From owner-freebsd-net@FreeBSD.ORG Mon May 12 15:33:02 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 514251065672 for ; Mon, 12 May 2008 15:33:02 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from sepehrs.com (www.sepehrs.com [213.217.59.98]) by mx1.freebsd.org (Postfix) with ESMTP id 5B5518FC17 for ; Mon, 12 May 2008 15:33:00 +0000 (UTC) (envelope-from fazaeli@sepehrs.com) Received: from [192.168.1.180] ([192.168.1.180]) by sepehrs.com (8.13.6/8.13.6) with ESMTP id m4CIrBI8068051; Mon, 12 May 2008 18:53:11 GMT (envelope-from fazaeli@sepehrs.com) Message-ID: <48286052.6000507@sepehrs.com> Date: Mon, 12 May 2008 19:50:50 +0430 From: "H.fazaeli" User-Agent: Thunderbird 2.0.0.14 (Windows/20080421) MIME-Version: 1.0 To: "Jay L. T. Cornwall" References: <4825EF8D.1050304@jcornwall.me.uk> <4826EB42.104@sepehrs.com> <48274E6D.9060704@jcornwall.me.uk> In-Reply-To: <48274E6D.9060704@jcornwall.me.uk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Sepehr-MailScanner-Information: Please contact the ISP for more information X-Sepehr-MailScanner: Found to be clean X-Sepehr-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-3.921, required 5, autolearn=not spam, ALL_TRUSTED -1.80, BAYES_00 -2.60, DATE_IN_PAST_03_06 0.48) X-MailScanner-From: fazaeli@sepehrs.com X-Spam-Status: No Cc: freebsd-net@freebsd.org Subject: Re: if_bridge with two subnets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 May 2008 15:33:02 -0000 Jay L. T. Cornwall wrote: > H.fazaeli wrote: > >> The bridge works as it should: It receives packets from >> XX.XX.XXX.YYY on the interface connected to the switch, and >> forwards them on the interface connected to the gateway. >> >> The problem is that forwarding between subnets is the responsibility >> of your switch. The switch does its job, but since the two clients are >> not on the same IP subnet, they can not reach each other w/o the help of >> an intermediate router. > > Perhaps I am mixing up two separate networking concepts. > > On a machine configured to act as a gateway, I would expect a single > interface with more than one subnet to route packets correctly across > those subnets. That may not be how it works in practice. > > If it does not work, I would question why not. If it does work then I > would expect the same behaviour on each of a bridge's constituent > interfaces? > It does work. However, if I understand your setup correctly, the freebsd box has been setup to act as a bridge, not as a router (routing is enabled with sysctl net.inet.ip.forwarding=1). Bridging works when the forwarding is between the same subnets. For freebsd box to route between subnets: - enable routing: sysctl net.inet.ip.forwarding=1 - clients must use the freebsd box as gateway. - IP addresses must be removed from the bridge and assigned to the member interfaces. (the bridge is no longer needed). You may have bridging & routing on the same box at the same time but note that a single packet coming into the system either goes through bridging _or_ routing code, but not both. The former case happens if packet's destination MAC address is not that of box. The latter case happens when destination MAC address is that of receiving interface. If you provide a network diagram along with your requirements, we can better discuss the matter. -- With best regards. Hooman Fazaeli Technical Manager Sepehr S. T. Co. Ltd. Web: http://www.sepehrs.com Tel: (9821)88975701-2 Fax: (9821)88983352