vlans + bridging is "interesting"
John-Mark Gurney
jmg at funkthat.com
Mon Nov 27 17:25:53 UTC 2017
Michal Buchtk wrote this message on Sat, Nov 25, 2017 at 10:32 +0100:
> maybe i don't understand you needs, but why do you create bridge0 and
> add local ip's to it?.
Because I want/need to be able to run VM's also on em0's untagged domain.
> When you would like to see untaged packets on VM, to this simple setup:
> keep em0 as "trunk" interface
> create interface em0.14
> create bridge14 and add to it interfaces tap0 and em0.14
> add local ip to bridge14
>
> ifconfig em0.14 create
> ifconfig em0.14 up
> ifconfig bridge14 create
> ifconfig bridge14 addm tap0 addm em0.14
> ifconfig bridge14 up
> ifconfig bridge14 <localip>
>
> then your VM will can communicate (untagged) with your host system, and
> you will see tagged packets on em0 (and untagged on em0.14 of course)
Yes, and that prevents me running some of my VM's that I want to be able
to...
> Dne 25.11.2017 v 2:47 John-Mark Gurney napsal(a):
> > Hello,
> >
> > I decided to try to run some bhyve VM's on my machine and bridge
> > them to a guest vlan on my main interface. I also want to support
> > running bhyve VM's on the untagged part of the interface as well
> > (this is the key problem as I'll describe later).
> >
> > I configure it as you'd expect. Bridge the main interface em0, and
> > put the local IP's on the bridge0. Then I added an interface em0.14
> > that untags packets from em0, and added it to bridge1 along w/ a tap0
> > for the VM. This does not work. Packet goes out and comes back and
> > is observed on em0, but never appears on either em0.14 or bridge1.
> >
> > After seeing: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=139268
> >
> > I decide to look on bridge0, and see the tagged vlan packet on that
> > interface. I attempted to add bridge0 as the vlandev for em0.14, but
> > that doesn't work:
> > #ifconfig em0.14 vlan 14 vlandev bridge0
> > ifconfig: SIOCSETVLAN: Protocol not supported
> >
> > So, I did finally get things working by using epair. I added an epair
> > to the bridge, and that allows me to untag the packet, and pass on to
> > bridge1.
> >
> > I have not attempted to use the patch in 139268, but if people think
> > it is an acceptable solution (with patch, if I set LINK0, it should work
> > w/ original configuration), I'll test and commit the patch.
> >
> > Otherwise, please submit another fix.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-net
mailing list