Hi, Hope that I'm writing to the adequate mailing list in order to have some ideas or point of view about a functionality need after some troubleshoot with STP and other networks devices.
In order to have two "redundancy" firewalls based on ethernet bridges, I have two servers with on each a bridge network interface that add two vlans interfaces on each. I use RSTP in order to get one in a discarding state and the other in forwarding state so this let's the loop open. All the vlans are provides by a trunk interface (LACP) off two 10G ethernet interfaces. It's work very well and it's very efficient for our needs. But, with some switchs vendors (here force10), we have network device that's drop all the BPDU of RSTP, so there is no forwarding of RSTP hello on the ports. Despite the disabling of all STP process on it, it's impossible to get BPDUs forwarded on ports. I's appear that it's not possible to flood BPDU on the 4810 force10. After some quick changes in bridgestp and if_bridge source, now my bridge are able to send BPDU to a different multicast address. This permit to have an instance of RSTP dedicated for this ethernet bridges. Of course, it's doesn't respect the standard address of STP but it permit to bypass this kind of limitation due to network devices and mays also permit to have more than one STP domain. It's may be very useful to have the possibility to change the destination address for the STP packets from cli like ifconfig bridgeX spanmac 01:80:c2:00:00:10 (change from the default 01:80:c2:00:00:00) ... Maybe someone have another idea to solve this kind of problem ? and will it be interesting to have a patch about this feature into OpenBSD ? I hope my explanations are clear and there is an interest in this system. ​Alexandre
