I have a tap100 interface in use by vm-bhyve instance on a manual wan switch.
tap100 is the vm interface, manually created
epair30a is a jail interface
vlan 200 hands out IP addresses via dhcp.
It works perfectly fine for epair30a interface from jail, but not for tap100
I add tap100 via
My guess is tag 200 is not stripped on tap100 interface
tcpdump for tap100:
When I ping from jail and do tcpdump on the interface, no vlan 200 traffic shows up (only non vlan traffic does – as expected)
I swear this same setup worked for my other VM previously.
Code:
[root@bsd38 ~]# ifconfig bridge0
bridge0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 9000
options=10<VLAN_HWTAGGING>
ether 58:9c:fc:10:ab:f2
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
bridge flags=1<VLANFILTER>
member: epair30a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
port 14 priority 128 path cost 2000 vlan protocol 802.1q untagged 200
member: tap100 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
port 8 priority 128 path cost 2000000 vlan protocol 802.1q untagged 200
member: ix1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
port 2 priority 128 path cost 2000 vlan protocol 802.1q untagged 202 tagged 200-201,2002-2003
groups: bridge vm-switch viid-bc668@
nd6 options=9<PERFORMNUD,IFDISABLED>tap100 is the vm interface, manually created
epair30a is a jail interface
vlan 200 hands out IP addresses via dhcp.
It works perfectly fine for epair30a interface from jail, but not for tap100
I add tap100 via
Code:
ifconfig bridge0 addm tap100 untagged 200My guess is tag 200 is not stripped on tap100 interface
tcpdump for tap100:
Code:
[root@bsd38 ~]# tcpdump -vnei tap100 vlan 200
tcpdump: listening on tap100, link-type EN10MB (Ethernet), snapshot length 262144 bytes
09:30:35.316352 58:9c:fc:10:cd:2e > 58:9c:fc:10:b8:c5, ethertype 802.1Q (0x8100), length 46: vlan 200, p 0, ethertype ARP (0x0806), Ethernet (len 6), IPv4 (len 4), Reply 10.200.0.86 is-at 58:9c:fc:10:cd:2e, length 28
09:30:36.347966 58:9c:fc:10:cd:2e > 58:9c:fc:10:b8:c5, ethertype 802.1Q (0x8100), length 46: vlan 200, p 0, ethertype ARP (0x0806), Ethernet (len 6), IPv4 (len 4), Reply 10.200.0.86 is-at 58:9c:fc:10:cd:2e, length 28
09:30:37.372332 58:9c:fc:10:cd:2e > 58:9c:fc:10:b8:c5, ethertype 802.1Q (0x8100), length 46: vlan 200, p 0, ethertype ARP (0x0806), Ethernet (len 6), IPv4 (len 4), Reply 10.200.0.86 is-at 58:9c:fc:10:cd:2e, length 28
...
09:51:56.705539 58:9c:fc:10:b8:c5 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.200.0.86 tell 10.200.0.17, length 2809:51:56.705581 58:9c:fc:10:cd:2e > 58:9c:fc:10:b8:c5, ethertype 802.1Q (0x8100), length 46: vlan 200, p 0, ethertype ARP (0x0806), Reply 10.200.0.86 is-at 58:9c:fc:10:cd:2e, length 28When I ping from jail and do tcpdump on the interface, no vlan 200 traffic shows up (only non vlan traffic does – as expected)
I swear this same setup worked for my other VM previously.