transparent bridge and ARP proxy confusion
    Nerius Landys 
    nlandys at bioeng.ucsd.edu
       
    Wed Mar 16 11:27:02 PST 2005
    
    
  
I came across this bug (or feature) in the FreeBSD "transparent bridge"
module, and am wondering whether or not anyone can shed some light on it.
By "transparent bridge", I mean that my /boot/loader.conf file has the
line
  bridge_load="YES"
and that my /etc/rc.conf file has the line
  ifconfig_fxp0="inet 192.168.0.6 netmask 255.255.255.0"
(that is, want my FreeBSD bridge machine to be manageable)
and that my /etc/sysctl.conf file has the lines
  net.link.ether.bridge.enable=1
  net.link.ether.bridge.config=fxp0,fxp1
I have the following network topology:
                 +======================================+
                 |  FreeBSD 5.3 as transparent bridge   |
                 |                                      |
                 |                                      |
                 |     192.168.0.6                      |
                 |       /                              |
                 |      /                               |
                 |    fxp0                fxp1          |
                 | 00:02:b3:da:50:ba  00:02:b3:da:50:bb |
                 +======================================+
                          /                \
                         /                  \
                        /                    \
                       /                      \ 100baseTX <full-duplex>
                      /                        \
                     / 10baseT/UTP              \
                    /                            \
                   /                              \
                  /                                \
    +=========================+        +=========================+
    | An old crufty Linux     |        |  00:0e:0c:68:e3:94      |
    |    box that plays no    |        |        /                |
    |    role in this         |        |   192.168.0.2           |
    |    discussion           |        |  (A non-BSD box)        |
    +=========================+        +=========================+
The bug (or feature) is that the FreeBSD bridge appears not to make up
its mind about which of its two MAC addresses (00:02:b3:da:50:ba and
00:02:b3:da:50:bb) to send as the "owner" of IP address 192.168.0.6.
The details, gotten with tcpdump, are as follows.
First, I boot up all three machines.  The output of 'arp -na' on
the FreeBSD host returns the following output:
  # arp -na
  ? (192.168.0.6) at 00:02:b3:da:50:ba on fxp0 permanent [ethernet]
The 192.168.0.2 host's ARP cache is empty at this point.
I start 'tcpdump -ne' on the 192.168.0.2 host.
Now I ping host 192.168.0.2 from the FreeBSD host 192.168.0.6:
  # ping 192.168.0.2
  PING 192.168.0.2 (192.168.0.2): 56 data bytes
  64 bytes from 192.168.0.2: icmp_seq=0 ttl=64 time=1.058 ms
  ^C
  --- 192.168.0.2 ping statistics ---
  1 packets transmitted, 1 packets received, 0% packet loss
  round-trip min/avg/max/stddev = 1.058/1.058/1.058/0.000 ms
On host 192.168.0.2, the tcpdump output:
  00:10:53.445868 0:2:b3:da:50:ba Broadcast arp 60:
                    arp who-has 192.168.0.2 tell 192.168.0.6
  00:10:53.445888 0:e:c:68:e3:94 0:2:b3:da:50:ba arp 42:
                    arp reply 192.168.0.2 is-at 0:e:c:68:e3:94
  00:10:53.446615 0:2:b3:da:50:bb 0:e:c:68:e3:94 ip 98:
                    192.168.0.6 > 192.168.0.2: icmp: echo request
  00:10:53.446634 0:e:c:68:e3:94 0:2:b3:da:50:ba ip 98:
                    192.168.0.2 > 192.168.0.6: icmp: echo reply
  00:10:58.442471 0:e:c:68:e3:94 0:2:b3:da:50:ba arp 42:
                    arp who-has 192.168.0.6 tell 192.168.0.2
  00:10:58.442925 0:2:b3:da:50:bb 0:e:c:68:e3:94 arp 60:
                    arp reply 192.168.0.6 is-at 0:2:b3:da:50:bb
As we see here, The FreeBSD host started with an ARP request, claiming
its interface to be 192.168.0.6 at the MAC ending in 'ba'.  Once it
learns the information that it asks for (the second frame), it sends out
its request ICMP 'ping' packet (the third frame), claiming its return
address to be different this time, namely the MAC address ending in 'bb'.
Finally, in the sixth frame, it claims its MAC address for its
locally configured "bridge endpoint" to be the one ending in 'bb', not
'ba'.
My first guess as to why this may be happening is that ARP is not
*really* part of the IP layer, and perhaps the MAC address handling
is slightly different in the two modules - ARP and IP.  Although,
looking at the sixth frame captured and comparing it to the first,
I'm still shrugging my shoulders.
This MAC address inconsistency is causing no problems on my network.
I'm just curious as to why this isn't behaving the way I want it to
behave -- I want it to behave such that only the MAC address ending in
'ba' is ever transmitted as the source MAC address of a frame originating
from this FreeBSD host.
Being the curious type, I experimented with OpenBSD, installing it onto
the same host which ran FreeBSD, and also acting as a transparent bridge.
With OpenBSD it behaves as I would expect, as a transparent bridge and
not as an "ARP proxy" part of the time.
Let me note that Ethernet frames exchanged between the two non-BSD
hosts on my network (pictured above) behave fully transparently; that is,
Ethernet frames sent by 192.168.0.2 destined for the "old crufty Linux
box" have a source MAC address of 00:0e:0c:68:e3:94 as recorded by
tcpdump running on the "old crufty Linux box".
The 'ifconfig' output from the FreeBSD bridge:
  fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
          options=8<VLAN_MTU>
          inet6 fe80::202:b3ff:feda:50ba%fxp0 prefixlen 64 scopeid 0x1
          inet 192.168.0.6 netmask 0xffffff00 broadcast 192.168.0.255
          ether 00:02:b3:da:50:ba
          media: Ethernet autoselect (10baseT/UTP)
          status: active
  fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
          options=8<VLAN_MTU>
          inet6 fe80::202:b3ff:feda:50bb%fxp1 prefixlen 64 scopeid 0x2
          ether 00:02:b3:da:50:bb
          media: Ethernet autoselect (100baseTX <full-duplex>)
          status: active
Any insights appreciated.  Thanks.
-Nerius
    
    
More information about the freebsd-net
mailing list