OpenBSD 3.1 bridge problems

[Christoph Schneeberger <cschnee@box.telemedia.ch>]

Hi folks,

I have used bridging under OpenBSD for some time, but since I upgraded
them to OpenBSD 3.1 I am seeing a problem that forces me to shutdown the
bridge immediately, because both networks connected via the bridge
randomly lose connections between hosts on the same side of the bridge
as well as across the bridge.

My Setup is a box with 3 interfaces (one internal wire only [xl1], one
external internet [xl0], one internal to be connected to an Elsa WL
AP[tl0]). My goal is to allow people to connect transparently to the
internal network via wavelan, but they should authenticate then first
via authpf to get access to anything behind the internal if. Wire only
means that this network has no WL APs on it. Just to explain why this
weird setup is needed.

On xl1 there are about 25 machines connected thru a 3com 10/100 Switch.
On tl0 there is only one machine, currently my notebook, since I wanted
to make sure the ELSA AP is not biting me.

I am not sure if this is related with PR 2179, but I will describe what
I have found so far and hope somebody can give me a hint:

- As soon as I start the bridge with "brconfig bridge up" machines on
the xl1 side of the bridge stop seeing each others completely randomly.
They even get reconnected after some time, after some more time they
loose connection. The problem occurs most often between Win NT machines
and OpenBSD machines but also among all others.
When the screams of the lost souls (tm) flurrish the floors I naturally
get in panic and issue a "brconfig bridge0 down" and everything gets
fine after some more minutes, but the healing effect of this can be seen
by ping scanning the network, each round gets more replies.
- The problem goes away as soon as I make the bridge "unbridged" in any
way, means i.e. shutting it down, shutting on of two interfaces down,
removing an interface etc.
- The problem manifests much faster if traffic happens to go through the
bridge (i.e. : ping "machine-on-the-other-side" shuts down 3/4 of the
network quite effectively)
- If I remove the arp entry of a machine which I can't reach with "arp
-d x.x.x.x" I regain connectivity to x.x.x.x in most cases for some
time.
- Once I was able to run tcpdump on xl1 on the bridge while pinging
between two other machines on the xl1 segment, the ping timed out and I
saw the ping requests on xl1 which I suppose they shouldn't in a
switched environment.
- It makes no difference if tl0 has assigned an IPv4 address or not.

My wild guess is that the OpenBSD bridge is randomly announcing mac
addresses to the switch, which in turn then forwards packets destinated
to those mac addresses to the bridge instead of the port where the
machine really lives.

Has anybody else seen something like this ?
Is this PR 2179 that I am seeing or is it somehow related to it ?
Also I have found that my source from 3.1 seemed to already contain this
fix, but I anyway recompiled a kernel to see if the problem goes away,
without success.

Thanks for any hints in advance.

Christoph Schneeberger

---
Here goes my dmesg and my pf.conf:

-pf.conf-
pass in quick all
pass out quick all

-dmesg-
OpenBSD 3.1 (GENERIC) #0: Wed Jun 12 17:18:57 CEST 2002
    root@charon:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium Pro ("GenuineIntel" 686-class, 256KB L2 cache) 180
MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SYS,MTRR,PGE,MCA,CMOV
real mem  = 49917952 (48748K)
avail mem = 40714240 (39760K)
using 634 buffers containing 2596864 bytes (2536K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(d3) BIOS, date 05/08/98, BIOS32 rev. 0 @
0xf3000
apm0 at bios0apm0: APM power management enable: power management
disabled (1)
: Power Management spec V1.1 (BIOS mgmt disabled)
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev. 2.1 @ 0xf3000/0x1300
pcibios0: PCI BIOS has 6 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 11
pcibios0: PCI Interrupt Router at 000:20:0 ("Intel 82371SB PCI-ISA" rev
0x00)
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc0000/0x8000 0xc8000/0x800
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
vga1 at pci0 dev 12 function 0 "Cirrus Logic CL-GD5446" rev 0x00
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
xl0 at pci0 dev 13 function 0 "3Com 3c905C 100Base-TX" rev 0x74: irq 11
address 00:01:02:1f:f1:1c
exphy0 at xl0 phy 24: Broadcom 3C905C internal PHY, rev. 6
tl0 at pci0 dev 16 function 0 "Compaq Integrated NetFlex 3/P" rev 0x10:
irq 11 address 00:80:5f:25:04:00
ukphy0 at tl0 phy 31: Generic IEEE 802.3u media interface
ukphy0: OUI 0x100014, model 0x0001, rev. 5
xl1 at pci0 dev 18 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq
11xl1: command never completed!
xl1: command never completed!
xl1: command never completed!
 address 00:04:76:19:70:df
exphy1 at xl1 phy 24: 3Com internal media interface
xl1: command never completed!
xl1: command never completed!
xl1: command never completed!
pcib0 at pci0 dev 20 function 0 "Intel 82371SB PCI-ISA" rev 0x01
pciide0 at pci0 dev 20 function 1 "Intel 82371SB IDE" rev 0x00: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <SunDisk SD35B-350>
wd0: 1-sector PIO, LBA, 334MB, 906 cyl, 12 head, 63 sec, 684936 sectors
wd0(pciide0:0:0): using PIO mode 0
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <MATSHITA, CD-ROM CR-583, 1.05> SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 0, DMA mode 1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask c040 netmask c840 ttymask d8c2
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matched BIOS disk 80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
syncing disks... done
xl1: command never completed!
xl1: command never completed!
rebooting...
OpenBSD 3.1 (GENERIC) #0: Wed Jun 12 17:18:57 CEST 2002
    root@charon:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium Pro ("GenuineIntel" 686-class, 256KB L2 cache) 180
MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SYS,MTRR,PGE,MCA,CMOV
real mem  = 49917952 (48748K)
avail mem = 40714240 (39760K)
using 634 buffers containing 2596864 bytes (2536K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(d3) BIOS, date 05/08/98, BIOS32 rev. 0 @
0xf3000
apm0 at bios0apm0: APM power management enable: power management
disabled (1)
: Power Management spec V1.1 (BIOS mgmt disabled)
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev. 2.1 @ 0xf3000/0x1300
pcibios0: PCI BIOS has 6 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 11
pcibios0: PCI Interrupt Router at 000:20:0 ("Intel 82371SB PCI-ISA" rev
0x00)
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc0000/0x8000 0xc8000/0x800
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
vga1 at pci0 dev 12 function 0 "Cirrus Logic CL-GD5446" rev 0x00
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
xl0 at pci0 dev 13 function 0 "3Com 3c905C 100Base-TX" rev 0x74: irq 11
address 00:01:02:1f:f1:1c
exphy0 at xl0 phy 24: Broadcom 3C905C internal PHY, rev. 6
tl0 at pci0 dev 16 function 0 "Compaq Integrated NetFlex 3/P" rev 0x10:
irq 11 address 00:80:5f:25:04:00
ukphy0 at tl0 phy 31: Generic IEEE 802.3u media interface
ukphy0: OUI 0x100014, model 0x0001, rev. 5
xl1 at pci0 dev 18 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq
11xl1: command never completed!
xl1: command never completed!
xl1: command never completed!
 address 00:04:76:19:70:df
exphy1 at xl1 phy 24: 3Com internal media interface
xl1: command never completed!
xl1: command never completed!
xl1: command never completed!
pcib0 at pci0 dev 20 function 0 "Intel 82371SB PCI-ISA" rev 0x01
pciide0 at pci0 dev 20 function 1 "Intel 82371SB IDE" rev 0x00: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <SunDisk SD35B-350>
wd0: 1-sector PIO, LBA, 334MB, 906 cyl, 12 head, 63 sec, 684936 sectors
wd0(pciide0:0:0): using PIO mode 0
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <MATSHITA, CD-ROM CR-583, 1.05> SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 0, DMA mode 1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask c040 netmask c840 ttymask d8c2
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matched BIOS disk 80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302