Created attachment 216974 [details]
Script to create a base jail on a FreeBSD 12.1 VM

I am trying to use ng_vlan on Hyper-V to deploy vnet jails.
The "Enable MAC address Spoofing" setting on the Hyper-V host is enabled.
However when I try to use ng_vlan I am not able to reach the jail.
If I change this to if_vlan instead everything works fine.

Here are the symptoms for an ng_vlan jail with a static IP when I try to ping it.
- The arp request from the gateway is visible on hn1, the vlan interface (hn1vl50), the bridge interface (hn1vl50br) and the epair interface inside the jail.
- The outbound arp response is visible on the same interfaces
- Wireshark on the interface with the trunked vlans on windows (Ethernet 1) does not see any ARP response (I can see the requests)
- The gateway does not see the arp response and continues to send arp requests for the IP

Is there something that creating a VLAN using ifconfig does to the interface that ng_vlan does not?
The same setup works well on VMware ESXi, Xen and KVM.

I am not sure if this is relevant to my issue but the hn1 devices sysrc's changes when I use different methods to set vlans on bsd:

no vlan:
dev.hn.1.rxfilter: 9<DIRECT,BROADCAST>
dev.hn.1.hwassist: 17<CSUM_IP,CSUM_IP_UDP,CSUM_IP_TCP,CSUM_IP_TSO>

if_vlan:
dev.hn.1.rxfilter: 20<PROMISC>
dev.hn.1.hwassist: 17<CSUM_IP,CSUM_IP_UDP,CSUM_IP_TCP,CSUM_IP_TSO>

ng_vlan:
dev.hn.1.rxfilter: 9<DIRECT,BROADCAST>
dev.hn.1.hwassist: 0

All the other sysrc's either stay the same or seem to be counters.

I have attached:
- A shell script to setup everything from a default zfs install of FreeBSD 12.1
- The powershell commands I use to setup VLANs on Hyper-V
- A shell script to setup vnet jails using both ng_vlan and if_vlan on a Hyper-V VM with 2 hn interfaces.

Any help understanding what these sysrc's do, and on how I could get ng_vlan to work would be very appreciated.

I have tested this on Hyper-V on Windows Server 2012 R2 and Windows Server 2016.