Date: Thu, 6 Dec 2007 15:37:21 +0200 From: Silver Salonen <silver.salonen@gmail.com> To: Nikos Vassiliadis <nvass@teledomenet.gr> Cc: freebsd-questions@freebsd.org Subject: Re: enabling if_bridge STP Message-ID: <200712061537.22617.silver.salonen@gmail.com> In-Reply-To: <200712061501.35633.nvass@teledomenet.gr> References: <14188023.post@talk.nabble.com> <200712061331.39016.silver.salonen@gmail.com> <200712061501.35633.nvass@teledomenet.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 06 December 2007 15:01, Nikos Vassiliadis wrote: > On Thursday 06 December 2007 13:31:38 Silver Salonen wrote: > > On Thursday 06 December 2007 13:21, Nikos Vassiliadis wrote: > > > On Thursday 06 December 2007 12:20:18 Atrox wrote: > > > > Well, as I understand, in my case, STP should be enabled mainly on > > > > TAP-interfaces as it would eliminate the scenario where, for an > > > > example, ARP-requests from 192.168.1.1 for 192.168.3.1 reach > > > > 192.168.2.1. Have I understood it correctly? > > > > > > It sounds like you want to isolate the ethernets, not bridge them. > > > Bridging is not what you need, if I have understood correctly. > > > > > > You want to keep ARP and broadcasts to the relevant boxes, right? > > > You have to use VLANs on your switch to achieve this, not bridging. > > > > Actually the final target is to connect all the 3 LANs over VPN, so that > > they can browse eachother networks etc. When I did it, I could see > > duplicate packets looping through all bridges, so I thought I'd bring in > > STP. That's what it's for, right? > > Not really, STP must be used/needed in a dynamic environment to > eliminate loops. Your environment doesn't seem dynamic to me. You > can create a loop-free topology like this: > > http://users.teledomenet.gr/nvass/topology.png > > 1) 10.0.0.0/24 is the shared network. > 2) bridge1 bridges eth0 and tap0 which is the VPN to the root-bridge. > 3) bridge2 bridges eth0 and tap0 which is the VPN to the root-bridge. > 4) root-bridge bridges eth0, tap0 and tap1. Is all the traffic pass through the root-bridge in this case, so that if bridge1 wants to talk to bridge2, it has to go through root-bridge and not straight? In my case there's a straight connection between bridge1 and bridge2 too, so that they don't have to communicate through root-bridge. -- Silver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200712061537.22617.silver.salonen>