HEADS UP: 15.0-CURRENT, change t o_bridge(4)_might_break_some_network_configurations_with_ “Invalid argument”
- Reply: Paul Vixie : "HEADS_UP:_15.0-CURRENT,_change_to_bridge(4)_might_bre ak_some_network_configurati ons_with_“Invalid_argument”"
- Reply: void : "Re: HEADS UP: 15.0-CURRENT, chan ge_to_bridge(4)_might_break_some_network_configurations_wit h “Invalid argument”"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 19 May 2025 10:33:50 UTC
hello, although it's possible everyone who is affected by this is already aware of the change, i thought i should send a heads up anyway, if only to have a single place to discuss this (since there was quite a lot of discussion). in short, following this commit... b61850c4e6f "bridge(4): default net.link.bridge.member_ifaddrs to false" https://cgit.freebsd.org/src/commit/?id=b61850c4e6f6b0f21b36da7238db969d9090309e ...it is now impossible to use a network interface which has an IP address assigned to it as a bridge member, or to configure an IP address on an interface which is a member of a bridge. the immediate, "oh shit, my network is broken" fix for this issue is to set the sysctl net.link.bridge.member_ifaddrs=1. this will restore the previous behaviour of bridge(4). however, the preferred fix is that if you are doing something like this in /etc/rc.conf: cloned_interfaces="bridge0" ifconfig_ix0="1.1.1.1/24" ifconfig_bridge0="addm ix0" you should do this instead: cloned_interfaces="bridge0" ifconfig_ix0="up" ifconfig_bridge0"1.1.1.1/24 addm ix0" in other words, instead of assigning the IP address to the member interface, assign it to the bridge instead. i am aware that there are some configurations which currently cannot be done this way. in that case, please set member_ifaddrs=1 and i hope to have resolved all of these cases prior to 16.0-RELEASE, at which point i intend to remove the member_ifaddrs sysctl. i do *not* intend to revert this commit, but i *do* want to work with people who are negatively affected by this change to address their use-case prior to the removal of the aforementioned sysctl. specific known issues: - ifconfig_bridge0="SYNCDHCP" may be broken, in which case try "DHCP" instead. - automatic dhclient invocation on a bridge member via devd when the link comes up is broken. in both cases, setting member_ifaddrs=1 will restore the previous behaviour. again, i intend to fix or provide alternatives for all known breakages caused by this commit.