From owner-freebsd-net  Mon Feb  5 16:13:18 2001
Delivered-To: freebsd-net@freebsd.org
Received: from wyattearp.stanford.edu (wyattearp.Stanford.EDU [171.64.180.171])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7060D37B503; Mon,  5 Feb 2001 16:13:00 -0800 (PST)
Received: (from richw@localhost)
	by wyattearp.stanford.edu (8.9.3/8.9.3) id QAA76708;
	Mon, 5 Feb 2001 16:12:28 -0800 (PST)
	(envelope-from richw)
Date: Mon, 5 Feb 2001 16:12:28 -0800 (PST)
From: Rich Wales <richw@webcom.com>
X-Sender: richw@wyattearp.stanford.edu
To: Luigi Rizzo <rizzo@aciri.org>
Cc: julian@elischer.org, patrick@netzuno.com,
	freebsd-net@FreeBSD.ORG, julian@FreeBSD.ORG
Subject: Almost fixed (was Re: BRIDGE breaks ARP? (Julian's patch))
In-Reply-To: <20010205222630.59637.richw@wyattearp.stanford.edu>
Message-ID: <20010205234036.74638.richw@wyattearp.stanford.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Good news and bad news.

First the good news:

    The bridge is answering ARP requests for its own hardware address
    on the internal (rl0) interface now.

    I rebooted my bridge (from work, via the DSL line) just now, with
    a new kernel incorporating Julian's patch from earlier today.

    I then deleted the permanent ARP entry for the bridge on my desk-
    top (after setting up a delayed background command as a "dead
    man's switch" to restore the ARP entry if needed in case I got
    locked out -- remember, I was doing all this remotely).

    My desktop got an ARP reply from the bridge as soon as I deleted
    the permanent entry.  I confirmed this by running "tcpdump -i rl0
    arp" on the desktop.

Now the bad news:

    ARP replies from the bridge to the DSL modem (via the external
    i/f) are still getting sent to the desktop (via the internal i/f),
    and the desktop is using them to change its idea of the bridge's
    hardware address.  This causes a log message like the following:

	/kernel: arp: 171.66.188.114 moved from 00:e0:29:68:64:3e
	    to 00:60:97:05:32:cd on rl0

    The desktop can contact the bridge using either of the bridge's
    hardware addresses, of course -- but I still think the bridge
    ought to send out its ARP replies =only= on the interface from
    which the query came that the bridge is replying to.

    FWIW, the desktop is still running 4.2-RELEASE.

Rich Wales         richw@webcom.com         http://www.webcom.com/richw/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message