Hi everyone,
I'm working on setting up a FreeBSD 14.3 VM to host a collection of jails that I want to spread out across a number of VLANs, so I have a number of
As it's clearly visible from that config, I want the VM itself to network on VLAN 10, but I'm currently configuring the
As can also be seen, I'm using the VLAN 40 to test a corrected setup, configuring
On top of it all, if I let Bastille create the bridge for me via the
So, all in all, I don't know what I'm doing wrong with my manual bridge creation that's keeping them from sending traffic out of their corresponding
Looking at the
So, anyone see what I could be missing? Or perhaps misunderstanding?
Thank you!
I'm working on setting up a FreeBSD 14.3 VM to host a collection of jails that I want to spread out across a number of VLANs, so I have a number of
vtnet interfaces that are attached to corresponding VLAN interfaces on the underlying host, and those vtnet interfaces, in turn, are added to bridges on the VM. Overall, my rc.conf file looks like this so far:
Code:
cloned_interfaces="bridge10 bridge40 bridge50 bridge60"
rtsold_enable="YES"
ifconfig_vtnet0_name="vtnet10"
ifconfig vtnet10="up"
#ifconfig_bridge10="addm vtnet10 up stp vtnet10"
ifconfig_vtnet10="SYNCDHCP"
ifconfig_vtnet10_ipv6="inet6 accept_rtadv"
ifconfig_vtnet1_name="vtnet40"
ifconfig vtnet40="up"
ifconfig_bridge40="addm vtnet40 up stp vtnet40 SYNCDHCP"
#ifconfig_vtnet40="SYNCDHCP"
ifconfig_vtnet2_name="vtnet50"
ifconfig vtnet50="up"
ifconfig_bridge50="addm vtnet50 up stp vtnet50"
ifconfig_vtnet3_name="vtnet60"
ifconfig vtnet60="up"
ifconfig_bridge60="addm vtnet60 up stp vtnet60"As it's clearly visible from that config, I want the VM itself to network on VLAN 10, but I'm currently configuring the
vtnet10 interface for DHCP, rather than the corresponding bridge10 interface, which is what the FreeBSD manual recommends. This at least sets a baseline working configuration, as the vtnet10 interface has no issues acquiring an IP address from my router on the corresponding VLAN.As can also be seen, I'm using the VLAN 40 to test a corrected setup, configuring
bridge40 for SYNCDHCP, but for some reason that's escaping me that's currently not working, the bridge never manages to acquire an IP address. Using tcpdump on bridge40 reveals that it is emitting the DHCP requests as expected, but no responses are being receiving, and pointing tcpdump at vtnet40 reveals that no traffic from the bridge is being forwarded out of the VM. Just as above, however, configuring vtnet40 for DHCP produces an IP address immediately on the corresponding VLAN 40, so I know that's also working.On top of it all, if I let Bastille create the bridge for me via the
jib script when invoked as bastille create -V testJail 14.3-RELEASE "DHCP SLAAC" vtnet40, the created vtnet40bridge interface correctly forwards packages for the jail out of the VM via the vtnet40 interface, and DHCP responses are received inside the jail without delay. Further, if I configure this vtnet40bridge interface for DHCP and restart dhclient, it also manages to acquire an IP immediately in the correct VLAN.So, all in all, I don't know what I'm doing wrong with my manual bridge creation that's keeping them from sending traffic out of their corresponding
vtnet interfaces, and I can't find any meaningful differences between my bridges and the ones created by jib:
Code:
-> ifconfig vtnet40bridge
vtnet40bridge: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
options=0
ether 00:a0:98:ff:ff:ff
inet 10.40.0.15 netmask 0xffffff00 broadcast 10.40.0.255
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: e0a_bastille1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 10 priority 128 path cost 2000
member: vtnet40 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 2 priority 128 path cost 2000
groups: bridge
nd6 options=9<PERFORMNUD,IFDISABLED>
-> ifconfig bridge50
bridge50: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
options=0
ether 00:a0:98:ff:ff:ff
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vtnet50 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 3 priority 128 path cost 2000
groups: bridge
nd6 options=9<PERFORMNUD,IFDISABLED>Looking at the
jib code, I can't see anything special about what it does when creating bridges and adding interfaces to it, other than not using STP, which I've also tried leaving out from my manual bridges to no avail.So, anyone see what I could be missing? Or perhaps misunderstanding?
Thank you!