I am having trouble passing traffic between pseudowires in a bridge in
OpenBSD 6.4. This is the network:
Physical A
+---------------------------------------------+
| |
+---------+--------+ +---------
+---------+
| em1 | |
ether1 |
| | | brid
ge99|
| bsd02 | VPLS A | fd
::4202|
| (em0)+--------------------------+(ether4) .99.2 |
| |mpw2 |
|
| vether42 | |
rtr01 |
| fd::4201 | +--------------
-----+
| .99.1 |
| |
| |
| | VPLS B +-------------
------+
| (em2)+--------------------------+(ether4)
|
| em3 |mpw3 | bridge
99|
+---------+--------+ | fd::4
203|
| |
rtr02 .99.3 |
|
| |
|Physical C
| |
| +-------------
------+
+---------+--------+
| fxp0 |
| ff::4204 |
| .99.1 |
| bsd04 |
| |
+------------------+
bsd02: OpenBSD 6.4
bsd04: OpenBSD 6.4
rtr01: Mikrotik
rtr02: Mikrotik
ipv4: 192.168.99.0/24
ipv6: ff::4200/64
There are no routing protocols running in this address space
Physical A and VPLS A are never enabled/connected at the same time
When Physical A is in use (and VPLS A is disabled), all devices can
ping each other. However, when VPLS A is in use (and Pysical A is
disconnected), all devices can ping each other EXCEPT that rtr01 and
rtr02 can not ping each other.
Scenario: ping rtr01 from rtr02
Packet captures on:
mpw2: only arp and/or neighbor solicitations
mpw3: only arp and/or neighbor solicitations
em0: MPLS packets with encapsulated pings
em2: No MPLS packets at all
The same situation occurs when pinging from rtr02 to rtr01
What I can conclude from this is that either I have made a mistake
somewhere (very likely) or there is a problem with traffic passing
between pseudowires in a bridge. The mpw interfaces are trying to send
traffic out of the bridge in the above scenario, but that traffic
never gets (re)encapsulated into VPLS. This seems to rule out the
Mikrotik routers since the traffic never leaves the physical interface
on bsd02. If the traffic arrives into the bridge from a physical
interface, then it is able to leave through an mpw with proper
encapsulation. If the traffic enters the bridge from an mpw, then it
is able to leave through a physical interface. It is only the mpw to
mpw scenario that isn't working.
I do not believe that RSTP is a factor here since there are no loops
(which is why Physical A and VPLS A are never in use at the same
time). I have disabled RSTP on the bridges on the Mikrotiks and I and
removed it from vether42 in the bridge on bsd02. I do not know how to
disable RSTP on the bridge itself on bsd02, but I doubt that it is the
source of the problem.
Additional information from bsd02:
> ifconfig bridge42
bridge42: flags=41<UP,RUNNING>
index 8 llprio 3
groups: bridge
priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6
proto rstp
designated: id 00:00:00:00:00:00 priority 0
mpw2 flags=3<LEARNING,DISCOVER>
port 10 ifpriority 0 ifcost 0
mpw3 flags=3<LEARNING,DISCOVER>
port 11 ifpriority 0 ifcost 0
vether42 flags=3<LEARNING,DISCOVER>
port 12 ifpriority 0 ifcost 0
em3 flags=3<LEARNING,DISCOVER>
port 4 ifpriority 0 ifcost 0
Addresses (max cache: 100, timeout: 240):
xx:xx:xx:xx:xx:xx mpw3 1 flags=0<>
xx:xx:xx:xx:xx:xx mpw2 1 flags=0<>
> ifconfig vether42
vether42:
flags=208943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,AUTOCONF6>
mtu 1500
lladdr fe:e1:ba:d0:64:1c
index 12 priority 0 llprio 3
groups: vether egress
media: Ethernet autoselect
status: active
inet6 fe80::5b99:e79f:xxxx:xxxx%vether42 prefixlen 64 scopeid
0xc
inet6 fd00::4201 prefixlen 64
inet6 fd00::c447:3e8c:xxxx:xxxx prefixlen 64 autoconf
autoconfprivacy pltime 82114 vltime 600536
inet6 fd00::329:1a37:535:f12f prefixlen 64 autoconf pltime
604675 vltime 2591875
inet 192.168.99.1 netmask 0xffffff00 broadcast 192.168.99.255
> sudo cat /etc/ldpd.conf
router-id 192.168.40.1
address-family ipv4 {
interface em0 {
link-hello-interval 5
link-hello-holdtime 15
}
interface em2 {
link-hello-interval 5
link-hello-holdtime 15
}
}
l2vpn vlan42 type vpls {
bridge bridge42
interface vether42
pseudowire mpw2 {
neighbor-id 192.168.40.2
pw-id 42
}
pseudowire mpw3 {
neighbor-id 192.168.40.3
pw-id 42
}
> ifconfig mpw2
mpw2: flags=51<UP,POINTOPOINT,RUNNING> mtu 1500
index 10 priority 0 llprio 3
encapsulation-type ethernet
mpls label: local 16 remote 26
neighbor: 192.168.40.2
groups: mpw
> ifconfig mpw3
mpw3: flags=51<UP,POINTOPOINT,RUNNING> mtu 1500
index 11 priority 0 llprio 3
encapsulation-type ethernet
mpls label: local 17 remote 39
neighbor: 192.168.40.3
groups: mpw
