Re: About bridges

To: Robert Swindells <rjs%fdy2.co.uk@localhost>, Staffan Thomén <staffan%shangtai.net@localhost>
Subject: Re: About bridges
From: Jason Mitchell <jmitchel%bigjar.com@localhost>
Date: Mon, 31 May 2021 21:22:47 -0400

On 5/30/21 11:29 AM, Robert Swindells wrote:

Staffan Thomén <staffan%shangtai.net@localhost> wrote:

Robert Swindells wrote:

Staffan Thomén<staffan%shangtai.net@localhost>  wrote:

No takers for this? Can someone at least check that I'm not crazy?

Which bit of "this" ?

Your last message suggests to me that you have a working bridged network.

It works partially; DHCP replies don't seem to show up on the tap device
so it does not configure an address. I kept a tcpdump on the tap while
running dhcpcd and I can see dhcpcd retrying the sending to no avail.

Do you need to use DHCP to get an address ?

I have a theory that the MAC address learning feature of bridge(4)
doesn't work well with BOOTP/DHCP, I have a local change to explicitly
add the MAC address of each interface. You could look at the state of
the address cache by running 'brconfig -a'.

People use tap(4) in two ways:

1) To add an extra IP address for the host machine.
2) To connect a software emulator like qemu to the host.

In usage 2, you don't setup an IP address for the tap(4) device, the
virtual network device in the emulator has a different MAC address to
the tap(4) device and can get an IP address using DHCP.

Also, there is a shortcut in bridge(4) if it detects that a packet is
for an "internal" address.

If you do add an IP address for the tap(4) device then that will be
treated as an internal one.

Additionally, even if I manually configure an address on the tap
interface and I can use it to connect using ssh, tcpdump on the tap
device doesn't show the unicast packets, which I don't think is right
either.

I think that usage will be hitting the shortcut I described above, the
packets are treated as being for the host machine so don't get sent to
the tap interface.

Okay, I got this working with a wired interface but only by adding an IPaddress to the physical nic (in my case axe0). The address wasn't in thesame subnet as the address for tap1 (I used 169.254.169.254). Here aremy commands (below). At some point I'll try to get DHCP up and running.


HTH,

Jason M.

--------------------------------------------

root@ARMNUK:/# ifconfig -a
awge0: flags=0x8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        ec_capabilities=1<VLAN_MTU>
        ec_enabled=0
        address: 00:1e:06:37:45:a1
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet6 fe80::21e:6ff:fe37:45a1%awge0/64 flags 0x0 scopeid 0x1
        inet A.B.C.12/24 broadcast A.B.C.255 flags 0x0
axe0: flags=0x8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
        ec_capabilities=1<VLAN_MTU>
        ec_enabled=0
        address: 00:90:9e:9a:b1:05
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
lo0: flags=0x8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33624
        inet6 ::1/128 flags 0x20<NODAD>
        inet6 fe80::1%lo0/64 flags 0x0 scopeid 0x3
        inet 127.0.0.1/16 flags 0x0
lo1: flags=0x8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33624
        inet6 ::1/128 flags 0x20<NODAD>
        inet6 fe80::1%lo1/64 flags 0x0 scopeid 0x4
        inet 127.0.1.1/24 flags 0x0
tap1: flags=0x8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        ec_capabilities=5<VLAN_MTU,JUMBO_MTU>
        ec_enabled=0
        address: f2:0b:a4:7c:28:e4
        media: Ethernet autoselect
        inet6 fe80::f00b:a4ff:fe7c:28e4%tap1/64 flags 0x0 scopeid 0x5
        inet 127.0.2.1/24 broadcast 127.0.2.255 flags 0x0
root@ARMNUK:/# ifconfig bridge0 create up
root@ARMNUK:/# ifconfig tap1 A.B.C.254/24
root@ARMNUK:/# brconfig bridge0 add tap1 add axe0 stp
brconfig: command stp requires 1 argument
root@ARMNUK:/# brconfig bridge0 add tap1 add stp axe0
brconfig: add tap1: File exists
root@ARMNUK:/# brconfig -a
bridge0: flags=41<UP,RUNNING>
        Configuration:
                priority 32768 hellotime 2 fwddelay 15 maxage 20
                ipfilter disabled flags 0x0
        Interfaces:
                axe0 flags=3<LEARNING,DISCOVER>
                        port 2 priority 128
                tap1 flags=3<LEARNING,DISCOVER>
                        port 5 priority 128
        Address cache (max cache: 100, timeout: 1200):
root@ARMNUK:/# ifconfig axe0 169.254.169.254
root@ARMNUK:/# #Pings get answered 4 seconds after this.
root@ARMNUK:/#
root@ARMNUK:/# brconfig -a
bridge0: flags=41<UP,RUNNING>
        Configuration:
                priority 32768 hellotime 2 fwddelay 15 maxage 20
                ipfilter disabled flags 0x0
        Interfaces:
                axe0 flags=3<LEARNING,DISCOVER>
                        port 2 priority 128
                tap1 flags=3<LEARNING,DISCOVER>
                        port 5 priority 128
        Address cache (max cache: 100, timeout: 1200):
                3c:22:fb:00:45:67 axe0 1091 flags=0<>
                a2:00:61:fc:f0:fa axe0 1194 flags=0<>
                54:4a:00:b8:4b:21 axe0 1199 flags=0<>
                00:1e:06:37:45:a1 axe0 1058 flags=0<>
                a0:ce:c8:00:00:29 axe0 1199 flags=0<>
                54:4a:00:b8:4b:20 axe0 1194 flags=0<>

Follow-Ups:
- Re: About bridges
  - From: Staffan Thomén

References:
- Re: About bridges
  - From: Robert Swindells

Prev by Date: Re: About bridges
Next by Date: Re: Adding a bpf peers_present function and "peers added/gone" callback
Previous by Thread: Re: About bridges
Next by Thread: Re: About bridges
Indexes:

Home | Main Index | Thread Index | Old Index