[Bug 289142] vm-bhyve public bridge fails on 15-CURRENT unless net.link.bridge.member_ifaddrs=1 is set

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=289142

            Bug ID: 289142
           Summary: vm-bhyve public bridge fails on 15-CURRENT unless
                    net.link.bridge.member_ifaddrs=1 is set
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: hpaluch@seznam.cz

When using latest vm-bhyve on 15-CURRENT (tested 1500063,
main-n279875-50efb5789d32) the default "public" bridge configuration (where NIC
has IP address, but bridge not) will fail with error:

ifconfig vm-public addm em0

ifconfig: BRDGADD em0: Invalid argument (extended error Member interface may
not have an IPv4 address configured)


It is because bridge(4) introduced new restriction - excerpt from
manual on
https://man.freebsd.org/cgi/man.cgi?query=bridge&apropos=0&sektion=0&manpath=FreeBSD+15.0-CURRENT&arch=default&format=html

     To allow the host to communicate with bridge members, IP addresses should
     be assigned to the if_bridge interface itself, not to the bridge's member
     interfaces.  Attempting to assign an IP address to a bridge member
     interface, or add a member interface with an assigned IP address to a
     bridge, will return an EINVAL (“Invalid argument”) error.  For
     compatibility with older releases where this was permitted, setting the
     sysctl(8) variable net.link.bridge.member_ifaddrs to 1 will permit this
     configuration.  This sysctl variable will be removed in FreeBSD 16.0.

I use following simple patch to make public bridge to work again:

diff -u usr/local/lib/vm-bhyve/vm-util.orig usr/local/lib/vm-bhyve/vm-util
--- usr/local/lib/vm-bhyve/vm-util.orig 2025-08-28 08:34:52.476711000 +0200
+++ usr/local/lib/vm-bhyve/vm-util      2025-08-28 08:35:55.548087000 +0200
@@ -36,6 +36,10 @@
     else
         util::load_module "if_tap"
     fi
+
+    # 15-CURRENT does not allow adding members with IP address unles
+    # member_ifaddrs is set to 1:
+    sysctl net.link.bridge.member_ifaddrs=1

     sysctl net.link.tap.up_on_open=1 >/dev/null 2>&1

WARNING! It did not help to add this sysctl to /etc/sysctl.conf (maybe it is
set too late?).

References
https://cgit.freebsd.org/src/commit/?id=0a1294f6c610948d7447ae276df74a6d5269b62e

Please note that manual says that this option will be removed in FreeBSD 16
entirely so we will need to find other way how to solvet that. Because reverse
way (IP assigned to bridge only) does not allow using DHCP assigned IP to host
which is serious limitations - many shared networks does not support static IP
addresses for users Workstations.

-- 
You are receiving this mail because:
You are the assignee for the bug.