Bug #589

VLAN issues

Added by sepherosa over 7 years ago. Updated almost 5 years ago.

Status:ClosedStart date:
Priority:LowDue date:
Assignee:sepherosa% Done:

0%

Category:-
Target version:-

Description

It is a bug in vlan code: when set up vlan config, vlan's if_flags
will be overwritten :(

vlan does not support promisc mode in current code base

Would you like to test following patch?
http://leaf.dragonflybsd.org/~sephe/vlan.diff

Best Regards,
sephe

History

#1 Updated by dillon over 7 years ago

One thing I noticed about this patch is that there might be a logic
error when clearing vlan flags.

Lets say you have four vlan's, and you turn on promiscuous mode on two
of them. This propogates to the parent. But now what happens if you
turn off promiscuous mode on one of them? Will it turn off promiscuous
mode in the parent even though there is still one vlan interface left
with it turned on?

Also, if someone turns on promisc mode on the parent, and then turns it
on for a vlan interface, then turns it off for a vlan interface, will
it turn off the mode on the parent? We wouldn't want it to.

Another example... bridging turns on promiscuous mode. But if an
interface is bridged, and someone tcpdump's a vlan under that interface,
then stops the tcpdump, will that turn off the interface's promiscuous
mode? Again we wouldn't want it to.

We might have to track promiscuous mode or have additional IFF flags
for bridging and vlan inheritance that also independantly turn on
promisc mode (so it wouldn't be turned off unless all the related
flags are clear). Then tcpdump wouldn't blow things up.

-Matt
Matthew Dillon
<>

:On 3/25/07, Gergo Szakal <> wrote:
:> Ok, continuing this old discussion:
:> http://tinyurl.com/2a7qda
:>
:> Installed 1.8.0, applied the patch, rebuilt GENERIC and rebooted. Loading if_vlan.ko and if_bridge.ko from loader.conf.
:>
:> Well, this is my rc.conf file:
:>
:> ------------------------------------------------------------------------------
:> cloned_interfaces="bridge0 vlan0 vlan1 vlan2 vlan3"
:> ifconfig_vlan0="vlan 11 vlandev xl0 up"
:> ifconfig_vlan1="vlan 12 vlandev xl0 up"
:> ifconfig_vlan2="vlan 11 vlandev xl1 up"
:> ifconfig_vlan3="vlan 12 vlandev xl1 up"
:> ifconfig_xl0="up"
:> ifconfig_xl1="up"
:> ifconfig_bridge0="addm vlan0 addm vlan1 addm vlan2 addm vlan3 up"
:> ------------------------------------------------------------------------------
:>
:> My issues:
:> 1) No pseudo-interfaces get up. I have to "ifconfig xxxn up" them manually.
:
:It is a bug in vlan code: when set up vlan config, vlan's if_flags
:will be overwritten :(
:
:> 2) VLAN interfaces do not get added as bridge0 members.
:
:vlan does not support promisc mode in current code base
:
:> Any ideas?
:
:Would you like to test following patch?
:http://leaf.dragonflybsd.org/~sephe/vlan.diff
:
:Best Regards,
:sephe
:
:--
:Live Free or Die

#2 Updated by sepherosa over 7 years ago

IFF_PROMISC is reference counted by ifnet.if_pcount, so the problems
you described do not exist :)

Best Regards,
sephe

#3 Updated by justin about 7 years ago

Sephe - did you commit this vlan patch?

#4 Updated by sepherosa about 7 years ago

Nope, user seems to have problem to get his configure work, even with
this patch and possible workaround I suggested. I probably need to do
more investigation.

Best Regards,
sephe

#5 Updated by bastyaelvtars about 7 years ago

Hey guys, totally forgot about this one due to various changes/other work. However, this is still due for me and I am more than happy to test. I'll follow Sephe's last instructions and post feedback.

#6 Updated by bastyaelvtars about 7 years ago

Original thread: http://tinyurl.com/2gmn7m
Applied patch: http://leaf.dragonflybsd.org/~sephe/vlan_promisc.diff

I was doing the following: added a physical interface (xl0) that had no VLAN ifaces assigned and 2 vlan interfaces (vlan2, vlan3) assigned to another interface (xl1) to the bridge. I get 'invalid MTU for vlanX' errors for vlan interfaces when trying to add them to bridge0.

Now what?

#7 Updated by c.turner about 7 years ago

disclaimer: haven't done this meeself before, but

I read something 'one time' about the vlan tagging knocking a few bytes
out of the available space on the ethernet frame -

so your xl0:vlanX interface 'mtu' numbers are probably a few bytes
smaller than the default mtu on xl0/xl1/bridge0 (or whatever is already
on the bridge and/or not 'virtualized') .. have you tried matching them
up via "ifconfig ... mtu" ?

(e.g. might need to destroy the bridge, set the mtu on the bridge to
match the vlanX's , then re-add the vlan ifs..)

#8 Updated by sepherosa about 7 years ago

xl(4) does support VLAN_MTU but needs some tweaks. For testing
purpose, please set xl0's MTU to 1496 (this MTU should be same as the
MTU of vlan2 and vlan3).

Best Regards,
sephe

#9 Updated by bastyaelvtars about 7 years ago

On Thu, 17 May 2007 10:04:55 +0800
"Sepherosa Ziehau" <> wrote:

Set the physical interfaces' MTUs to 1496.

cloned_interfaces="bridge0 vlan2 vlan3"
ifconfig_xl0="mtu 1496 up"
ifconfig_xl1="mtu 1496 up"
ifconfig_vlan2="vlan 11 vlandev xl1 up"
ifconfig_vlan3="vlan 12 vlandev xl1 up"

I get invalid MTU on vlan2 (yes, only vlan2).

#10 Updated by sepherosa about 7 years ago

Nah, leave xl1's mtu unchanged, i.e. nuke above line :)

Best Regards,
sephe

#11 Updated by bastyaelvtars about 7 years ago

I get the same error. Oh, and vlan2 and vlan3 do not get added to bridge0.

#12 Updated by sepherosa about 7 years ago

mmm, please apply following patch too:
http://www.dragonflybsd.org/cvsweb/src/sys/dev/netif/xl/if_xl.c.diff?r1=1.47&amp;r2=1.48&amp;f=u

After this patch and if all of your xl is 905B typed, there will be no
need to adjust mtu anymore.

Best Regards,
sephe

#13 Updated by bastyaelvtars about 7 years ago

The patch (the xl mtu and the vlan promisc) applies and compiles fine, and the warning is indeed gone. Now I found out that I should rather create separate bridge interfaces for the vlan's by ID. Let's see:

cloned_interfaces="bridge0 bridge1 vlan0 vlan1 vlan2 vlan3"
ifconfig_xl0="up"
ifconfig_xl1="up"
ifconfig_vlan2="vlan 11 vlandev xl1 up"
ifconfig_vlan3="vlan 12 vlandev xl1 up"
ifconfig_vlan0="vlan 11 vlandev xl0 up"
ifconfig_vlan1="vlan 12 vlandev xl0 up"
ifconfig_bridge0="addm vlan0 addm vlan2 up"
ifconfig_bridge1="addm vlan1 addm vlan3 up"

I get in dmesg:

bridge0: MAC address: fe:84:dc:d5:af:e8
bridge1: MAC address: 4e:26:12:cc:2c:51
vlan0: MAC address: 00:00:00:00:00:00
vlan1: MAC address: 00:00:00:00:00:00
vlan2: MAC address: 00:00:00:00:00:00
vlan3: MAC address: 00:00:00:00:00:00

ifconfig:

xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::210:5aff:fed6:e44%xl0 prefixlen 64 scopeid 0x1
ether 00:10:5a:d6:0e:44
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::204:76ff:fedf:d8ac%xl1 prefixlen 64 scopeid 0x2
ether 00:04:76:df:d8:ac
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::230:4fff:fe08:b5d0%rl0 prefixlen 64 scopeid 0x3
inet 10.0.0.22 netmask 0xffffff00 broadcast 10.0.0.255
ether 00:30:4f:08:b5:d0
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
bridge0: flags=8002<BROADCAST,MULTICAST> mtu 1500
ether fe:84:dc:d5:af:e8
priority 32768 hellotime 2 fwddelay 15 maxage 20
bridge1: flags=8002<BROADCAST,MULTICAST> mtu 1500
ether 4e:26:12:cc:2c:51
priority 32768 hellotime 2 fwddelay 15 maxage 20
vlan0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:10:5a:d6:0e:44
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 11 parent interface: xl0
vlan1: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:10:5a:d6:0e:44
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 12 parent interface: xl0
vlan2: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:04:76:df:d8:ac
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 11 parent interface: xl1
vlan3: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:04:76:df:d8:ac
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 12 parent interface: xl1

--------------------------------------------------------------------------

When I add the physical interface on one side:

ifconfig_bridge0="addm xl0 addm vlan2 up"
ifconfig_bridge1="addm xl0 addm vlan3 up"

then it gets added to the bridge as a member, but vlan interfaces still do not get added. Let's add:

%ifconfig bridge0 addm vlan2 up
ifconfig: BRDGADD vlan2: Network is down

So vlan interfaces start as "down" and don't get added to the bridge.

#14 Updated by bastyaelvtars about 7 years ago

Ok, the patch posted previously almost works.
http://leaf.dragonflybsd.org/~sephe/vlan.diff

However, I still have to add the vlan interfaces to bridge0 manually
and tcpdump on bridge0 shows nothing.

#15 Updated by sepherosa about 7 years ago

Have you run 'ifconfig xl? promisc'? Else packets will not be seen by
vlanX, let alone bridgeX.

Best Regards,
sephe

#16 Updated by bastyaelvtars about 7 years ago

On Wed, 20 Jun 2007 09:21:20 +0800
"Sepherosa Ziehau" <> wrote:

Of course both xl interfaces that have their vlan interfaces are in
promiscous mode in rc.conf.

cloned_interfaces="bridge0 bridge1 vlan0 vlan1 vlan2 vlan3"
ifconfig_xl0="promisc"
ifconfig_xl1="promisc"
ifconfig_vlan2="vlan 11 vlandev xl1 up"
ifconfig_vlan0="vlan 11 vlandev xl0 up"
ifconfig_bridge0="addm vlan0 addm vlan2 up"

#17 Updated by sepherosa about 7 years ago

Can you show me the 'ifconfig xl1' after your system start? PPROMISC
may be cleared somewhere in bridge or vlan (probably vlan) configure.

Best Regards,
sephe

#18 Updated by bastyaelvtars about 7 years ago

On Wed, 20 Jun 2007 09:45:08 +0800
"Sepherosa Ziehau" <> wrote:

xl0: flags=28902<BROADCAST,PROMISC,SIMPLEX,MULTICAST,PPROMISC> mtu 1500
options=8<VLAN_MTU>
ether 00:10:5a:d6:0e:44
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
> ifconfig vlan0
vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:10:5a:d6:0e:44
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 11 parent interface: xl0
> ifconfig bridge0
bridge0: flags=8002<BROADCAST,MULTICAST> mtu 1500
ether 92:a8:e8:06:6d:85
priority 32768 hellotime 2 fwddelay 15 maxage 20
>

#19 Updated by sepherosa about 7 years ago

Mmm, xl0 is not up?

#20 Updated by bastyaelvtars about 7 years ago

On Wed, 20 Jun 2007 10:14:38 +0800
"Sepherosa Ziehau" <> wrote:

Added "promisc up" to the rc.conf.

xl0:
flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,PPROMISC>
mtu 1500 options=8<VLAN_MTU> inet6 fe80::210:5aff:fed6:e44%xl0
prefixlen 64 scopeid 0x1 ether 00:10:5a:d6:0e:44
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active

vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:10:5a:d6:0e:44
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vlan: 11 parent interface: xl0

bridge0: flags=8002<BROADCAST,MULTICAST> mtu 1500
ether 1e:6c:da:3e:8f:c6
priority 32768 hellotime 2 fwddelay 15 maxage 20

#21 Updated by sepherosa about 7 years ago

If you manually add vlan to bridge after system startup, does it work?

Best Regards,
sephe

#22 Updated by bastyaelvtars about 7 years ago

On Wed, 20 Jun 2007 11:11:10 +0800
"Sepherosa Ziehau" <> wrote:

%ifconfig bridge0 addm vlan0 addm vlan2 up

%ifconfig bridge0
bridge0: flags=8043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 1e:6c:da:3e:8f:c6
priority 32768 hellotime 2 fwddelay 15 maxage 20
member: vlan2 flags=3<LEARNING,DISCOVER>
member: vlan0 flags=3<LEARNING,DISCOVER>

When I do this and tcpdump afterwards, I get dmesg messages about
promiscous mode and vlan0 gets PROMISC inside the flags only then. On
bridge0, promisc mode only gets enabled when tcpdumping.

I am going to do more checking tomorrow.

#23 Updated by sepherosa about 7 years ago

Please run tcpdump on both xl and vlan, after you hook vlan to bridge.

Best Regards,
sephe

#24 Updated by bastyaelvtars about 7 years ago

On Wed, 20 Jun 2007 11:33:19 +0800
"Sepherosa Ziehau" <> wrote:

Been there, done that. :-P
On xl1 threre is a lot of stuff, and there is NOTHING on its vlan
interface.

#25 Updated by sepherosa about 7 years ago

Can you give me the tcpdump file on xl1? There are (only) two
possible conditions that will eat packets:
1) the packets received by xl1 are not vlan packets at all
2) the vlan tag in packet does not match any of your vlan

Best Regards,
sephe

#26 Updated by tuxillo almost 5 years ago

Sephe,

Do you think we could continue trying to investigating this issue?
What would I need to help you on it (hardware, net config, ...)?

Cheers,
Antonio

#27 Updated by sepherosa almost 5 years ago

On Wed, Aug 26, 2009 at 6:51 PM, Antonio Huete Jimenez (via DragonFly
issue tracker)<> wrote:
>
> Antonio Huete Jimenez <> added the comment:
>
> Sephe,
>
> Do you think we could continue trying to investigating this issue?
> What would I need to help you on it (hardware, net config, ...)?

It could be closed.

Fixed by:
469c71d1f6bd6a094b41492eeaefd40b69892068

Best Regards,
sephe

Also available in: Atom PDF