 standard vm-mgmt-v101 - no - 101 lagg0 # vm switch info ------------------------ Virtual Switch: prod-untag ------------------------ type: standard ident: vm-prod-untag vlan: - physical-ports: lagg0 bytes-in: 249898 (244.041K) bytes-out: 0 (0.000B) virtual-port device: tap0 vm: devuan5 ------------------------ Virtual Switch: mgmt-v101 ------------------------ type: standard ident: vm-mgmt-v101 vlan: 101 physical-ports: lagg0 bytes-in: 78782 (76.935K) bytes-out: 0 (0.000B) virtual-port device: tap1 vm: devuan5 On the guest-vm tap1 interface the broadcast/multicast traffic on given vla= n is monitored: 13:36:54.002150 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:36:54.678090 e4:4e:2d:20:73:b0 > 01:00:0c:cc:cc:cd, 802.3, length 50: LL= C, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0x03: oui Cisco (0x00000c), pid PVST (0x010b), length 42: STP 802.1w, Rapid STP, Flags [Lea= rn, Forward], bridge-id 8065.e4:4e:2d:20:73:80.8030, length 42 13:36:55.332705 18:e8:29:e0:8f:af > 01:00:5e:7e:7f:3f, ethertype IPv4 (0x08= 00), length 60: 192.168.101.18 > 239.254.127.63: igmp v2 report 239.254.127.63 13:36:55.472674 a8:42:a1:3e:ad:3d > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 766: 192.168.101.56.32953 > 255.255.255.255.29810: UDP, length 724 13:36:55.503004 a8:42:a1:3e:ae:95 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 765: 192.168.101.50.45589 > 255.255.255.255.29810: UDP, length 723 At the bridge level MAC addresses are learned also # ifconfig vm-mgmt-v101 addr 3c:ec:ef:ed:ba:23 Vlan0 lagg0.101 1161 flags=3D0<> 18:e8:29:e0:8f:af Vlan0 lagg0.101 1179 flags=3D0<> 80:2a:a8:56:06:d8 Vlan0 lagg0.101 1194 flags=3D0<> a8:42:a1:3e:ae:2e Vlan0 lagg0.101 1190 flags=3D0<> a8:42:a1:3e:ae:1a Vlan0 lagg0.101 1199 flags=3D0<> a8:42:a1:3e:ae:5a Vlan0 lagg0.101 1199 flags=3D0<> a8:42:a1:3e:ae:9f Vlan0 lagg0.101 1197 flags=3D0<> a8:42:a1:3e:ae:0c Vlan0 lagg0.101 1197 flags=3D0<> a8:42:a1:3e:ad:70 Vlan0 lagg0.101 1195 flags=3D0<> a8:42:a1:3e:ae:11 Vlan0 lagg0.101 1194 flags=3D0<> a8:42:a1:3e:ad:3d Vlan0 lagg0.101 1193 flags=3D0<> a8:42:a1:3e:ae:95 Vlan0 lagg0.101 1193 flags=3D0<> e4:4e:2d:20:73:b0 Vlan0 lagg0.101 1199 flags=3D0<> 58:9c:fc:03:ff:48 Vlan0 tap2 1196 flags=3D0<> Debugging: When i start dhclient on guest vm, on the lagg0.101 only DHCP Requests are monitored. # tcpdump -ni lagg0.101 -e port 67 or port 68 -n tcpdump: verbose output suppressed, use -v[v]... for full protocol decode listening on lagg0.101, link-type EN10MB (Ethernet), snapshot length 262144 bytes 13:50:20.685895 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:24.542102 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:27.733103 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x08= 00), length 342: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 On the lagg0 DHCP Request and DHCP Reply are monitored tcpdump -ni lagg0 -e vlan 101 and port 67 or port 68 -n tcpdump: verbose output suppressed, use -v[v]... for full protocol decode listening on lagg0, link-type EN10MB (Ethernet), snapshot length 262144 byt= es 13:50:20.685898 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:20.686402 d2:f7:aa:37:2c:73 > 58:9c:fc:03:ff:48, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 192.168.101.1= .67 > 192.168.101.165.68: BOOTP/DHCP, Reply, length 300 13:50:24.542106 58:9c:fc:03:ff:48 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 58:9c:fc:03:ff:48, length 300 13:50:24.542858 d2:f7:aa:37:2c:73 > 58:9c:fc:03:ff:48, ethertype 802.1Q (0x8100), length 346: vlan 101, p 0, ethertype IPv4 (0x0800), 192.168.101.1= .67 > 192.168.101.165.68: BOOTP/DHCP, Reply, length 300 In inbound direction somewhere between lagg0 -> lagg0.101 unicast packets a= re lost. ARP proto, the same situation. If I remove lagg0 as a member from the bridge vm-prod-untag, on the other vm-mgmt-v101 bridge the unicast tagged packets appears. No matters if we use link-aggregation lagg or physical igbX interface. Solution can be to use only tagged vlans on the same parent interface, or untagged traffic to be configured on a standalone interface. Regards, --=20 You are receiving this mail because: You are the assignee for the bug.=