On 2/04/2019 2:08 pm, David Gwynne wrote: > Can you send me the hostname.* files and the output of ifconfig (showing all > interfaces)? > > You're using -current now, right? > > dlg > >> On 2 Apr 2019, at 08:15, lnel...@nelnet.org wrote: >> >> >> First of all the protected domain seems to do the opposite of what I >> need, but it may only appear to be the case because of the strageness >> with broadcast. When trying to ping (or send any traffic) between >> rtr01 and rtr02 and the two mpw2's are in the same protected domain, >> the arp requests die in the bridge. The arp never shows up at all on >> the other mpw. If I remove the mpw's from the protected domain, then >> the arp traffic gets through to the other mpw, but it doesn't get sent >> out properly by MPLS. It's sent out as MPLS broadcast traffic >> originating on the physical ethernet interface but with the right label >> for the pseudowire. Even though the arp request itself is broadcast >> traffic, I would expect it to be encapsulated in a unicast MPLS packet >> which is sent from the MAC of the bridge or the originating router and >> and sent as unicast to the destination router with the pseudowire's >> label. As it is now, even if the destination router could figure out >> what to do with these MPLS broadcast packets, it would respond to the >> physical interface and not the bridge.
You only need the protected domain if you do a full mesh vpls (I.E. every router has a mpw to every other router). That wasn't the config you showed initially so I don't think you need it in your case. I am running the following diff to get MPLS to work with GRE as I had a similar ARP issue that was caused by gre_input tagging the packets as MCAST and then mpls_input dropping them. When I looked into it I didn't think that should cause the issue I was seeing for a real interface as ether_input didn't re-add the MCAST flag, but I also don't have a real box to test on. You can give it a go and see if it helps. diff --git sys/netmpls/mpls_output.c sys/netmpls/mpls_output.c index b2be1fcc9..fe6e0ec42 100644 --- sys/netmpls/mpls_output.c +++ sys/netmpls/mpls_output.c @@ -53,6 +53,9 @@ mpls_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, int error; u_int8_t ttl; + /* reset broadcast and multicast flags, this is a P2P tunnel */ + m->m_flags &= ~(M_BCAST | M_MCAST); + if (rt == NULL || (dst->sa_family != AF_INET && dst->sa_family != AF_INET6 && dst->sa_family != AF_MPLS)) { if (!ISSET(ifp->if_xflags, IFXF_MPLS)) @@ -132,9 +135,6 @@ mpls_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, goto bad; } - /* reset broadcast and multicast flags, this is a P2P tunnel */ - m->m_flags &= ~(M_BCAST | M_MCAST); - smpls->smpls_label = shim->shim_label & MPLS_LABEL_MASK; error = ifp->if_ll_output(ifp, m, smplstosa(smpls), rt); return (error);