Date: Thu, 6 Mar 2014 23:27:25 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44163 - head/en_US.ISO8859-1/books/handbook/advanced-networking Message-ID: <201403062327.s26NRPvO060188@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Thu Mar 6 23:27:25 2014 New Revision: 44163 URL: http://svnweb.freebsd.org/changeset/doc/44163 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 23:00:13 2014 (r44162) +++ head/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Thu Mar 6 23:27:25 2014 (r44163) @@ -2848,104 +2848,106 @@ rfcomm_sppd[94692]: Starting on /dev/tty <primary>bridge</primary> </indexterm> - <para>It is sometimes useful to divide a network, - such as an Ethernet segment, into network - segments without having to create <acronym>IP</acronym> - subnets and use a router to connect the segments together. - A device that connects two networks together in this fashion - is called a <quote>bridge</quote>.</para> - - <para>A bridge works by learning the <acronym>MAC</acronym> - addresses of the devices on each of its - network interfaces. It forwards traffic between networks - only when the source and destination <acronym>MAC</acronym> addresses are on different - networks. In many respects, a bridge is like an Ethernet switch with - very few ports. A &os; system with multiple - network interfaces can be configured to act as a bridge.</para> + <para>It is sometimes useful to divide a network, such as an + Ethernet segment, into network segments without having to + create <acronym>IP</acronym> subnets and use a router to connect + the segments together. A device that connects two networks + together in this fashion is called a + <quote>bridge</quote>.</para> + + <para>A bridge works by learning the <acronym>MAC</acronym> + addresses of the devices on each of its network interfaces. It + forwards traffic between networks only when the source and + destination <acronym>MAC</acronym> addresses are on different + networks. In many respects, a bridge is like an Ethernet switch + with very few ports. A &os; system with multiple network + interfaces can be configured to act as a bridge.</para> - <para>Bridging can be useful in the following situations:</para> + <para>Bridging can be useful in the following situations:</para> - <variablelist> - <varlistentry> + <variablelist> + <varlistentry> <term>Connecting Networks</term> <listitem> - <para>The basic operation of a bridge is to join two or more - network segments. There are many reasons to use a - host-based bridge instead of networking equipment, such as - cabling constraints or firewalling. A bridge can - also connect a wireless interface running in hostap mode to - a wired network and act as an access point.</para> - </listitem> - </varlistentry> + <para>The basic operation of a bridge is to join two or more + network segments. There are many reasons to use a + host-based bridge instead of networking equipment, such as + cabling constraints or firewalling. A bridge can also + connect a wireless interface running in hostap mode to a + wired network and act as an access point.</para> + </listitem> + </varlistentry> - <varlistentry> + <varlistentry> <term>Filtering/Traffic Shaping Firewall</term> <listitem> - <para>A bridge can be used when firewall functionality is - needed without routing or Network Address Translation - (<acronym>NAT</acronym>).</para> - - <para>An example is a small company that is connected via - <acronym>DSL</acronym> - or <acronym>ISDN</acronym> to an <acronym>ISP</acronym>. - There are thirteen public <acronym>IP</acronym> - addresses from the <acronym>ISP</acronym> and ten computers - on the network. In this situation, using a router-based - firewall is difficult because of subnetting issues. A bridge-based firewall can be configured without any - <acronym>IP</acronym> addressing issues.</para> - </listitem> - </varlistentry> + <para>A bridge can be used when firewall functionality is + needed without routing or Network Address Translation + (<acronym>NAT</acronym>).</para> + + <para>An example is a small company that is connected via + <acronym>DSL</acronym> or <acronym>ISDN</acronym> to an + <acronym>ISP</acronym>. There are thirteen public + <acronym>IP</acronym> addresses from the + <acronym>ISP</acronym> and ten computers on the network. + In this situation, using a router-based firewall is + difficult because of subnetting issues. A bridge-based + firewall can be configured without any + <acronym>IP</acronym> addressing issues.</para> + </listitem> + </varlistentry> <varlistentry> <term>Network Tap</term> <listitem> - <para>A bridge can join two network segments in order to - inspect all Ethernet frames that pass between them using - &man.bpf.4; and &man.tcpdump.1; on the bridge interface or - by sending a copy of all frames out an additional interface - known as a span port.</para> - </listitem> - </varlistentry> + <para>A bridge can join two network segments in order to + inspect all Ethernet frames that pass between them using + &man.bpf.4; and &man.tcpdump.1; on the bridge interface or + by sending a copy of all frames out an additional + interface known as a span port.</para> + </listitem> + </varlistentry> <varlistentry> <term>Layer 2 <acronym>VPN</acronym></term> <listitem> - <para>Two Ethernet networks can be joined across an - <acronym>IP</acronym> link by bridging the networks to an - EtherIP tunnel or a &man.tap.4; based solution such as - <application>OpenVPN</application>.</para> - </listitem> - </varlistentry> + <para>Two Ethernet networks can be joined across an + <acronym>IP</acronym> link by bridging the networks to an + EtherIP tunnel or a &man.tap.4; based solution such as + <application>OpenVPN</application>.</para> + </listitem> + </varlistentry> <varlistentry> <term>Layer 2 Redundancy</term> <listitem> - <para>A network can be connected together with multiple links - and use the Spanning Tree Protocol (<acronym>STP</acronym>) - to block redundant paths.</para> - </listitem> - </varlistentry> - </variablelist> + <para>A network can be connected together with multiple + links and use the Spanning Tree Protocol + (<acronym>STP</acronym>) to block redundant paths.</para> + </listitem> + </varlistentry> + </variablelist> - <para>This section describes how to configure a &os; system as a - bridge using &man.if.bridge.4;. - A netgraph bridging driver is also available, and is described - in &man.ng.bridge.4;.</para> + <para>This section describes how to configure a &os; system as a + bridge using &man.if.bridge.4;. A netgraph bridging driver is + also available, and is described in &man.ng.bridge.4;.</para> - <note> + <note> <para>Packet filtering can be used with any firewall package - that hooks into the &man.pfil.9; framework. The bridge can be used as a traffic shaper with - &man.altq.4; or &man.dummynet.4;.</para> - </note> + that hooks into the &man.pfil.9; framework. The bridge can be + used as a traffic shaper with &man.altq.4; or + &man.dummynet.4;.</para> + </note> <sect2> <title>Enabling the Bridge</title> <para>In &os;, &man.if.bridge.4; is a kernel module which is automatically loaded by &man.ifconfig.8; when creating a - bridge interface. It is also possible to compile bridge support - into a custom kernel by adding <literal>device if_bridge</literal> - to the custom kernel configuration file.</para> + bridge interface. It is also possible to compile bridge + support into a custom kernel by adding + <literal>device if_bridge</literal> to the custom kernel + configuration file.</para> <para>The bridge is created using interface cloning. To create the bridge interface:</para> @@ -2968,19 +2970,18 @@ bridge0: flags=8802<BROADCAST,SIMPLEX The other parameters control how <acronym>STP</acronym> operates.</para> - <para>Next, specify which network interfaces to add as members of the bridge. - For the bridge to forward packets, all member interfaces and - the bridge need to be up:</para> + <para>Next, specify which network interfaces to add as members + of the bridge. For the bridge to forward packets, all member + interfaces and the bridge need to be up:</para> <screen>&prompt.root; <userinput>ifconfig bridge0 addm fxp0 addm fxp1 up</userinput> &prompt.root; <userinput>ifconfig fxp0 up</userinput> &prompt.root; <userinput>ifconfig fxp1 up</userinput></screen> <para>The bridge can now forward Ethernet frames between - <filename>fxp0</filename> and - <filename>fxp1</filename>. Add the following lines to - <filename>/etc/rc.conf</filename> so the bridge is created - at startup:</para> + <filename>fxp0</filename> and <filename>fxp1</filename>. Add + the following lines to <filename>/etc/rc.conf</filename> so + the bridge is created at startup:</para> <programlisting>cloned_interfaces="bridge0" ifconfig_bridge0="addm fxp0 addm fxp1 up" @@ -2988,9 +2989,8 @@ ifconfig_fxp0="up" ifconfig_fxp1="up"</programlisting> <para>If the bridge host needs an <acronym>IP</acronym> - address, set it on the bridge - interface, not on the member interfaces. - The address can be set statically or via + address, set it on the bridge interface, not on the member + interfaces. The address can be set statically or via <acronym>DHCP</acronym>. This example sets a static <acronym>IP</acronym> address:</para> @@ -3002,48 +3002,44 @@ ifconfig_fxp1="up"</programlisting> <filename>/etc/rc.conf</filename>.</para> <note> - <para>When packet filtering is enabled, bridged packets will - pass through the filter inbound on the originating interface - on the bridge interface, and outbound on the appropriate - interfaces. Either stage can be disabled. When direction of - the packet flow is important, it is best to firewall on the - member interfaces rather than the bridge itself.</para> - - <para>The bridge has several configurable settings for passing - non-<acronym>IP</acronym> and <acronym>IP</acronym> packets, - and layer2 firewalling with &man.ipfw.8;. See - &man.if.bridge.4; for more information.</para> + <para>When packet filtering is enabled, bridged packets will + pass through the filter inbound on the originating interface + on the bridge interface, and outbound on the appropriate + interfaces. Either stage can be disabled. When direction + of the packet flow is important, it is best to firewall on + the member interfaces rather than the bridge itself.</para> + + <para>The bridge has several configurable settings for passing + non-<acronym>IP</acronym> and <acronym>IP</acronym> packets, + and layer2 firewalling with &man.ipfw.8;. See + &man.if.bridge.4; for more information.</para> </note> </sect2> <sect2> <title>Enabling Spanning Tree</title> - <para>For an Ethernet network to - function properly, only one active path can exist between - two devices. The <acronym>STP</acronym> protocol detects loops and - puts redundant links into a blocked state. Should one - of the active links fail, <acronym>STP</acronym> - calculates a different tree and enables one of the blocked - paths to restore connectivity to all points in the - network.</para> - - <para>The Rapid Spanning Tree - Protocol (<acronym>RSTP</acronym> or 802.1w) provides backwards - compatibility with legacy <acronym>STP</acronym>. - <acronym>RSTP</acronym> provides - faster convergence and - exchanges information with neighboring switches - to quickly transition to forwarding mode without creating loops. - &os; supports <acronym>RSTP</acronym> and + <para>For an Ethernet network to function properly, only one + active path can exist between two devices. The + <acronym>STP</acronym> protocol detects loops and puts + redundant links into a blocked state. Should one of the + active links fail, <acronym>STP</acronym> calculates a + different tree and enables one of the blocked paths to restore + connectivity to all points in the network.</para> + + <para>The Rapid Spanning Tree Protocol (<acronym>RSTP</acronym> + or 802.1w) provides backwards compatibility with legacy + <acronym>STP</acronym>. <acronym>RSTP</acronym> provides + faster convergence and exchanges information with neighboring + switches to quickly transition to forwarding mode without + creating loops. &os; supports <acronym>RSTP</acronym> and <acronym>STP</acronym> as operating modes, with <acronym>RSTP</acronym> being the default mode.</para> <para><acronym>STP</acronym> can be enabled on member interfaces using &man.ifconfig.8;. For a bridge with - <filename>fxp0</filename> and - <filename>fxp1</filename> as the current interfaces, - enable <acronym>STP</acronym> with:</para> + <filename>fxp0</filename> and <filename>fxp1</filename> as the + current interfaces, enable <acronym>STP</acronym> with:</para> <screen>&prompt.root; <userinput>ifconfig bridge0 stp fxp0 stp fxp1</userinput> bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 @@ -3088,163 +3084,163 @@ bridge0: flags=8843<UP,BROADCAST,RUNN </sect2> <sect2> - <title>Bridge Interface Parameters</title> + <title>Bridge Interface Parameters</title> - <para>Several <command>ifconfig</command> parameters are unique - to bridge interfaces. This section summarizes some common - uses for these parameters. The complete list of available parameters is - described in &man.ifconfig.8;.</para> - - <variablelist> - <varlistentry> - <term>private</term> - <listitem> - <para>A private interface does not forward any traffic to any - other port that is also designated as a private interface. The traffic is - blocked unconditionally so no Ethernet frames will be - forwarded, including <acronym>ARP</acronym> packets. If traffic - needs to be selectively blocked, a firewall should be used - instead.</para> - </listitem> - </varlistentry> + <para>Several <command>ifconfig</command> parameters are unique + to bridge interfaces. This section summarizes some common + uses for these parameters. The complete list of available + parameters is described in &man.ifconfig.8;.</para> - <varlistentry> - <term>span</term> - <listitem> - <para>A span port transmits a copy of every Ethernet frame received by the bridge. - The number - of span ports configured on a bridge is unlimited, but if an - interface is designated as a span port, it cannot also be - used as a regular bridge port. This is most useful for - snooping a bridged network passively on another host - connected to one of the span ports of the bridge. For - example, to send a copy of all frames out the interface named - <filename>fxp4</filename>:</para> + <variablelist> + <varlistentry> + <term>private</term> + <listitem> + <para>A private interface does not forward any traffic to + any other port that is also designated as a private + interface. The traffic is blocked unconditionally so no + Ethernet frames will be forwarded, including + <acronym>ARP</acronym> packets. If traffic needs to be + selectively blocked, a firewall should be used + instead.</para> + </listitem> + </varlistentry> - <screen>&prompt.root; <userinput>ifconfig bridge0 span fxp4</userinput></screen> - </listitem> - </varlistentry> + <varlistentry> + <term>span</term> + <listitem> + <para>A span port transmits a copy of every Ethernet frame + received by the bridge. The number of span ports + configured on a bridge is unlimited, but if an + interface is designated as a span port, it cannot also + be used as a regular bridge port. This is most useful + for snooping a bridged network passively on another host + connected to one of the span ports of the bridge. For + example, to send a copy of all frames out the interface + named <filename>fxp4</filename>:</para> + + <screen>&prompt.root; <userinput>ifconfig bridge0 span fxp4</userinput></screen> + </listitem> + </varlistentry> - <varlistentry> - <term>sticky</term> - <listitem> - <para>If a bridge member interface is marked as sticky, - dynamically learned address entries are treated at static - entries in the forwarding cache. Sticky entries are - never aged out of the cache or replaced, even if the address - is seen on a different interface. This gives the benefit of - static address entries without the need to pre-populate the - forwarding table. Clients learned on a particular segment - of the bridge can not roam to another segment.</para> - - <para>An example of using sticky addresses is to combine - the bridge with <acronym>VLAN</acronym>s in order to isolate - customer networks without wasting - <acronym>IP</acronym> address space. Consider that - <systemitem class="fqdomainname">CustomerA</systemitem> is - on <literal>vlan100</literal>, <systemitem - class="fqdomainname">CustomerB</systemitem> is on - <literal>vlan101</literal>, and the bridge has the address - <systemitem class="ipaddress">192.168.0.1</systemitem>:</para> + <varlistentry> + <term>sticky</term> + <listitem> + <para>If a bridge member interface is marked as sticky, + dynamically learned address entries are treated at + static entries in the forwarding cache. Sticky entries + are never aged out of the cache or replaced, even if the + address is seen on a different interface. This gives + the benefit of static address entries without the need + to pre-populate the forwarding table. Clients learned + on a particular segment of the bridge can not roam to + another segment.</para> + + <para>An example of using sticky addresses is to combine + the bridge with <acronym>VLAN</acronym>s in order to + isolate customer networks without wasting + <acronym>IP</acronym> address space. Consider that + <systemitem class="fqdomainname">CustomerA</systemitem> + is on <literal>vlan100</literal>, <systemitem + class="fqdomainname">CustomerB</systemitem> is on + <literal>vlan101</literal>, and the bridge has the + address <systemitem + class="ipaddress">192.168.0.1</systemitem>:</para> - <screen>&prompt.root; <userinput>ifconfig bridge0 addm vlan100 sticky vlan100 addm vlan101 sticky vlan101</userinput> + <screen>&prompt.root; <userinput>ifconfig bridge0 addm vlan100 sticky vlan100 addm vlan101 sticky vlan101</userinput> &prompt.root; <userinput>ifconfig bridge0 inet 192.168.0.1/24</userinput></screen> - <para>In this example, both clients see <systemitem - class="ipaddress">192.168.0.1</systemitem> as their - default gateway. Since the bridge cache is sticky, one host - can not spoof the <acronym>MAC</acronym> address of the - other customer in order to intercept their traffic.</para> - - <para>Any communication between the <acronym>VLAN</acronym>s - can be blocked using a firewall or, as seen in this example, - private interfaces:</para> - - <screen>&prompt.root; <userinput>ifconfig bridge0 private vlan100 private vlan101</userinput></screen> - - <para>The customers are completely isolated from each other - and the full <systemitem class="netmask">/24</systemitem> - address range can be allocated without subnetting.</para> - - <para>The number of unique source <acronym>MAC</acronym> - addresses behind an interface can be limited. Once the - limit is reached, packets with unknown source addresses - are dropped until an existing host cache entry expires or - is removed.</para> - - <para>The following example sets the maximum number of - Ethernet devices for <systemitem - class="fqdomainname">CustomerA</systemitem> on - <literal>vlan100</literal> to 10:</para> + <para>In this example, both clients see <systemitem + class="ipaddress">192.168.0.1</systemitem> as their + default gateway. Since the bridge cache is sticky, one + host can not spoof the <acronym>MAC</acronym> address of + the other customer in order to intercept their + traffic.</para> + + <para>Any communication between the + <acronym>VLAN</acronym>s can be blocked using a firewall + or, as seen in this example, private interfaces:</para> + + <screen>&prompt.root; <userinput>ifconfig bridge0 private vlan100 private vlan101</userinput></screen> + + <para>The customers are completely isolated from each + other and the full <systemitem + class="netmask">/24</systemitem> address range can be + allocated without subnetting.</para> + + <para>The number of unique source <acronym>MAC</acronym> + addresses behind an interface can be limited. Once the + limit is reached, packets with unknown source addresses + are dropped until an existing host cache entry expires + or is removed.</para> + + <para>The following example sets the maximum number of + Ethernet devices for <systemitem + class="fqdomainname">CustomerA</systemitem> on + <literal>vlan100</literal> to 10:</para> + + <screen>&prompt.root; <userinput>ifconfig bridge0 ifmaxaddr vlan100 10</userinput></screen> + </listitem> + </varlistentry> + </variablelist> + + <para>Bridge interfaces also support monitor mode, where the + packets are discarded after &man.bpf.4; processing and are not + processed or forwarded further. This can be used to + multiplex the input of two or more interfaces into a single + &man.bpf.4; stream. This is useful for reconstructing the + traffic for network taps that transmit the RX/TX signals out + through two separate interfaces. For example, to read the + input from four network interfaces as one stream:</para> - <screen>&prompt.root; <userinput>ifconfig bridge0 ifmaxaddr vlan100 10</userinput></screen> - </listitem> - </varlistentry> - </variablelist> - - <para>Bridge interfaces also support monitor mode, where the packets are - discarded after &man.bpf.4; processing and are not - processed or forwarded further. This can be used to - multiplex the input of two or more interfaces into a single - &man.bpf.4; stream. This is useful for reconstructing the - traffic for network taps that transmit the RX/TX signals out - through two separate interfaces. For example, - to read the input from four network interfaces as one - stream:</para> - - <screen>&prompt.root; <userinput>ifconfig bridge0 addm fxp0 addm fxp1 addm fxp2 addm fxp3 monitor up</userinput> -&prompt.root; <userinput>tcpdump -i bridge0</userinput></screen> -</sect2> + <screen>&prompt.root; <userinput>ifconfig bridge0 addm fxp0 addm fxp1 addm fxp2 addm fxp3 monitor up</userinput> +&prompt.root; <userinput>tcpdump -i bridge0</userinput></screen> + </sect2> - <sect2> - <title><acronym>SNMP</acronym> Monitoring</title> + <sect2> + <title><acronym>SNMP</acronym> Monitoring</title> - <para>The bridge interface and <acronym>STP</acronym> - parameters can be monitored via &man.bsnmpd.1; which is - included in the &os; base system. The exported bridge - <acronym>MIB</acronym>s conform to - <acronym>IETF</acronym> standards so any - <acronym>SNMP</acronym> client or monitoring package can be - used to retrieve the data.</para> - - <para>To enable monitoring on the bridge, uncomment this - line in - <filename>/etc/snmp.config</filename> by removing the - beginning <literal>#</literal> symbol:</para> - - <programlisting>begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"</programlisting> - - <para>Other configuration settings, such as community - names and access lists, may need to be modified in this file. See - &man.bsnmpd.1; and &man.snmp.bridge.3; for more - information. Once these edits are saved, add this line to - <filename>/etc/rc.conf</filename>:</para> - - <programlisting>bsnmpd_enable="YES"</programlisting> - - <para>Then, start - &man.bsnmpd.1;:</para> + <para>The bridge interface and <acronym>STP</acronym> + parameters can be monitored via &man.bsnmpd.1; which is + included in the &os; base system. The exported bridge + <acronym>MIB</acronym>s conform to <acronym>IETF</acronym> + standards so any <acronym>SNMP</acronym> client or monitoring + package can be used to retrieve the data.</para> + + <para>To enable monitoring on the bridge, uncomment this line in + <filename>/etc/snmp.config</filename> by removing the + beginning <literal>#</literal> symbol:</para> + + <programlisting>begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"</programlisting> - <screen>&prompt.root; <userinput>service bsnmpd start</userinput></screen> + <para>Other configuration settings, such as community names and + access lists, may need to be modified in this file. See + &man.bsnmpd.1; and &man.snmp.bridge.3; for more information. + Once these edits are saved, add this line to + <filename>/etc/rc.conf</filename>:</para> + + <programlisting>bsnmpd_enable="YES"</programlisting> + + <para>Then, start &man.bsnmpd.1;:</para> + + <screen>&prompt.root; <userinput>service bsnmpd start</userinput></screen> - <para>The following examples use the - <application>Net-SNMP</application> software - (<package>net-mgmt/net-snmp</package>) to query a bridge - from a client system. The - <package>net-mgmt/bsnmptools</package> port can also be - used. From the <acronym>SNMP</acronym> client which is - running <application>Net-SNMP</application>, add the - following lines to - <filename>$HOME/.snmp/snmp.conf</filename> in order to - import the bridge <acronym>MIB</acronym> definitions:</para> + <para>The following examples use the + <application>Net-SNMP</application> software + (<package>net-mgmt/net-snmp</package>) to query a bridge + from a client system. The + <package>net-mgmt/bsnmptools</package> port can also be used. + From the <acronym>SNMP</acronym> client which is running + <application>Net-SNMP</application>, add the following lines + to <filename>$HOME/.snmp/snmp.conf</filename> in order to + import the bridge <acronym>MIB</acronym> definitions:</para> - <programlisting>mibdirs +/usr/share/snmp/mibs + <programlisting>mibdirs +/usr/share/snmp/mibs mibs +BRIDGE-MIB:RSTP-MIB:BEGEMOT-MIB:BEGEMOT-BRIDGE-MIB</programlisting> - <para>To monitor a single bridge using the IETF BRIDGE-MIB - (RFC4188):</para> + <para>To monitor a single bridge using the IETF BRIDGE-MIB + (RFC4188):</para> - <screen>&prompt.user; <userinput>snmpwalk -v 2c -c public bridge1.example.com mib-2.dot1dBridge</userinput> + <screen>&prompt.user; <userinput>snmpwalk -v 2c -c public bridge1.example.com mib-2.dot1dBridge</userinput> BRIDGE-MIB::dot1dBaseBridgeAddress.0 = STRING: 66:fb:9b:6e:5c:44 BRIDGE-MIB::dot1dBaseNumPorts.0 = INTEGER: 1 ports BRIDGE-MIB::dot1dStpTimeSinceTopologyChange.0 = Timeticks: (189959) 0:31:39.59 centi-seconds @@ -3261,18 +3257,18 @@ BRIDGE-MIB::dot1dStpPortDesignatedPort.3 BRIDGE-MIB::dot1dStpPortForwardTransitions.3 = Counter32: 1 RSTP-MIB::dot1dStpVersion.0 = INTEGER: rstp(2)</screen> - <para>The <literal>dot1dStpTopChanges.0</literal> value is - two, indicating that the <acronym>STP</acronym> bridge - topology has changed twice. A topology change means that - one or more links in the network have changed or failed - and a new tree has been calculated. The - <literal>dot1dStpTimeSinceTopologyChange.0</literal> value - will show when this happened.</para> + <para>The <literal>dot1dStpTopChanges.0</literal> value is two, + indicating that the <acronym>STP</acronym> bridge topology has + changed twice. A topology change means that one or more links + in the network have changed or failed and a new tree has been + calculated. The + <literal>dot1dStpTimeSinceTopologyChange.0</literal> value + will show when this happened.</para> - <para>To monitor multiple bridge interfaces, the private - BEGEMOT-BRIDGE-MIB can be used:</para> + <para>To monitor multiple bridge interfaces, the private + BEGEMOT-BRIDGE-MIB can be used:</para> - <screen>&prompt.user; <userinput>snmpwalk -v 2c -c public bridge1.example.com</userinput> + <screen>&prompt.user; <userinput>snmpwalk -v 2c -c public bridge1.example.com</userinput> enterprises.fokus.begemot.begemotBridge BEGEMOT-BRIDGE-MIB::begemotBridgeBaseName."bridge0" = STRING: bridge0 BEGEMOT-BRIDGE-MIB::begemotBridgeBaseName."bridge2" = STRING: bridge2 @@ -3288,10 +3284,10 @@ BEGEMOT-BRIDGE-MIB::begemotBridgeStpTopC BEGEMOT-BRIDGE-MIB::begemotBridgeStpDesignatedRoot."bridge0" = Hex-STRING: 80 00 00 40 95 30 5E 31 BEGEMOT-BRIDGE-MIB::begemotBridgeStpDesignatedRoot."bridge2" = Hex-STRING: 80 00 00 50 8B B8 C6 A9</screen> - <para>To change the bridge interface being monitored via the - <literal>mib-2.dot1dBridge</literal> subtree:</para> + <para>To change the bridge interface being monitored via the + <literal>mib-2.dot1dBridge</literal> subtree:</para> - <screen>&prompt.user; <userinput>snmpset -v 2c -c private bridge1.example.com</userinput> + <screen>&prompt.user; <userinput>snmpset -v 2c -c private bridge1.example.com</userinput> BEGEMOT-BRIDGE-MIB::begemotBridgeDefaultBridgeIf.0 s bridge2</screen> </sect2> </sect1>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403062327.s26NRPvO060188>