Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 May 2016 11:13:28 -0600
From:      John Nielsen <lists@jnielsen.net>
To:        Aqz <poczta@aquaz.eu>
Cc:        freebsd-net@freebsd.org
Subject:   Re: Bridge interface and ARP traffic
Message-ID:  <9746AF3A-3440-4277-9D25-E78B04A35A6D@jnielsen.net>
In-Reply-To: <CACz0%2BRFx7jq%2BDVSwvPUdnHH0UkomYsCgpYqNr%2BRrF6iZNuXA8Q@mail.gmail.com>
References:  <CACz0%2BRFx7jq%2BDVSwvPUdnHH0UkomYsCgpYqNr%2BRrF6iZNuXA8Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

> On May 20, 2016, at 12:30 AM, Aqz <poczta@aquaz.eu> wrote:
> 
> Hello,
> 
> I have a very strange issue with passing ARP traffic through bridge
> interface.
> I'm using FreeBSD 10.3-REL VMWare virtual machine as bridge between two
> networks using the same IP address space. Bridge interface doesn't have IP
> address assigned so it acts more like a switch between those two virtual
> networks - let's call them NET and PUB.
> Gateway for our network is in NET vlan, all the virtual machines are in the
> PUB vlan.
> 
> Traffic passes through this bridge, but there are few problems.
> 
> I have to manually add static ARP table entries for gateway on all the
> machines in PUB network - I can see ARP broadcasts from machines asking
> where's the gateway, and the reply but only on one of bridged interfaces -
> the one from NET side. The response is not visible on bridge interface, nor
> the PUB vlan interface.
> 
> Also, when I try to ping a machine that's in NET network from PUB network
> all network traffic suddenly stops, even when I'm pinging some nonexistent
> host. I have to use virtual console and ping for ex. DNS server, or any
> internet host to make traffic start again.
> 
> I'm not sure what I'm doing wrong - I've been using a similar configuration
> before (with physical machines).
> 
> Here's my ifconfig output http://aquaz.eu/bridgeifconfig.txt

The first thing to check is the hypervisor. Do you have your VM configured to allow the NICs to use promiscuous mode? Is there any kind of IP/MAC matching or filtering going on?

Next thing to check is firewall in the VM. Is IPFW or PF enabled? What is the output of "sysctl net.link.bridge" ?

The ping problems are definitely weird, not sure what to think about that.

JN

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9746AF3A-3440-4277-9D25-E78B04A35A6D>