tunneling L2 tagged traffic over IP
vas at mpeks.tomsk.su
Mon Apr 27 14:39:59 UTC 2015
Nikos Vassiliadis wrote:
> > In the meanwhile, I have tried bridging ethernet NICs and tap(4), and
> > connected two tap(4) devices with net/vtun. It works, but again, only
> > for untagged frames.
> I just checked and remembered that there is a sysctl
> that controls forwarding of non-IP traffic
> > sysctl net.link.bridge.pfil_onlyip
> > net.link.bridge.pfil_onlyip: 1
> That means that only IP is allowed to be forwarded by the bridge.
> Change this to 0 and it will be hopefully ok.
I have two interfaces in a bridge:
# ifconfig bridge0
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
inet 10.14.133.20 netmask 0xffffffc0 broadcast 10.14.133.63
id 00:00:00:00:00:00 priority 61440 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 61440 ifcost 0 port 0
member: vr0 flags=1c3<LEARNING,DISCOVER,AUTOEDGE,PTP,AUTOPTP>
ifmaxaddr 0 port 6 priority 128 path cost 200000
member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 11 priority 128 path cost 2000000
"tcpdump -i vr0 stp" sees incoming STP traffic while "tcpdump -i tap0 stp"
sees none no matter if net.link.bridge.pfil_onlyip is "1" or "0".
I see however some IP6, IPX (!) and CDP frames.
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru
More information about the freebsd-questions