From owner-freebsd-net@FreeBSD.ORG Sun May 11 13:18:12 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 644DE106566B for ; Sun, 11 May 2008 13:18:12 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from sepehrs.com (www.sepehrs.com [213.217.59.98]) by mx1.freebsd.org (Postfix) with ESMTP id 8BCBB8FC2C for ; Sun, 11 May 2008 13:18:10 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from [192.168.1.180] ([192.168.1.180]) by sepehrs.com (8.13.6/8.13.6) with ESMTP id m4BGLFvd057719; Sun, 11 May 2008 16:21:16 GMT (envelope-from fazaeli@sepehrs.com) Message-ID: <4826EB42.104@sepehrs.com> Date: Sun, 11 May 2008 17:19:06 +0430 From: "H.fazaeli" User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: "Jay L. T. Cornwall" References: <4825EF8D.1050304@jcornwall.me.uk> In-Reply-To: <4825EF8D.1050304@jcornwall.me.uk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Sepehr-MailScanner-Information: Please contact the ISP for more information X-Sepehr-MailScanner: Found to be clean X-Sepehr-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-3.921, required 5, autolearn=not spam, ALL_TRUSTED -1.80, BAYES_00 -2.60, DATE_IN_PAST_03_06 0.48) X-MailScanner-From: fazaeli@sepehrs.com X-Spam-Status: No Cc: freebsd-net@freebsd.org Subject: Re: if_bridge with two subnets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 May 2008 13:18:12 -0000 The bridge works as it should: It receives packets from XX.XX.XXX.YYY on the interface connected to the switch, and forwards them on the interface connected to the gateway. The problem is that forwarding between subnets is the responsibility of your switch. The switch does its job, but since the two clients are not on the same IP subnet, they can not reach each other w/o the help of an intermediate router. Jay L. T. Cornwall wrote: > Hi, > > I have an if_bridge, thus: > > bridge0: flags=8843 metric 0 > mtu 1500 > inet XX.XX.XXX.20 netmask 0xfffffff8 broadcast XX.XX.XXX.23 > inet 192.168.1.30 netmask 0xffffff00 broadcast 192.168.1.255 > > On one side of the bridge is a layer 2 switch with clients of a mix of > addresses from these two subnets. On the other side is a gateway > XX.XX.XXX.22. All clients can communicate through the gateway > correctly, with the 192.168.1.x subnet being NAT'd. > > However, clients from one subnet cannot communicate with clients from > the other subnet. Pinging a 192.168.1.X machine from the other subnet > shows the packet incorrectly routed out through the gateway, not back > through the interface it came. > > The routing table shows that both subnets should be routed through the > bridge: > > XX.XX.XXX.XX/29 link#5 UC 0 0 bridge > 192.168.1.0/24 link#5 UC 0 0 bridge > > The bridge host itself can ping machines on both subnets. So why is > the if_bridge routing packets destined for the private subnet out > through the default route instead? > > (The specific hosts being pinged are present in the routing table from > ARP lookups. They are all destined for the bridge interface.) > -- With best regards. Hooman Fazaeli Technical Manager Sepehr S. T. Co. Ltd. Web: http://www.sepehrs.com Tel: (9821)88975701-2 Fax: (9821)88983352