Possible bug: 11.2-RELEASE guest with vtnet and PF

Sat Jun 30 15:07:27 UTC 2018

Hello guys,

I've just installed a 11.2-RELEASE guest under bhyve (hypervisor is 
11.1-RELEASE)... and I cant use Virtio network interface with PF:

odine:/boot/kernel# /sbin/pfctl -n -f ~/local/tmp/pf.work
*pfctl: pfi_get_ifaces: Bad file descriptor*

the file contains the following single line only:

pass out quick on vtnet0 proto tcp from any to any keep state

these are my interfaces:

vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
         options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
         ether 58:9c:fc:04:aa:91
         hwaddr 58:9c:fc:04:aa:91
         inet *.*.206.214 netmask 0xffffffe0 broadcast *.*.206.223
         nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
         media: Ethernet 10Gbase-T <full-duplex>
         status: active
vtnet1: flags=8902<BROADCAST,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
         options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
         ether 58:9c:fc:08:e0:c7
         hwaddr 58:9c:fc:08:e0:c7
         nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
         media: Ethernet 10Gbase-T <full-duplex>
         status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
         options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
         inet6 ::1 prefixlen 128
         inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
         inet 127.0.0.1 netmask 0xff000000
         nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
         groups: lo

I haven't noticed any other problems with vtnet0.... it is routing properly, everything works... minus Packet Filter.

-- 

    regards

Jakub Chromy

CGI Systems div.
----------------
CGI CZ s.r.o.
sales at cgi.cz
775 144 257
234 697 102
www.cgi.cz