From owner-freebsd-questions@FreeBSD.ORG  Fri Jun 20 22:07:50 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 47DE310656CA
	for <freebsd-questions@freebsd.org>;
	Fri, 20 Jun 2008 22:07:50 +0000 (UTC)
	(envelope-from maddaemon@gmail.com)
Received: from fk-out-0910.google.com (fk-out-0910.google.com [209.85.128.186])
	by mx1.freebsd.org (Postfix) with ESMTP id C62EB8FC1D
	for <freebsd-questions@freebsd.org>;
	Fri, 20 Jun 2008 22:07:49 +0000 (UTC)
	(envelope-from maddaemon@gmail.com)
Received: by fk-out-0910.google.com with SMTP id k31so1442446fkk.11
	for <freebsd-questions@freebsd.org>;
	Fri, 20 Jun 2008 15:07:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from:to
	:subject:in-reply-to:mime-version:content-type
	:content-transfer-encoding:content-disposition:references;
	bh=UXXPdEABJI8BHOAeo1DTa6DRF+Q+5xCa7XY9JC7gGIA=;
	b=Dp2PTG47y1B1DhPkpDz0k2utNtc0/9eBkQ4oWE6Njv0mZgoAINe50coCI2cCmNea28
	WDjSGncK9xGXhjmA2lLv5KLt4Gtl2ce7AjAqz8CH6bITkLKWPkpAMrgT++w7QpiCA3C9
	J7Kk1TF3ZpwsmMqoppU6app9bomIqfg+W/DKo=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:to:subject:in-reply-to:mime-version
	:content-type:content-transfer-encoding:content-disposition
	:references;
	b=DdOTPtTtj/ogjpSU5SJFQKMegtrFiQluOo+GboMW9VlKheBou0FBzSGGyDHu9KcHJP
	DhCtzNAOfTikcyO+ByXHVMNKs/pd74nEe+wEGKGpUBFC2cv0XMiHxpP5UjEYFq6NO4LV
	JR1+ua732CEdCo13Xx6MMi+t7pcB0d6T4Gheg=
Received: by 10.82.111.8 with SMTP id j8mr247003buc.29.1213999668619;
	Fri, 20 Jun 2008 15:07:48 -0700 (PDT)
Received: by 10.82.188.6 with HTTP; Fri, 20 Jun 2008 15:07:48 -0700 (PDT)
Message-ID: <6c1774c50806201507x37df1868h5dc4d4c876ece08e@mail.gmail.com>
Date: Fri, 20 Jun 2008 18:07:48 -0400
From: "The MadDaemon" <maddaemon@gmail.com>
To: "FreeBSD - Questions" <freebsd-questions@freebsd.org>
In-Reply-To: <485B6F45.1070106@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6c1774c50806171211g147f41ahb5e2edf0334dad93@mail.gmail.com>
	<485814C2.9030204@gmail.com>
	<6c1774c50806190749i5539a425ya8f3638d3b233496@mail.gmail.com>
	<485B6F45.1070106@gmail.com>
Subject: Re: Dual NIC routing (?) problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jun 2008 22:07:50 -0000

On Fri, Jun 20, 2008 at 4:50 AM, Yuri Pankov <yuri.pankov@gmail.com> wrote:
> The MadDaemon wrote:
>>
>> On Tue, Jun 17, 2008 at 3:47 PM, Yuri Pankov <yuri.pankov@gmail.com>
>> wrote:
>>>
>>> The MadDaemon wrote:
>>>>
>>>> List,
>>>>
>>>> I'm having a problem with a dual-homed host running 7.0-RELEASE with
>>>> regards to traffic on one of the interfaces that I'm hoping someone
>>>> knows something about.
>>>>
>>>> The goal of this box is to run Nessus on bge0 only (which is plugged
>>>> into a trunk port on a switch), keeping fxp0 free as the admin
>>>> interface and for serving web pages on my LAN.
>>>>
>>>> Here's ifconfig:
>>>>
>>>> bge0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
>>>>       options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>>>>       ether 00:19:b9:22:a8:22
>>>>       inet 0.0.0.0 netmask 0xffffff00 broadcast 0.0.0.255
>>>>       media: Ethernet autoselect (100baseTX <full-duplex>)
>>>>       status: active
>>>> fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
>>>> 1500
>>>>       options=b<RXCSUM,TXCSUM,VLAN_MTU>
>>>>       ether 00:02:b3:bb:59:17
>>>>       inet 10.20.10.24 netmask 0xffffff00 broadcast 172.20.10.255
>>>>       inet 10.20.10.28 netmask 0xffffffff broadcast 172.20.10.28
>>>>       inet 10.20.10.29 netmask 0xffffffff broadcast 172.20.10.29
>>>>       media: Ethernet autoselect (100baseTX <full-duplex>)
>>>>       status: active
>>>>
>>>> /etc/rc.conf section:
>>>>
>>>> # Created: Mon Jun  9 09:32:52 2008
>>>> defaultrouter="10.20.10.254"
>>>> hostname="darkhorse.mydomain.local"
>>>> ifconfig_fxp0="inet 10.20.10.24  netmask 255.255.255.0"
>>>> ifconfig_fxp0_alias0="inet 10.20.10.28 netmask 255.255.255.255"
>>>> ifconfig_fxp0_alias1="inet 10.20.10.29 netmask 255.255.255.255"
>>>> ifconfig_bge0="inet 0.0.0.0 netmask 255.255.255.0"
>>>
>>> Try using ifconfig_bge0="up" in /etc/rc.conf instead of assigning bogus
>>> (probably) address.
>>
>> Tried that as well and it didn't work.  I found a few different things
>> regarding VLAN setup, so my new (and not working) configuration is
>> this (in part):
>>
>> ######################
>> # VLAN Configuration #
>> ######################
>> cloned_interface="vlan2"
>> ifconfig_vlan2="inet 10.21.1.245 netmask 255.255.255.0 vlan 2 vlandev
>> bge0"
>> cloned_interface="vlan5"
>> ifconfig_vlan5="inet 10.20.8.245 netmask 255.255.255.0 vlan 5 vlandev
>> bge0"
>
> So 10.20.8.245 is in tagged vlan 5.

Yes..

>> cloned_interface="vlan6"
>> ifconfig_vlan6="inet 10.20.7.245 netmask 255.255.255.0 vlan 6 vlandev
>> bge0"
>>
>> (I got the VLAN IDs straight from the router, so they are correct for
>> each VLAN.)
>>
>> root@darkhorse [~]# ifconfig bge0 inet 10.20.8.245 netmask 255.255.255.0
>
> and here you are trying to set 10.20.8.245 on parent bge0 without 802.1q
> tagging, how do you expect it to work?

I didn't, actually - lack of sleep = brainfart :(

>> root@darkhorse [~]# ifconfig bge0 up
>> root@darkhorse [~]# ifconfig bge0
>> bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>>        options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>>        ether 00:19:b9:22:a8:22
>>        inet 10.20.8.245 netmask 0xffffff00 broadcast 10.20.8.255
>>        media: Ethernet autoselect (100baseTX <full-duplex>)
>>        status: active
>> root@darkhorse [~]# ping -c 2 10.20.8.4
>> PING 10.20.8.4 (10.20.8.4): 56 data bytes
>>
>> --- 10.20.8.4 ping statistics ---
>> 2 packets transmitted, 0 packets received, 100.0% packet loss
>>
>
> Sorry if I understood you incorrectly.

No problem..

I believe if fixed it by setting this in /etc/rc.conf:

cloned_interfaces="vlan2 vlan5 vlan6 vlan7 vlan107 vlan201 vlan212"
ifconfig_vlan2="inet 10.21.1.245 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan5="inet 10.20.8.245 netmask 255.255.255.0 vlan 5 vlandev bge0"
ifconfig_vlan6="inet 10.20.7.245 netmask 255.255.255.0 vlan 6 vlandev bge0"
ifconfig_vlan7="inet 10.20.253.245 netmask 255.255.255.0 vlan 7 vlandev bge0"
ifconfig_vlan107="inet 10.21.7.245 netmask 255.255.255.0 vlan 107 vlandev bge0"
ifconfig_vlan201="inet 10.20.1.245 netmask 255.255.255.0 vlan 201 vlandev bge0"
ifconfig_vlan212="inet 10.21.2.245 netmask 255.255.255.0 vlan 212 vlandev bge0"
######################
# Bring up bge0 manually to make sure it's up:
ifconfig_bge0="up"
######################