Hello,
I have found a bug in using vtun on freebsd in the type ether mode in
order to try and bridge ethernet over IP. I am not too sure where the
problem lies. The interfaces that are being placed into the bridge group
are not going into promiscuos mode.
The crux of it that the vtun can establish but no frames can get through
the bridge unless I do something really ugly to turn on promiscuous mode :
(cat > /dev/tap1 | head -c 1 ; then clean up the
net.link.ether.bridge_cfg oid back to normal again)
Both machines are i386 4.5-RELEASE FreeBSD
The "up" section of the vtund.conf looks like :
up {
ifconfig "%% inet 10.12.12.240 netmask 255.255.255.0";
#ifconfig "%% up";
program "/sbin/sysctl net.link.ether.bridge=0" wait ;
program "/sbin/sysctl net.link.ether.bridge_cfg=\"\"" wait ;
program "/sbin/sysctl net.link.ether.bridge_cfg=\"sis0:5,%%:5\"" wait ;
program "/sbin/sysctl net.link.ether.bridge=1" wait ;
};
That seems to be working as you can see from the server and cleint dumps
below but I do not think that the bridge or tap code is putting the
ethernet interface and tap device into promiscuous mode.
>From fresh boot for box acting as vtun server
=============================================
bash# ifconfig -a
sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::2a0:ccff:fe79:2a06%sis0 prefixlen 64 scopeid 0x1
ether 00:a0:cc:79:2a:06
media: Ethernet autoselect (10baseT/UTP)
status: active
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.11.11.100 netmask 0xffffff00 broadcast 10.11.11.255
inet6 fe80::210:dcff:fe20:d53e%rl0 prefixlen 64 scopeid 0x2
ether 00:10:dc:20:d5:3e
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
bash# vtund -s -f /usr/local/etc/vtund.conf
bash# ps ax
PID TT STAT TIME COMMAND
0 ?? DLs 0:00.00 (swapper)
1 ?? SLs 0:00.01 /sbin/init --
2 ?? DL 0:00.00 (pagedaemon)
3 ?? DL 0:00.00 (vmdaemon)
4 ?? DL 0:00.00 (bufdaemon)
5 ?? DL 0:00.00 (syncer)
6 ?? DL 0:00.00 (vnlru)
23 ?? Is 0:00.00 adjkerntz -i
62 ?? Ss 0:00.03 /usr/sbin/syslogd -s
69 ?? Is 0:00.00 /usr/sbin/inetd -wW
71 ?? Ss 0:00.00 /usr/sbin/cron
73 ?? Is 0:00.18 /usr/sbin/sshd
94 ?? S 0:00.05 sshd: root@ttyp0 (sshd)
98 ?? Ss 0:00.00 vtund: waiting for connections on port 5000 (vtund)
95 p0 Ss 0:00.03 -bash (bash)
99 p0 R+ 0:00.00 ps ax
86 v0 Is+ 0:00.01 /usr/libexec/getty Pc ttyv0
87 v1 Is+ 0:00.00 /usr/libexec/getty Pc ttyv1
88 v2 Is+ 0:00.00 /usr/libexec/getty Pc ttyv2
89 v3 Is+ 0:00.00 /usr/libexec/getty Pc ttyv3
90 v4 Is+ 0:00.00 /usr/libexec/getty Pc ttyv4
91 v5 Is+ 0:00.00 /usr/libexec/getty Pc ttyv5
92 v6 Is+ 0:00.00 /usr/libexec/getty Pc ttyv6
93 v7 Is+ 0:00.00 /usr/libexec/getty Pc ttyv7
bash# !sys:p
sysctl -a | grep bridge
bash# sysctl -a | grep bridge
net.link.ether.bridge_cfg: sis0:1,rl0:1,
net.link.ether.bridge: 0
net.link.ether.bridge_ipfw: 0
net.link.ether.bridge_ipfw_drop: 0
net.link.ether.bridge_ipfw_collisions: 0
[THIS IS WHEN THE CLIENT CONNECTS]
bash# Jun 2 00:47:25 stan /kernel: BRIDGE 011031, have 8 interfaces
Jun 2 00:47:25 stan /kernel: BRIDGE 011031, have 8 interfaces
Jun 2 00:47:25 stan /kernel: -- index 1 sis0:1 type 6 phy 0 addrl 6 addr
00.a0.cc.79.2a.06
Jun 2 00:47:25 stan /kernel: -- index 1 sis0:1 type 6 phy 0 addrl 6 addr
00.a0.cc.79.2a.06
Jun 2 00:47:25 stan /kernel: -- index 2 rl0:1 type 6 phy 0 addrl 6 addr
00.10.dc.20.d5.3e
Jun 2 00:47:25 stan /kernel: -- index 2 rl0:1 type 6 phy 0 addrl 6 addr
00.10.dc.20.d5.3e
Jun 2 00:47:25 stan /kernel: -- index 8 type 6 phy 0 addrl 6 addr 00.bd.fa.13.00.00
Jun 2 00:47:25 stan /kernel: -- index 8 type 6 phy 0 addrl 6 addr 00.bd.fa.13.00.00
bash# sysctl -a | grep bridge
net.link.ether.bridge_cfg: "sis0:5,tap0:5"
net.link.ether.bridge: 1
net.link.ether.bridge_ipfw: 0
net.link.ether.bridge_ipfw_drop: 0
net.link.ether.bridge_ipfw_collisions: 0
Fresh from boot for box acting as vtun client
=============================================
bash-2.05a# sysctl -a | grep bridge
net.link.ether.bridge_cfg: sis0:1,rl0:1,
net.link.ether.bridge: 0
net.link.ether.bridge_ipfw: 0
net.link.ether.bridge_ipfw_drop: 0
net.link.ether.bridge_ipfw_collisions: 0
bash-2.05a# ifconfig -a
sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::2a0:ccff:fe77:d6f%sis0 prefixlen 64 scopeid 0x1
ether 00:a0:cc:77:0d:6f
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.11.11.200 netmask 0xffffff00 broadcast 10.11.11.255
inet6 fe80::210:dcff:fe20:d59d%rl0 prefixlen 64 scopeid 0x2
ether 00:10:dc:20:d5:9d
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
bash-2.05a# vtund -f /usr/local/etc/vtund.conf wc 10.11.11.100
bash-2.05a# Jun 2 00:47:25 kenny /kernel: BRIDGE 011031, have 8 interfaces
Jun 2 00:47:25 kenny /kernel: BRIDGE 011031, have 8 interfaces
Jun 2 00:47:25 kenny /kernel: -- index 1 sis0:1 type 6 phy 0 addrl 6 addr
00.a0.cc.77.0d.6f
Jun 2 00:47:25 kenny /kernel: -- index 1 sis0:1 type 6 phy 0 addrl 6 addr
00.a0.cc.77.0d.6f
Jun 2 00:47:25 kenny /kernel: -- index 2 rl0:1 type 6 phy 0 addrl 6 addr
00.10.dc.20.d5.9d
Jun 2 00:47:25 kenny /kernel: -- index 2 rl0:1 type 6 phy 0 addrl 6 addr
00.10.dc.20.d5.9d
Jun 2 00:47:25 kenny /kernel: -- index 8 type 6 phy 0 addrl 6 addr 00.bd.dd.19.00.00
Jun 2 00:47:25 kenny /kernel: -- index 8 type 6 phy 0 addrl 6 addr 00.bd.dd.19.00.00
bash-2.05a# sysctl -a | grep bridge
net.link.ether.bridge_cfg: "sis0:5,tap0:5"
net.link.ether.bridge: 1
net.link.ether.bridge_ipfw: 0
net.link.ether.bridge_ipfw_drop: 0
net.link.ether.bridge_ipfw_collisions: 0
bash-2.05a# ifconfig -a
sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::2a0:ccff:fe77:d6f%sis0 prefixlen 64 scopeid 0x1
ether 00:a0:cc:77:0d:6f
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.11.11.200 netmask 0xffffff00 broadcast 10.11.11.255
inet6 fe80::210:dcff:fe20:d59d%rl0 prefixlen 64 scopeid 0x2
ether 00:10:dc:20:d5:9d
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.12.12.240 netmask 0xffffff00 broadcast 10.12.12.255
inet6 fe80::2bd:ddff:fe19:0%tap0 prefixlen 64 scopeid 0x8
ether 00:bd:dd:19:00:00
Opened by PID 98
bash-2.05a#
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
