Hi Daniel,
Definitely I can't do any script at the moment, so manual steps could be enough
I hope so.
1) As was reported, foreign external world MAC@ does not pass into network
namespace, just external border point "vlan199"
2) now collecting data for you, honestly I don’t see external mac address on
"inet-br" object, so my previous statement was incorrect.. {ossibly I might
mixed this up with another "labinet-br" (working in its limited scope) which is
IP-defined, while "inet-br" in question is not.
3) so question is, if the MACs learnt via vlan199 are supposed to be paired
(displayed) with "inet-br" object and all way up into NS....
4) I collected all into text file. If this is problem, then I paste it here.
Thanks, BR
Peter
-----Original Message-----
From: Daniel Gröber <d...@darkboxed.org>
Sent: pondelok 30. októbra 2023 13:04
To: GASPAROVIC Peter OBS/MKT <peter.gasparo...@orange.com>
Cc: 1054...@bugs.debian.org
Subject: Re: Bug#1054642: Failing ARP relay from external -> Linux bridge ->
veth port --> NS veth port
Hi Peter,
On Mon, Oct 30, 2023 at 10:43:39AM +0000, peter.gasparo...@orange.com wrote:
> Would it be possible to join a Webex session setup by me to check this
> out quickly? It's all lab environment.
I don't think that would help with reproducing your environment in this case,
besides I only offer synchronous debugging sessions for paid consulting
engagements.
> If not I will proceed per your instructions
Please do.
--Daniel
____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou
falsifie. Merci.
This message and its attachments may contain confidential or privileged
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been
modified, changed or falsified.
Thank you.
peterg@debian:~$
peterg@debian:~$
peterg@debian:~$
peterg@debian:~$ ip -d addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0 minmtu
0 maxmtu 0 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max
_segs 65535
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens161: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UP group
default qlen 1000
link/ether 00:50:56:01:01:04 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 60
maxmtu 9000 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_ma
x_segs 65535
inet6 fe80::250:56ff:fe01:104/64 scope link
valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
link/ether 00:50:56:01:01:01 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 60
maxmtu 9000 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_ma
x_segs 65535
inet 172.31.254.50/28 scope global ens192
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe01:101/64 scope link
valid_lft forever preferred_lft forever
4: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
link/ether 00:50:56:01:01:02 brd ff:ff:ff:ff:ff:ff promiscuity 2 minmtu 60
maxmtu 9000 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_ma
x_segs 65535
inet6 fe80::250:56ff:fe01:102/64 scope link
valid_lft forever preferred_lft forever
5: ens256: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group
default qlen 1000
link/ether 00:50:56:01:01:03 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 60
maxmtu 9000 numtxqueues 2 numrxqueues 2 gso_max_size 65536 gso_ma
x_segs 65535
inet6 fe80::250:56ff:fe01:103/64 scope link
valid_lft forever preferred_lft forever
6: vlan11@ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default qlen 1000
link/ether 00:50:56:01:01:02 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0
maxmtu 65535
vlan protocol 802.1Q id 11 <REORDER_HDR> numtxqueues 1 numrxqueues 1
gso_max_size 65536 gso_max_segs 65535
inet 192.168.255.254/24 brd 192.168.255.255 scope global vlan11
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe01:102/64 scope link
valid_lft forever preferred_lft forever
20: vlan77@ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master labinet-br state UP group default qlen 1000
link/ether 00:50:56:01:01:02 brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 0
maxmtu 65535
vlan protocol 802.1Q id 77 <REORDER_HDR>
bridge_slave state forwarding priority 32 cost 2 hairpin off guard off
root_block off fastleave off learning on flood on port_id 0x8001 port
_no 0x1 designated_port 32769 designated_cost 0 designated_bridge
8000.0:50:56:1:1:2 designated_root 8000.0:50:56:1:1:2 hold_timer 0.00 messa
ge_age_timer 0.00 forward_delay_timer 0.00 topology_change_ack 0
config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fa
st_leave off mcast_flood on neigh_suppress off group_fwd_mask 0
group_fwd_mask_str 0x0 vlan_tunnel off isolated off numtxqueues 1 numrxqueues 1
gso_max_size 65536 gso_max_segs 65535
inet6 fe80::250:56ff:fe01:102/64 scope link
valid_lft forever preferred_lft forever
21: labinet-br: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP group default qlen 1000
link/ether 00:50:56:01:01:02 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68
maxmtu 65535
bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000
stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q bri
dge_id 8000.0:50:56:1:1:2 designated_root 8000.0:50:56:1:1:2 root_port 0
root_path_cost 0 topology_change 0 topology_change_detected 0 hello_tim
er 0.00 tcn_timer 0.00 topology_change_timer 0.00 gc_timer 196.64
vlan_default_pvid 1 vlan_stats_enabled 0 group_fwd_mask 0 group_addr
ess 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0
mcast_querier 0 mcast_hash_elasticity 4 mcast_hash_max 512 mcast_
last_member_count 2 mcast_startup_query_count 2 mcast_last_member_interval 100
mcast_membership_interval 26000 mcast_querier_interval 25500 mcas
t_query_interval 12500 mcast_query_response_interval 1000
mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2
mcast_mld
_version 1 nf_call_iptables 0 nf_call_ip6tables 0 nf_call_arptables 0
numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
inet 172.16.255.7/24 brd 172.16.255.255 scope global labinet-br
valid_lft forever preferred_lft forever
inet6 fe80::1049:31ff:fea6:ceb4/64 scope link
valid_lft forever preferred_lft forever
22: inet-br: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
group default qlen 1000
link/ether 00:50:56:01:01:02 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68
maxmtu 65535
bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000
stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q bri
dge_id 8000.0:50:56:1:1:2 designated_root 8000.0:50:56:1:1:2 root_port 0
root_path_cost 0 topology_change 0 topology_change_detected 0 hello_tim
er 0.00 tcn_timer 0.00 topology_change_timer 0.00 gc_timer 172.03
vlan_default_pvid 1 vlan_stats_enabled 0 group_fwd_mask 0 group_addr
ess 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0
mcast_querier 0 mcast_hash_elasticity 4 mcast_hash_max 512 mcast_
last_member_count 2 mcast_startup_query_count 2 mcast_last_member_interval 100
mcast_membership_interval 26000 mcast_querier_interval 25500 mcas
t_query_interval 12500 mcast_query_response_interval 1000
mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2
mcast_mld
_version 1 nf_call_iptables 0 nf_call_ip6tables 0 nf_call_arptables 0
numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
inet6 fe80::38de:53ff:fe89:a5a6/64 scope link
valid_lft forever preferred_lft forever
23: vlan199@ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master inet-br state UP group default qlen 1000
link/ether 00:50:56:01:01:02 brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 0
maxmtu 65535
vlan protocol 802.1Q id 199 <REORDER_HDR>
bridge_slave state forwarding priority 32 cost 2 hairpin off guard off
root_block off fastleave off learning on flood on port_id 0x8001 port
_no 0x1 designated_port 32769 designated_cost 0 designated_bridge
8000.0:50:56:1:1:2 designated_root 8000.0:50:56:1:1:2 hold_timer 0.00 messa
ge_age_timer 0.00 forward_delay_timer 0.00 topology_change_ack 0
config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fa
st_leave off mcast_flood on neigh_suppress off group_fwd_mask 0
group_fwd_mask_str 0x0 vlan_tunnel off isolated off numtxqueues 1 numrxqueues 1
gso_max_size 65536 gso_max_segs 65535
inet6 fe80::250:56ff:fe01:102/64 scope link
valid_lft forever preferred_lft forever
25: vinet-br@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
master inet-br state UP group default qlen 1000
link/ether b2:cf:e5:36:d8:b0 brd ff:ff:ff:ff:ff:ff link-netns inet
promiscuity 1 minmtu 68 maxmtu 65535
veth
bridge_slave state forwarding priority 32 cost 2 hairpin off guard off
root_block off fastleave off learning on flood on port_id 0x8002 port
_no 0x2 designated_port 32770 designated_cost 0 designated_bridge
8000.0:50:56:1:1:2 designated_root 8000.0:50:56:1:1:2 hold_timer 0.00 messa
ge_age_timer 0.00 forward_delay_timer 0.00 topology_change_ack 0
config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 1 mcast_fa
st_leave off mcast_flood on neigh_suppress off group_fwd_mask 0
group_fwd_mask_str 0x0 vlan_tunnel off isolated off numtxqueues 1 numrxqueues 1
gso_max_size 65536 gso_max_segs 65535
inet6 fe80::b0cf:e5ff:fe36:d8b0/64 scope link
valid_lft forever preferred_lft forever
peterg@debian:~$
peterg@debian:~$
peterg@debian:~$
peterg@debian:~$ ip -n inet -d addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0 minmtu
0 maxmtu 0 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max
_segs 65535
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
24: vinet@if25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP group default qlen 1000
link/ether 12:71:5e:82:63:5e brd ff:ff:ff:ff:ff:ff link-netnsid 0
promiscuity 0 minmtu 68 maxmtu 65535
veth numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
inet 70.0.0.254/24 brd 70.0.0.255 scope global vinet
valid_lft forever preferred_lft forever
inet6 fe80::1071:5eff:fe82:635e/64 scope link
valid_lft forever preferred_lft forever
peterg@debian:~$
peterg@debian:~$
peterg@debian:~$
peterg@debian:~$ bridge -d link
20: vlan77@ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master labinet-br
state forwarding priority 32 cost 2
hairpin off guard off root_block off fastleave off learning on flood on
mcast_flood on neigh_suppress off vlan_tunnel off isolated off vlan7
7
21: labinet-br: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master labinet-br
labinet-br
22: inet-br: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master inet-br inet-br
23: vlan199@ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master inet-br
state forwarding priority 32 cost 2
hairpin off guard off root_block off fastleave off learning on flood on
mcast_flood on neigh_suppress off vlan_tunnel off isolated off vlan1
99
25: vinet-br@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master inet-br
state forwarding priority 32 cost 2
hairpin off guard off root_block off fastleave off learning on flood on
mcast_flood on neigh_suppress off vlan_tunnel off isolated off vinet
-br
peterg@debian:~$
peterg@debian:~$
peterg@debian:~$ bridge fdb
33:33:00:00:00:01 dev ens161 self permanent
01:00:5e:00:00:01 dev ens161 self permanent
33:33:ff:01:01:04 dev ens161 self permanent
33:33:00:00:00:fb dev ens161 self permanent
33:33:00:00:00:01 dev ens192 self permanent
01:00:5e:00:00:01 dev ens192 self permanent
33:33:ff:01:01:01 dev ens192 self permanent
01:00:5e:00:00:fb dev ens192 self permanent
33:33:00:00:00:fb dev ens192 self permanent
33:33:00:00:00:01 dev ens224 self permanent
01:00:5e:00:00:01 dev ens224 self permanent
33:33:ff:01:01:02 dev ens224 self permanent
01:80:c2:00:00:21 dev ens224 self permanent
01:00:5e:00:00:fb dev ens224 self permanent
33:33:00:00:00:fb dev ens224 self permanent
33:33:00:00:00:01 dev ens256 self permanent
01:00:5e:00:00:01 dev ens256 self permanent
33:33:ff:01:01:03 dev ens256 self permanent
01:80:c2:00:00:21 dev ens256 self permanent
33:33:00:00:00:fb dev ens256 self permanent
33:33:00:00:00:01 dev vlan11 self permanent
01:00:5e:00:00:01 dev vlan11 self permanent
33:33:ff:01:01:02 dev vlan11 self permanent
01:00:5e:00:00:fb dev vlan11 self permanent
33:33:00:00:00:fb dev vlan11 self permanent
00:50:56:01:01:03 dev vlan77 master labinet-br
00:50:56:01:02:01 dev vlan77 master labinet-br
00:50:56:99:dd:41 dev vlan77 master labinet-br
00:0c:29:7f:dc:3e dev vlan77 master labinet-br
00:0c:29:bf:0f:37 dev vlan77 master labinet-br
00:0c:29:f9:ba:12 dev vlan77 master labinet-br
4c:77:6d:db:1c:c4 dev vlan77 master labinet-br
00:50:56:01:01:02 dev vlan77 vlan 1 master labinet-br permanent
00:50:56:01:01:02 dev vlan77 master labinet-br permanent
33:33:00:00:00:01 dev vlan77 self permanent
01:00:5e:00:00:01 dev vlan77 self permanent
33:33:ff:01:01:02 dev vlan77 self permanent
33:33:00:00:00:fb dev vlan77 self permanent
33:33:00:00:00:01 dev labinet-br self permanent
01:00:5e:00:00:01 dev labinet-br self permanent
33:33:ff:a6:ce:b4 dev labinet-br self permanent
01:00:5e:00:00:fb dev labinet-br self permanent
33:33:00:00:00:fb dev labinet-br self permanent
33:33:00:00:00:01 dev inet-br self permanent
01:00:5e:00:00:01 dev inet-br self permanent
33:33:ff:89:a5:a6 dev inet-br self permanent
33:33:00:00:00:fb dev inet-br self permanent
00:50:56:01:00:53 dev vlan199 master inet-br
12:71:5e:82:63:5e dev vlan199 master inet-br
00:50:56:01:00:43 dev vlan199 master inet-br
00:50:56:01:01:02 dev vlan199 vlan 1 master inet-br permanent
00:50:56:01:01:02 dev vlan199 master inet-br permanent
33:33:00:00:00:01 dev vlan199 self permanent
01:00:5e:00:00:01 dev vlan199 self permanent
33:33:ff:01:01:02 dev vlan199 self permanent
33:33:00:00:00:fb dev vlan199 self permanent
b2:cf:e5:36:d8:b0 dev vinet-br vlan 1 master inet-br permanent
b2:cf:e5:36:d8:b0 dev vinet-br master inet-br permanent
33:33:00:00:00:01 dev vinet-br self permanent
01:00:5e:00:00:01 dev vinet-br self permanent
33:33:ff:36:d8:b0 dev vinet-br self permanent
33:33:00:00:00:fb dev vinet-br self permanent
peterg@debian:~$
peterg@debian:~$
// path is
external net --> vlan199 --> inet-br --> vinet-br --> vinet ("inet" NS)
// external MACs
00:50:56:01:00:53 dev vlan199 master inet-br
12:71:5e:82:63:5e dev vlan199 master inet-br
00:50:56:01:00:43 dev vlan199 master inet-br
// config:
ip netns add inet
ip link add name inet-br type bridge
ip link set dev inet-br up
ip link add link ens224 name vlan199 type vlan id 199
ip link set dev vlan199 up
ip link set dev vlan199 master inet-br
ip link add vinet type veth peer name vinet-br
ip link set dev vinet netns inet
ip -n inet link set dev lo up
ip -n inet link set dev vinet up
ip -n inet addr add 70.0.0.254/24 brd + dev vinet
ip -n inet route add default via 70.0.0.253
ip -n inet route add 172.17.0.0/24 via 70.0.0.1
ip link set vinet-br master inet-br
ip link set vinet-br up
