Re: FBSD 15 :: if_bridge help needed

Reply: Lexi Winter : "Re: FBSD 15 :: if_bridge help needed"
In reply to: Lexi Winter : "Re: FBSD 15 :: if_bridge help needed"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Paul Procacci <pprocacci_at_gmail.com>
Date: Wed, 08 Oct 2025 07:53:31 UTC

On Wed, Oct 8, 2025 at 3:40 AM Lexi Winter <ivy@freebsd.org> wrote:
>
> Paul Procacci wrote in <CAFbbPuiX=uzsrH8u=2+0=dEmPU1cg7SX5AwYz=hXM=4KPCrE_A@mail.gmail.com>:
> > I have some debugging information that I just acquired if it helps.
> > I have determined that the bridge isn't receiving arp requests that
> > are being sent by Jail 1; the machine with the trunk
> >
> > I have also determined that the bridge *is* receiving arp requests
> > from Jail 2; the machine that is labeled as 'access' or untagged.
> >
> > The only difference between the two here is that in my scenario, Jail
> > 1 does it's own tagging while Jail 2 doesn't and leans on the bridge
> > for its `access'.
>
> could you please run tcpdump -ev on the epair interface attached to the
> bridge and see if the arp requests from jail 1 are received there?
>
> i.e., i would like to know if the packets are seen correctly on the
> epair interface but are being dropped by the bridge somehow.
>
> (please show the actual tcpdump output; what i expect is that the epair
> interface shows ARP packets with a .1q tag for VLAN 60.)
>
> > Thanks Gents!
>
> ahem

Sorry.  Bad habit.  Forgive me.

Absolutely nothing is being received on the bridge nor on the A side
of the epair:

From hosts' perspective:
-----------------------------------------------------------
root@host:~ # tcpdump -ni epair0a
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on epair0a, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^C
root@host:~ # tcpdump -ni bridge0
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on epair0a, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^C


From Jail 1's perspective:
-----------------------------------------------------------
root@Jail1:/ # tcpdump -ni epair0b.60
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on epair0b.60, link-type EN10MB (Ethernet), snapshot length
262144 bytes
07:52:03.722196 ARP, Request who-has 192.168.60.2 tell 192.168.60.1, length 28
07:52:04.785635 ARP, Request who-has 192.168.60.2 tell 192.168.60.1, length 28
^C

So jail 1 is trying, the host just isn't having any of it.

Thanks Again Lexi,
Paul Procacci

-- 
__________________

:(){ :|:& };: