From owner-freebsd-net@FreeBSD.ORG Sat Jul 8 18:29:23 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7393F16A4E0 for ; Sat, 8 Jul 2006 18:29:23 +0000 (UTC) (envelope-from sanford.owings@gmail.com) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id B0D5543D5D for ; Sat, 8 Jul 2006 18:29:22 +0000 (GMT) (envelope-from sanford.owings@gmail.com) Received: by wr-out-0506.google.com with SMTP id i22so1455774wra for ; Sat, 08 Jul 2006 11:29:22 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=lw0A3WOMN7JF1Av4jDJadeLyUW13oJvYk4q4ef3AfTMAiAIbvWcQ3b3dyMuLyzccV0jiIgOc0eHgKtEn69pnRPc+NQUXQLB0MDVnP7YErBVC9ZAmLjiPGxdTuBI/7N5JP4q0XGplM5+6EddbJR/2dlI5bBp99n1sGUMPlGBjEXY= Received: by 10.54.140.13 with SMTP id n13mr3043442wrd; Sat, 08 Jul 2006 11:29:21 -0700 (PDT) Received: by 10.54.99.17 with HTTP; Sat, 8 Jul 2006 11:29:21 -0700 (PDT) Message-ID: Date: Sat, 8 Jul 2006 11:29:21 -0700 From: "Sanford Owings" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Services on bridging host? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jul 2006 18:29:23 -0000 Hello. I'm looking for some assistance (or at least some more understanding) regarding a connectivity issue with a bridging host. In short, I have a host with two interfaces, using the "options BRIDGE" type of bridging. One interface has an IP assigned, and the other does not (as suggested by the FBSD handbook). Hosts on the "IP enabled" side of the bridging host can connect to that IP (ssh, SMB shares, etc), but not to hosts on the other side of the bridge. In addition, the bridging host itself cannot connect to services on the "non-IP enabled" side of itself. Segment 1: Desktop box .63 Laptop .65 Bridging host .2 Segment 2: Bridging host Firewall/gateway .1 Wireless access point .254 All hosts are in the same (192.168) class C. Hosts on segment 1 (not including the bridging host) can pass *through* the firewall/gateway to the internet, but cannot connect to any services running on the firewall host. Hosts on segment 2 (not including the bridging host, but including hosts connected via wireless) can connect to services on the firewall/gateway, as well as pass through it to the internet. However, no services running on the bridging host can be reached via its IP defined on segment 1. The ethernet address of the firewall host is listed on the segment 1 interface (em0, to differentiate from vr0) of the bridging hosts 'arp -a' output, despite the fact that the firewall is connected on the segment 2 side of the bridge. My sysctl.conf reads: net.link.ether.bridge.enable=1 net.link.ether.bridge.config=em0,vr0 em0 is ifconfiged with an address in rc.conf, while vr0 is not. uname -a: FreeBSD tranquillity.base 6.1-RC FreeBSD 6.1-RC #3: Mon Apr 24 10:56:48 PDT 2006 sowings@tranquillity.base:/usr/src/sys/i386/compile/tranquillity i386 I'd be happy to switch to if_bridge, but I had no luck with that at all in my first attempt. Can anyone offer a hint? If there's additional information needed to help sort this out, please let me know. Sanford -- Sanford Owings sanford.owings@gmail.com