On 2/04/2019 2:08 pm, David Gwynne wrote:
> Can you send me the hostname.* files and the output of ifconfig (showing all
> interfaces)?
>
> You're using -current now, right?
>
> dlg
>
>> On 2 Apr 2019, at 08:15, lnel...@nelnet.org wrote:
>>
>>
>> First of all the protected domain seems to do the opposite of what I
>> need, but it may only appear to be the case because of the strageness
>> with broadcast. When trying to ping (or send any traffic) between
>> rtr01 and rtr02 and the two mpw2's are in the same protected domain,
>> the arp requests die in the bridge. The arp never shows up at all on
>> the other mpw. If I remove the mpw's from the protected domain, then
>> the arp traffic gets through to the other mpw, but it doesn't get sent
>> out properly by MPLS. It's sent out as MPLS broadcast traffic
>> originating on the physical ethernet interface but with the right label
>> for the pseudowire. Even though the arp request itself is broadcast
>> traffic, I would expect it to be encapsulated in a unicast MPLS packet
>> which is sent from the MAC of the bridge or the originating router and
>> and sent as unicast to the destination router with the pseudowire's
>> label. As it is now, even if the destination router could figure out
>> what to do with these MPLS broadcast packets, it would respond to the
>> physical interface and not the bridge.
You only need the protected domain if you do a full mesh vpls (I.E.
every router has a mpw to every other router). That wasn't the config
you showed initially so I don't think you need it in your case.
I am running the following diff to get MPLS to work with GRE as I had a
similar ARP issue that was caused by gre_input tagging the packets as
MCAST and then mpls_input dropping them. When I looked into it I didn't
think that should cause the issue I was seeing for a real interface as
ether_input didn't re-add the MCAST flag, but I also don't have a real
box to test on. You can give it a go and see if it helps.
diff --git sys/netmpls/mpls_output.c sys/netmpls/mpls_output.c
index b2be1fcc9..fe6e0ec42 100644
--- sys/netmpls/mpls_output.c
+++ sys/netmpls/mpls_output.c
@@ -53,6 +53,9 @@ mpls_output(struct ifnet *ifp, struct mbuf *m, struct
sockaddr *dst,
int error;
u_int8_t ttl;
+ /* reset broadcast and multicast flags, this is a P2P tunnel */
+ m->m_flags &= ~(M_BCAST | M_MCAST);
+
if (rt == NULL || (dst->sa_family != AF_INET &&
dst->sa_family != AF_INET6 && dst->sa_family != AF_MPLS)) {
if (!ISSET(ifp->if_xflags, IFXF_MPLS))
@@ -132,9 +135,6 @@ mpls_output(struct ifnet *ifp, struct mbuf *m,
struct sockaddr *dst,
goto bad;
}
- /* reset broadcast and multicast flags, this is a P2P tunnel */
- m->m_flags &= ~(M_BCAST | M_MCAST);
-
smpls->smpls_label = shim->shim_label & MPLS_LABEL_MASK;
error = ifp->if_ll_output(ifp, m, smplstosa(smpls), rt);
return (error);
