Bridge woes

[D'Arcy Cain]

I have been trying to solve this problem for a week now. I have been emailing the virtualization list (Re: When is a switch not a switch?) because it had to do with vm-bhyve but now I am wondering if it is something else. Maybe some of the network experts here can help.

Basically I have the following in my rc.conf:
  set -- $(/sbin/ifconfig -l ether); eth0=$1 eth1=$2
  eval "ifconfig_${eth0}_name=\"eth0\"" # Public facing network
  eval "ifconfig_${eth1}_name=\"eth1\"" # Private network
  ifconfig_eth0="inet 0x629e8b${me}/27"
  ifconfig_eth0_ipv6="inet6 2605:2600:1001::${me}/64"
  ifconfig_eth1="inet 0xc0a897${me}/24"
  ifconfig_eth1_ipv6="inet6 fc00:97:97::${me}/64"
  vm_enable="YES"
  vm_dir="zfs:zroot/VM"
  vm_delay="5"

Everything there does what it is supposed to do.  In rc.local I do this:
  sysctl -w net.inet.ip.forwarding=1
  sysctl -w net.inet6.ip6.forwarding=1
  vm switch create public
  vm switch add public eth0
  vm switch create private
  vm switch add private eth1





In the VM I set an IP address on the same network as the host:

        options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
        ether 22:22:22:22:22:41
        inet 98.158.139.71 netmask 0xffffffe0 broadcast 98.158.139.95
        media: Ethernet 10Gbase-T <full-duplex>
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>





Can anyone make any sense out of this?

--
D'Arcy J.M. Cain <da...@druid.net>         |  Democracy is three wolves
http://www.druid.net/darcy/                |  and a sheep voting on
+1 416 788 2246     (DoD#0082)    (eNTP)   |  what's for dinner.
IM: da...@vybenetworks.com, VoIP: sip:da...@druid.net

Disclaimer: By sending an email to ANY of my addresses you
are agreeing that:

1.  I am by definition, "the intended recipient".
2.  All information in the email is mine to do with as I see
    fit and make such financial profit, political mileage, or
    good joke as it lends itself to. In particular, I may quote
    it where I please.
3.  I may take the contents as representing the views of
    your company if I so wish.
4.  This overrides any disclaimer or statement of
    confidentiality that may be included or implied in
    your message.

I know that I can put those sysctls in /etc/sysctl.conf but I have reasons for doing it this way. So far so good. I then fire up a VM by running "vm install". I haven't been able to get an actual working system yet due to the following proble, vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 I set up /etc/resolv.conf and default routes as expected. At that point I can ping any IP address on my internal network as well as any ICMP friendly sites anywhere on the Internet. However, I can't make a TCP connection to anywhere except to the host or, for some odd reason, one other host on my network. I have tried putting the public IP on the bridge but other than complicating my startup scripts it acts exactly the same.

OpenPGP_signature
Description: OpenPGP digital signature