@feld The new FreeBSD 15+ bridge driver will still allow you to put IP addresses on the bridge itself and on VLAN interfaces created on top of the bridge e.g. bridge0.1. There is and never has been a need to use an epair for non-vnet jails.
Timeline
Post
Remote status
Context
3
@crest let's say I have 5 different IP addresses I want on vlan 3
If I create bridge0.3 and put all the aliases on there, it's getting messy. Now what happens if I need to tcpdump traffic on bridge0.3? I'm traffic getting that could be bound for any of those and now I have to filter etc etc.
If you use a dedicated epair for each, it's much cleaner and easier to reason about because there's a 1:1 relationship
edit: especially for traffic accounting / snmp / etc
If I create bridge0.3 and put all the aliases on there, it's getting messy. Now what happens if I need to tcpdump traffic on bridge0.3? I'm traffic getting that could be bound for any of those and now I have to filter etc etc.
If you use a dedicated epair for each, it's much cleaner and easier to reason about because there's a 1:1 relationship
edit: especially for traffic accounting / snmp / etc
@crest also it looks like rc.conf doesn't even support the dot syntax for VLAN interfaces off the bridge. It can create them but not configure them.
in rc.conf:
cloned_interfaces="${cloned_interfaces} bridge0.3"
ifconfig_bridge0.3="inet 10.27.3.210/24"
# service netif start bridge0.3
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
Created clone interfaces: bridge0.3.
Starting Network: bridge0.3.
bridge0.3: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1496
options=0
ether 58:9c:fc:10:99:d4
groups: vlan
vlan: 3 vlanproto: 802.1q vlanpcp: 0 parent interface: bridge0
nd6 options=43<PERFORMNUD,ACCEPT_RTADV,NO_RADR>
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
So now what, gotta manually manage these interfaces in /etc/rc.local? My method works cleanly with rc.conf at least...
in rc.conf:
cloned_interfaces="${cloned_interfaces} bridge0.3"
ifconfig_bridge0.3="inet 10.27.3.210/24"
# service netif start bridge0.3
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
Created clone interfaces: bridge0.3.
Starting Network: bridge0.3.
bridge0.3: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1496
options=0
ether 58:9c:fc:10:99:d4
groups: vlan
vlan: 3 vlanproto: 802.1q vlanpcp: 0 parent interface: bridge0
nd6 options=43<PERFORMNUD,ACCEPT_RTADV,NO_RADR>
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
/etc/rc.conf: ifconfig_bridge0.3=inet 10.27.3.210/24: not found
So now what, gotta manually manage these interfaces in /etc/rc.local? My method works cleanly with rc.conf at least...
@crest I can update my classic jails example to not use the epair because the jails are dynamically putting the ip address on the interface, but I currently see no way to put addresses on the vlan sub interfaces of a bridge with /etc/rc.conf because a period is not a valid character in an interface name in this file
Replies
0
No replies yet.