From owner-freebsd-questions@FreeBSD.ORG Thu Dec 6 12:07:03 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8050B16A417 for ; Thu, 6 Dec 2007 12:07:03 +0000 (UTC) (envelope-from silver.salonen@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.190]) by mx1.freebsd.org (Postfix) with ESMTP id 1142713C459 for ; Thu, 6 Dec 2007 12:07:02 +0000 (UTC) (envelope-from silver.salonen@gmail.com) Received: by nf-out-0910.google.com with SMTP id b2so84262nfb for ; Thu, 06 Dec 2007 04:07:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date:user-agent:cc:references:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:message-id; bh=JDuBtOeBshmodUGOAOKsWTxpkW01lkvTParagGnkDNY=; b=MQdOZ1SkCzqtB5wHi4WV+Uf/4FKHDnx0kFGfpAoDZiidJAsSCKO7cds7gRmQ1RfsKbFm1tcbrzA6o4CWQrJUjQTl/L9oeFLBDEa6TyklNQxWrxxXw3JqdGb7wz51CcLMHeY021O8Yf/d5/h7NUC5jQGpQ6iYQ5SHOXAKAPF8558= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:cc:references:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:message-id; b=QTNYV8zKzreI+5zDqeOHT6NntxsFlGu7pVp1XAB3XaVKUCpm4FFxMGMlyXF8LZN6OVCvihW51rN0WCqNDMZM13XOA2NRKkkoWohfNtu5KLj4853zewlmzp+jN68xSv8gWDnJDDxtM+QogC9Tmlag8Lgo3sgIVxEtzb6GUFXL9Eg= Received: by 10.86.97.7 with SMTP id u7mr947817fgb.1196941101978; Thu, 06 Dec 2007 03:38:21 -0800 (PST) Received: from ?192.168.8.99? ( [195.50.198.178]) by mx.google.com with ESMTPS id a37sm261494fkc.2007.12.06.03.38.20 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 06 Dec 2007 03:38:20 -0800 (PST) From: Silver Salonen To: freebsd-questions@freebsd.org Date: Thu, 6 Dec 2007 13:31:38 +0200 User-Agent: KMail/1.9.7 References: <14188023.post@talk.nabble.com> <14189511.post@talk.nabble.com> <200712061321.48728.nvass@teledomenet.gr> In-Reply-To: <200712061321.48728.nvass@teledomenet.gr> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200712061331.39016.silver.salonen@gmail.com> Cc: Nikos Vassiliadis Subject: Re: enabling if_bridge STP X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Dec 2007 12:07:03 -0000 On Thursday 06 December 2007 13:21, Nikos Vassiliadis wrote: > On Thursday 06 December 2007 12:20:18 Atrox wrote: > > Well, as I understand, in my case, STP should be enabled mainly on > > TAP-interfaces as it would eliminate the scenario where, for an example, > > ARP-requests from 192.168.1.1 for 192.168.3.1 reach 192.168.2.1. Have I > > understood it correctly? > > It sounds like you want to isolate the ethernets, not bridge them. > Bridging is not what you need, if I have understood correctly. > > You want to keep ARP and broadcasts to the relevant boxes, right? > You have to use VLANs on your switch to achieve this, not bridging. Actually the final target is to connect all the 3 LANs over VPN, so that they can browse eachother networks etc. When I did it, I could see duplicate packets looping through all bridges, so I thought I'd bring in STP. That's what it's for, right? -- Silver