bridging VLAN interfaces and STP

Dustin J. Mitchell dustin at v.igoro.us
Sun Aug 26 12:12:53 UTC 2012 

On Sat, Aug 25, 2012 at 7:04 PM, Dustin J. Mitchell <dustin at v.igoro.us> wrote:
> Hey folks.  I'm trying to set up a system with one 802.1q-tagged
> upstream, and a few untagged interfaces.  So I'd like to bridge the
> vlan(4) interfaces on vr1 to specific other interfaces.
>
> hilbert ~ # ifconfig bridge10
> bridge10: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>         ether 02:f4:a1:63:5a:0a
>         inet 172.16.1.21 netmask 0xffffff00 broadcast 172.16.1.255
>         nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
>         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
>         maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
>         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
>         member: vr3 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 4 priority 128 path cost 55
>         member: vr2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 3 priority 128 path cost 55
>         member: vr1.10 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 8 priority 128 path cost 200000
>
> Now, if I try to enable STP on these:
>
> hilbert ~ # ifconfig bridge10 stp vr2
> hilbert ~ # ifconfig bridge10 stp vr3
> hilbert ~ # ifconfig bridge10 stp vr1.20
> ifconfig: unable to get bridge flags: No such file or directory
>
> and, indeed, the first two succeeded and the third did not:
>   ...
>         member: vr3 flags=147<LEARNING,DISCOVER,STP,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 4 priority 128 path cost 55 proto rstp
>                 role disabled state discarding
>         member: vr2 flags=147<LEARNING,DISCOVER,STP,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 3 priority 128 path cost 55 proto rstp
>                 role disabled state discarding
>         member: vr1.10 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 8 priority 128 path cost 200000
>
> I tried a bridge interface with vlan'd members only (vr2.10 and
> vr1.10, to be exact), and still saw this error.
>
> So it looks like you can't run STP on vlan interfaces?  Can someone
> confirm?  Or is there a secret sysctl to enable this?
>
> I'll admit this is a minor point - I'll just leave STP off and not
> make loops - but it'd be nice to do the right thing :)
>
> Dustin

And I can verify that STP's *not* working on those interfaces because
I just inadvertently created a forwarding loop.

Incidentally, it makes sense in retrospect, but the if_bridge(4)
manpage doesn't mention that gateway_enable is required for bridging
to actually forward packets.

Dustin

More information about the freebsd-net mailing list