Re: git: b61850c4e6f6 - main - bridge(4): default net.link.bridge.member_ifaddrs to false

Reply: Kevin Bowling : "Re: git: b61850c4e6f6 - main - bridge(4): default net.link.bridge.member_ifaddrs to false"
In reply to: Kevin Bowling : "Re: git: b61850c4e6f6 - main - bridge(4): default net.link.bridge.member_ifaddrs to false"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Lexi Winter <ivy_at_FreeBSD.org>
Date: Fri, 16 May 2025 13:05:42 UTC

Kevin Bowling:
> On Fri, May 16, 2025 at 5:17 AM Lexi Winter <ivy@freebsd.org> wrote:
> > is "epair0a" also in a bridge?  if so, this is intentional.

> Hmm, can you clarify what you mean?  I think that is a common
> configuration, it is mentioned in epair(4).

basically there are two supported configurations:

- epair, with an IP address, not in a bridge (e.g., routed access
  configuration)
- epair, in a bridge, without an IP address (e.g., layer 2 access
  configuration)

both of these configurations are fine and are still supported.

there is also a third, secret configuration:

- epair, with an IP address, in a bridge.

this third configuration has never worked properly for various reasons,
so the change in b61850c4e6f6 is to prevent people from doing it and
ending up with a subtly broken network.  the reason it's a sysctl is
that some people are currently using this configuration and may not be
able to migrate immediately.  this is *not* meant to be a long-term
solution and i intend to remove it prior to 16.0-RELEASE.

the correct fix here (rather than enabling the sysctl) is to configure
the IP addresses on the bridge instead of the epair, which is now
documented in bridge(4).

(this applies to all types of network interface that can live in
bridges, not just epairs.)

there's also a thread on current@ about this[0] with some additional
discussion; i didn't notice when i replied here since i read my personal
email first.

[0] https://lists.freebsd.org/archives/freebsd-current/2025-May/007602.html