Date: Sat, 3 Feb 2001 23:19:27 -0600 From: "Thomas T. Veldhouse" <veldy@veldy.net> To: "Keith J" <kjohnso8@columbus.rr.com> Cc: <freebsd-stable@freebsd.org> Subject: Re: Bridge and IPFW woes ... Message-ID: <003f01c08e6a$0b267080$0100a8c0@cascade> References: <006801c08d39$6974f9e0$3028680a@tgt.com> <008a01c08deb$1d8d3bc0$3601a8c0@keefer> <000801c08df8$46e3bd70$0100a8c0@cascade> <000b01c08e13$8a255880$3601a8c0@keefer>
next in thread | previous in thread | raw e-mail | index | archive | help
> > You are saying two things that make a big difference, you say Host A is > providing DHCP address, and that the addresses are external network > addresses. Just how are they assigned... DHCP, Static, or using a > secondary (i.e. multiple IP's for the same interface)? No, the outer interface is without an IP and the internal interface has an IP. All IPs on my network are public - via the bridge. > > If you are using the default gateway from the ISP then in essence you are > asking the ISP router to know where your internal network is, which he > doesn't. As I said, you need to point the B & C machines to A so A can > route the packet to the internal network interface so B can talk to C and > vice versa. If the traffic is going outside the internal network then he > will > route it to the ISP interface, provided you build the route I suggested > earlier, > and limited to the span of internal addresses you use. The entire network works just fine. But when the second computer comes online, Host A seems to disappear from the outside (to Host A everything appears OK). The bridge continues to work correctly however and the filter rules with IPFW also work (all running on host A). > > The system must have a way of knowing what addresses to find on what > interface for reliable communications, that is done by address and netmask. > Otherwise just hang everything off a hub, becasue that is all bridging is > doing > in this case. No, I need ipfw to filter the packets on the way through the bridge. The filtering works fine, but occasionally Host A will drop off the radar. Eventually it will reappear and work as normal (could be hours or days). Even though Host A appears to be gone, the bridge code running on Host A works fine and all packets are bridged and filtered. I know this exact setup will also work with OpenBSD using BRIDGE and IPFILTER - except I don't know if they support setting an IP address for an interface that is part of the bridge (which is what I am doing here). Incidentally, I have this same setup running on my brothers network and it works fine for him (as mine used to). Something changed between 12-31-2000 and 1-30-2001 that has caused this. Tom Veldhouse veldy@veldy.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003f01c08e6a$0b267080$0100a8c0>