From owner-freebsd-net@FreeBSD.ORG Wed Aug 2 03:17:05 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D2A4816A4E0 for ; Wed, 2 Aug 2006 03:17:05 +0000 (UTC) (envelope-from cybercorecentre@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A1EE43D46 for ; Wed, 2 Aug 2006 03:17:04 +0000 (GMT) (envelope-from cybercorecentre@gmail.com) Received: by ug-out-1314.google.com with SMTP id m2so1724206uge for ; Tue, 01 Aug 2006 20:17:04 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=r5H4Hxa7utmeehihO8/hyj+u4yy5o07dnoj8KDGhlAvED4+u//BlWCTfV/XYhEDyeanvS7Wr06qFrZhjrxMHzmfJZZw1cNs3r0+chm+seZWN/fmbPdAdEg9VkTH3/W7KRolJCEGg97TLmoGPbxIYO58oUzMZKPQCnWMfxX59eTA= Received: by 10.66.216.6 with SMTP id o6mr487807ugg; Tue, 01 Aug 2006 20:17:03 -0700 (PDT) Received: from ?192.0.0.52? ( [62.77.228.138]) by mx.gmail.com with ESMTP id c1sm6221991ugf.2006.08.01.20.17.02; Tue, 01 Aug 2006 20:17:03 -0700 (PDT) Message-ID: <44D01922.2020800@gmail.com> Date: Wed, 02 Aug 2006 05:16:50 +0200 From: Jax User-Agent: Thunderbird 1.5.0.5 (Windows/20060719) MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <20060801160141.73380.qmail@web56101.mail.re3.yahoo.com> In-Reply-To: <20060801160141.73380.qmail@web56101.mail.re3.yahoo.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: ethernet bridge and dhcpd X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Aug 2006 03:17:05 -0000 Purushotham Nayak wrote: > Hi All, > > Hey! Here is a thought, don't setup dhcp server on a bridge. I tried to use firewalling on this but it works differently than in linux where you can control the traffic with --physdev-in -out, you can't determine that which card where the traffic come from and which where it goes, i read something in a handbook but dont remember atm so try to accept all packet on the firewall. You can try to tell dhcpd which interface you want to use but it's possible it won't work. > I have a routerboard with two ethernet ports (sis0 and sis1). I've been trying top setup a bridge and also run the dhcpd server on it. I've setup sis0 with an IP address and sis1 is just marked up in rc.conf. The bridge seems to work because if I statically assign an IP address to a laptop and connect it to sis1 I can ping the routers IP which is what is assigned to sis0. But the laptop cannot get an IP using DHCP. tcpdumping on sis0 doesn't show me the DHCPREQUEST from the laptop that's coming in through sis1 (but it doesn't show me any traffic during ping request either but that's not broadcast so I guess that's expected). > > Here's my rc.conf > > ------------------------------------------------------------------------------------- > inetd_enable="YES" > ifconfig_sis0="inet 10.1.1.1 netmask 255.255.255.0" > broadcast parameter? > ifconfig_sis1="up" > ifconfig_ath0="down" > > gateway_enable="YES" > > this not requied for a bridge > dhcpd_enable="YES" > dhcpd_flags="-q" > try to setup the interface as i told > dhcpd_conf=/usr/local/etc/dhcpd.conf" > ----------------------------------------------------------------------- > > And here is my dhcpd.conf > > ------------------------------------------------------------------------- > ddns-update-style ad-hoc; > default-lease-time 600; > max-lease-time 7200; > > subnet 10.1.1.0 netmask 255.255.255.0 { > range 10.1.1.64 10.1.1.250; > option routers 10.1.1.1; > } > ------------------------------------------------------------------- > > Can anyone please let me know if there is something I'm doing wrong. > > nayak > > I hope it will help. Regards, JaX