From owner-freebsd-net@FreeBSD.ORG Sat Feb 5 00:32:31 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 97E6116A4CE for ; Sat, 5 Feb 2005 00:32:31 +0000 (GMT) Received: from out014.verizon.net (out014pub.verizon.net [206.46.170.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3B80743D49 for ; Sat, 5 Feb 2005 00:32:30 +0000 (GMT) (envelope-from jetman@mycbc.com) Received: from EAGLE ([70.18.42.10]) by out014.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20050205003229.MZLW28388.out014.verizon.net@EAGLE> for ; Fri, 4 Feb 2005 18:32:29 -0600 Message-ID: <006e01c50b1a$23e01370$c600a8c0@EAGLE> From: "The Jetman" To: "FreeBSD Net" Date: Fri, 4 Feb 2005 19:31:50 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Authentication-Info: Submitted using SMTP AUTH at out014.verizon.net from [70.18.42.10] at Fri, 4 Feb 2005 18:32:25 -0600 Subject: [4.10-R]Getting A Particular BRIDGE Setup Working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Feb 2005 00:32:31 -0000 I've made a nbr of BRIDGE boxes w/ various revs of FBSD, but I always get stuck w/ one configuration. Currently, I have a firewall/gateway box (also FBSD) which connects to the 'Net via a DSL modem. If I place my BRIDGE on the exterior leg (bet the gateway and the DSL modem), it works perfectly. That is, traffic passes thru the BRIDGE as expected. Unfortunately, I can't get detailed traffic stats, since the internal workstations'traffic have been NAT'd into a single traffic stream by the firewall. FWIW, I use two IP-less Ethernet cards for the BRIDGE itself and another Ethernet w/ an IP, plugged into my switch, to control the BRIDGE box itself and to look at the traffic stats. BTW, the traffic stats app (NTOP) works perfectly, under this arrangement. The problem manifests itself if I connect the BRIDGE box to the interior Ethernet leg of the firewall/gateway, thereby connecting it to the switch, along w/ the BRIDGE's control port. The BRIDGE fails and I always get spurious error messages from ARP, indicating one of my IP-less Ethernet cards is using the IP address of my control port. If I lose the control port (disconnect it), the BRIDGE works fine, but I can't see any traffic stats, the principal purpose of the BRIDGE. Is there a SYSCTL variable to control this behavior or perhaps something else I'm not aware of ? TIA. Later....Jet =============== From the desk of Jethro Wright, III ================ + Beer is proof that God loves us and wants us to be happy. - === jetman516 at hotmail.com =============== Benjamin Franklin ===