Bridge(4) not learning

Andreas Wrede aew.freebsd at wrede.ca
Sat Jun 6 18:50:38 UTC 2015 

On a FreeBSD 10.1/amd64 system, I have a bridge(4) configured with a tap(4) and igb(4) interface as members:

# ifconfig tap0 create up
# ifconfig bridge0 create addm tap0 addm igb1 up

igb1 is the interface to the local LAN with 192.168.0.1 as the servers IP address, tap0 is used by openvpn. (igb0 is used for the outside pppoe connection via mpd5)

# ifconfig igb1
igb1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO>
	ether c8:0a:a9:c8:7e:87
	inet6 fe80::ca0a:a9ff:fec8:7e87%igb1 prefixlen 64 scopeid 0x2 
	inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
	media: Ethernet autoselect (1000baseT <full-duplex>)
	status: active

#  ifconfig tap0
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=80000<LINKSTATE>
	ether 00:bd:b3:c4:2e:00
	inet6 fe80::2bd:b3ff:fec4:2e00%tap0 prefixlen 64 scopeid 0x7 
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	media: Ethernet autoselect
	status: active
	Opened by PID 16731

#  ifconfig  bridge0  
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	ether 02:b6:bc:d0:88:00
	nd6 options=1<PERFORMNUD>
	id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
	maxage 20 holdcnt 6 proto stp maxaddr 2000 timeout 1200
	root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
	member: igb1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
	        ifmaxaddr 0 port 2 priority 128 path cost 20000
	member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
	        ifmaxaddr 0 port 7 priority 128 path cost 2000000

With openvpn configured, I can now connect and ping 192.168.0.1 from a remote host.

However no other host on the local LAN (192.168.0.0/24) is reachable! 

Looking at the addresses the bridge has learned I only see the remote host's address on the tap(4) side:

#  ifconfig  bridge0 addr
f6:68:1f:e6:cf:38 Vlan1 tap0 114 flags=0<>
#

No addresses from the igb1 side of the bridge are ever learned. Pinging a host on the LAN from the remote host produces the expected arp requests and replies on the LAN side but the bridge never learns the address, thus packets are not forwarded back to the remote host.

Things I have tried without success:
- disabled the pf firewall
- entered static mac address (ifconfig bridge0 static igb1 00:13:20:3f:e5:ff)

I have the same setup working properly on another FreeBSD 10.1 system. The only difference (besides IP address values) are the network interfaces, the other setup uses a em(4) interface.

Is there any other configuration setting I am missing or does bridging just now woke with igb(4)s?

-- 
    aew

More information about the freebsd-questions mailing list