From owner-freebsd-net@FreeBSD.ORG Wed Oct 27 13:37:11 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E6D561065670 for ; Wed, 27 Oct 2010 13:37:11 +0000 (UTC) (envelope-from dave.evans55@googlemail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 5DD158FC13 for ; Wed, 27 Oct 2010 13:37:10 +0000 (UTC) Received: by bwz3 with SMTP id 3so559659bwz.13 for ; Wed, 27 Oct 2010 06:37:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:x-enigmail-version:content-type :content-transfer-encoding; bh=MIO6L6Ce7Y6hOzKeHooq8O34ETXqGRc6ZIfUswBEDs4=; b=tDQmO+cQb1QJf6v1jbuue6DUg7mNvfcC/HQuw77oHmODVFUtVMliNpXFJuhG1K/4pp nm4PgRuEWIhL1/4JfxKldIVhMkQ8lBVbQ12niJcqts3OpdEH6CfZou++YExRol4813Td 9vvfLCv9iIRGhL5mPxinht/T440FigHNg/cEU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :x-enigmail-version:content-type:content-transfer-encoding; b=J7lPbFQJgXF99kdHkSpwNThGqyD1zv7OnbKiHHvi1V31XWRyXQhvEug98X8JRS+JTK KHtx50pltkxXl5h7QElei+bi9+/Ku4iUGCndajKtiA2Xaz5PnCHGF1VJcDEU7pEg5YYo IwjO64TxZLznzRZKsPIq//1O1ki5HRIseCDRE= Received: by 10.204.76.130 with SMTP id c2mr6148646bkk.26.1288186629147; Wed, 27 Oct 2010 06:37:09 -0700 (PDT) Received: from two.pearl (dsl-fixed-77-44-81-131.interdsl.co.uk [77.44.81.131]) by mx.google.com with ESMTPS id 4sm6979035bki.1.2010.10.27.06.37.06 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 27 Oct 2010 06:37:07 -0700 (PDT) Message-ID: <4CC82B01.5030404@googlemail.com> Date: Wed, 27 Oct 2010 14:37:05 +0100 From: David Evans User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.11) Gecko/20101013 Lightning/1.0b2 Thunderbird/3.1.5 MIME-Version: 1.0 To: FreeBSD Net X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: Bridge problems, possibly due to proxy arp on Parallels Desktop X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2010 13:37:12 -0000 [ posted to freebsd-net@freebsd.org 2010-10-27 ] More weirdness. Pinging from 192.168.0.2 (Mac OS X) to 192.168.0.220 (VPN client) and monitoring em0 on 192.168.0.8 (the VPN server bridge), I find that each ping request generates two ICMP echo replies to two different ethernet addresses. Here is the tcpdump: ------ Script started on Wed Oct 27 13:41:29 2010 tcpdump -i em0 -ne icmp tcpdump: WARNING: em0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes 13:43:05.556768 00:1d:4f:fa:f4:a0 > 00:bd:e5:22:02:00, ethertype IPv4 (0x0800), length 98: 192.168.0.2 > 192.168.0.220: ICMP echo request, id 50437, seq 0, length 64 13:43:05.557318 00:bd:e5:22:02:00 > 00:1c:42:01:3f:6c, ethertype IPv4 (0x0800), length 98: 192.168.0.220 > 192.168.0.2: ICMP echo reply, id 50437, seq 0, length 64 13:43:05.557318 00:bd:e5:22:02:00 > 00:1d:4f:fa:f4:a0, ethertype IPv4 (0x0800), length 98: 192.168.0.220 > 192.168.0.2: ICMP echo reply, id 50437, seq 0, length 64 3 packets captured 4 packets received by filter 0 packets dropped by kernel Script done on Wed Oct 27 13:43:51 2010 --------- I don't have a rational explanation for this, but I think I may be chasing two bugs. Bug 1. The FreeBSD bridge assigns the ethernet address for the VPN client to the wrong interface unless told to do otherwise with a static assignment. Bug 2. The Desktop bridge changes the destination ethernet address of arp replies coming from NICs on the other side of the bridge that are connected to a physical network ( the NICs that are plugged into the Netgear router.) Normally this would not matter.