Bridging vlan over mpls. OpenBSD6.3

Fri, 18 May 2018 03:52:54 -0700

I found strange behavior when tried to bridge vlan from OpenBSD box over mpls. It seems like BSD box sends untagged packets received from mpls tunnel instead of adding vlan tag. Is it known bug or am I just missing something? 

OpenBSD running on a PC with two vlans.
vyb-r0# uname -a
OpenBSD vyb-r0.loc 6.3 GENERIC.MP#107 amd64


vlan107 -- mpls enabled vlan:
vyb-r0# ifconfig vlan107
vlan107: flags=88843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,MPLS> mtu 1500 
        lladdr 70:71:bc:cc:fb:d4
        description: Kinda uplink interface
        index 7 priority 0 llprio 3
        encap: vnetid 107 parent re0
        groups: vlan
        media: Ethernet autoselect (1000baseT full-duplex)
        status: active
        inet 10.150.0.10 netmask 0xffffff00 broadcast 10.150.0.255

vlan2000 -- vlan that got to be bridged over mpls:
vyb-r0# ifconfig vlan2000
vlan2000: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 
        lladdr 70:71:bc:cc:fb:d4
        description: local L2 interface
        index 9 priority 0 llprio 3
        encap: vnetid 2000 parent re0
        groups: vlan
        media: Ethernet autoselect (1000baseT full-duplex)
        status: active

bridging interface:
vyb-r0# ifconfig bridge0
bridge0: flags=41<UP,RUNNING>
        index 4 llprio 3
        groups: bridge
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp 
        designated: id 00:00:00:00:00:00 priority 0
        vlan2000 flags=3<LEARNING,DISCOVER>
                port 9 ifpriority 0 ifcost 0
        mpw0 flags=3<LEARNING,DISCOVER>
                port 6 ifpriority 0 ifcost 0
        Addresses (max cache: 100, timeout: 240):
                e4:6f:13:aa:38:c1 mpw0 1 flags=0<>
                e4:6f:13:aa:37:c1 vlan2000 1 flags=0<>
MPLS tunnel is up and running and I can see MACs and packets coming in and out of tunnel. 

vyb-r0# tcpdump -nibridge0 -e
tcpdump: listening on bridge0, link-type EN10MB
13:02:48.323723 e4:6f:13:aa:37:c1 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 10.150.2.40 tell 10.150.2.50 13:02:48.324253 e4:6f:13:aa:38:c1 e4:6f:13:aa:37:c1 0806 60: arp reply 10.150.2.40 is-at e4:6f:13:aa:38:c1 13:02:49.347673 e4:6f:13:aa:37:c1 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 10.150.2.40 tell 10.150.2.50 13:02:49.348255 e4:6f:13:aa:38:c1 e4:6f:13:aa:37:c1 0806 60: arp reply 10.150.2.40 is-at e4:6f:13:aa:38:c1 13:02:50.371668 e4:6f:13:aa:37:c1 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 10.150.2.40 tell 10.150.2.50 13:02:50.372173 e4:6f:13:aa:38:c1 e4:6f:13:aa:37:c1 0806 60: arp reply 10.150.2.40 is-at e4:6f:13:aa:38:c1 13:02:51.395596 e4:6f:13:aa:37:c1 ff:ff:ff:ff:ff:ff 0806 60: arp who-has 10.150.2.40 tell 10.150.2.50 13:02:51.396143 e4:6f:13:aa:38:c1 e4:6f:13:aa:37:c1 0806 60: arp reply 10.150.2.40 is-at e4:6f:13:aa:38:c1 

However, those arp replies don't reach 10.150.2.50 on vlan2000.
I've mirrored OpenBSD port on a switch. vlan3000 is a target vlan for port mirroring. Here's tcpdump on another PC that receives mirroring vlan. 

#tcpdump -nivlan3000 -e
13:29:46.445351 e4:6f:13:aa:37:c1 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 64: vlan 2000, p 0, ethertype ARP, Request who-has 10.150.2.40 tell 10.150.2.50, length 46 13:29:46.445410 70:71:bc:cc:fb:d4 > b8:38:61:1a:8e:a1, ethertype 802.1Q (0x8100), length 90: vlan 107, p 0, ethertype MPLS unicast, MPLS (label 21, exp 0, ttl 255) (label 20, exp 0, [S], ttl 255) 13:29:46.445820 b8:38:61:1a:8e:a1 > 70:71:bc:cc:fb:d4, ethertype 802.1Q (0x8100), length 86: vlan 107, p 0, ethertype MPLS unicast, MPLS (label 16, exp 0, [S], ttl 254) 13:29:46.445870 e4:6f:13:aa:38:c1 > e4:6f:13:aa:37:c1, ethertype ARP (0x0806), length 60: Reply 10.150.2.40 is-at e4:6f:13:aa:38:c1, length 46 

First line is arp-request. (vlan2000)
Line two is arp-request sent over MPLS. (vlan107)
Line three is arp-answer sent over MPLS. (vlan107)
But forth line in simple untagged answer that got to be sent over vlan2000.
I haven't checked if this issue is broadcast only or unicast has same problem. I haven't checked if it is mpw only problem or any point-to-point interface strives too. Bridge works ok with bridging two vlans. 

ospfd.conf and ldpd.conf are as simple as it could be.

ospfd.conf:
router-id 10.128.0.10

area 0.0.0.0 {
        interface vlan107
        interface lo1
}


ldpd.conf:
router-id 10.128.0.10

l2vpn OFFICE type vpls {
  bridge bridge0
  interface vlan2000
  pseudowire mpw0 {
     neighbor-id 10.128.0.9
     pw-id 1111
  }
}

address-family ipv4 {
        interface vlan107
}
Things that confuses me is why vlan bridging over mpls isn't working in my setup. Bridging client's vlan is the most common mpls application that happens a lot of times, at least in my experience.

Reply via email to