[SOLVED] Re: Inter-VLAN routing on CURRENT: any known issues?

[O. Hartmann]

On Wed, 19 Jul 2017 16:44:16 +0300
Sergey Zhmylove <Sergey.Zhmylove at elcom.spb.ru> wrote:

To make things short:

Routing works as expected (even with the default route goinf via NAT).

The reason for the problems was: some in-hardware vlan feature support of the
i210/i350 chipset driver (or the chipset itself) seem to be broken.

I did not iterate deeply over the feature list, but I will soon, this is what
works so far for me at the moment with i210:

ifconfig_igbX="-vlanhwtso -vlanhwcsum -vlanhwfilter -vlanhwtag up"

Although I have disabled the feature "-vlanhwcsum" which the hardware
obviously provides, checking via ifconfig reveals:
igb1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=6025ab<RXCSUM,TXCSUM,VLAN_MTU,JUMBO_MTU,VLAN_HWCSUM,TSO4,LRO,WOL_MAGIC,RXCSUM_IPV6,TXCSUM_IPV6>

But this couldn't then be the culprit.

Some people mentioned earlier and suggested highly to disable those features -
I tried and put the minus-prepended disabling tag into rc.conf's
"create_args_igbX=..." - obviously not correct in that context.

Thank you very much for assisting!

Kind regards,

Oliver


> Do you receive packets from 192.168.2.0/24 and 192.168.3.0/24 on igb1.2 
> and igb1.3 respectively?
> Do you really need NAT? As far as I can see, you're looking for basic 
> static inter-VLAN routing.
> Could you check the communication between 2.0/24 and 3.0/24 with 
> unloaded ipfw module (just to exclude ipfw from the investigation)?
> 
> I have a lot of installations of such scheme on em(4) and re(4) devices 
> -- no problems at all. Even maybe there was igb(4) devices too.
> 
> Sergey <KorG> Zhmylove
> 17.07.2017 0:31, O. Hartmann пишет:
> > Am Sun, 16 Jul 2017 23:14:41 +0200
> > Frank Steinborn <steinex at nognu.de> schrieb:
> >  
> >> O. Hartmann <ohartmann at walstatt.org> wrote:  
> >>> I have not have any success on this and I must ask now, to not make a
> >>> fool out of my self, whether the concept of having several vlan over one
> >>> single NIC is possible with FreeBSD (12-CURRENT, as of today, r321055.
> >>>
> >>> Since it is even not possible to "route" from a non-tagged igb1 to a
> >>> tagged vlan igb1.2 or igb1.66 (for instance) on the same NIC, I have a
> >>> faint suspect that I'm doing something terribly wrong.
> >>>
> >>> I think everyone working with vlan should have those problems, but since
> >>> I can not find anything on the list, I must do something wrong - my
> >>> simple conclusion.
> >>>
> >>> What is it?  
> >> Do you have enabled net.inet.ip.forwarding?
> >>  
> > Of course I have. As I stated earlier, ICMP pings from on VLAN to another
> > over this router works, but any IP (UDP, TCP) is vanishing into thin air.
> >
> > I don't have a FBSD-11-STABLE reference system at hand, so that I can check
> > with another revision/major release of the OS, but I work on that.
> >  
> 
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"