https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=292759
--- Comment #14 from Zhenlei Huang <[email protected]> --- (In reply to vova from comment #13) > But, is it correct approach? I'm focusing on the bugs in driver, so probably my previous comment >> Patch to fix disabling vlan filter is misleading. I intended to fix setting promiscuous mode of the driver. > I mean filtering by our MAC (-promisc) is not the same as filtering by our > VLANs (vlanhwfilter). > Why one should turn off another? The short answer is, bridge(4) is currently designed so, see also ifconfig(8), ``` addm interface [options ...] Add the interface named by interface as a member of the bridge. The interface is put into promiscuous mode so that it can receive every packet sent on the network. ``` The bridge member will be put into promiscuous mode. > If igb0 added as addm igb0 tagged 1,2,3 - we should configure vlanhwfilter to > pass > VLANs 1,2,3, not turn hardware filter off? The long answer, before Lexi brought the vlanfilter for bridge(4), the bridge(4) will want to intercept all packets, tagged or not, destined for us or not. So putting member interfaces into promiscuous mode is the simplest solution. Well indeed the NIC driver / hardware can be implemented with such feature, that it is programmed with vlan filters to accept wanted tagged packets. This requires introducing a new kind of **promiscuous mode** into the net stack, to distinguish with currently well known one. Or we introduce some breakage, that is re-purposing the promiscuous mode. The former introduce more complexity, well the latter will make people unhappy. Good news is that, the ports on modern switches can be easily configured with desired VLANs and the switch itself can do VLAN filter efficiently. So no bother the NICs to do that. -- You are receiving this mail because: You are the assignee for the bug.
