From owner-freebsd-net@FreeBSD.ORG Sun May 18 00:56:54 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A4C3437B401 for ; Sun, 18 May 2003 00:56:54 -0700 (PDT) Received: from ns1.interbgc.com (mail.interbgc.com [217.9.224.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 5CA1F43F75 for ; Sun, 18 May 2003 00:56:51 -0700 (PDT) (envelope-from rado@cablebg.net) Received: (qmail 8264 invoked by uid 1008); 18 May 2003 07:56:47 -0000 Message-ID: <20030518075647.8263.qmail@ns1.interbgc.com> From: "rado" To: freebsd-net@freebsd.org Date: Sun, 18 May 2003 10:56:47 +0300 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: fbsd briding && routing X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2003 07:56:55 -0000 Hi, I've got a FreeBSD box with 4 Ethernet interfaces. What I tried to achieve is making three ot them (xl0, xl1, xl2) part of a bridging cluster, and the last one is my Internet connection. So, basically the idea behind all this is using the box as an integrated routing and bridging mashine. The setup is someting like this: xl0: no IP Internet <---> | ISP IP Addr. xl1: 192.168.1.1 xl2: no IP All the machines have 192.168.1/24 addreses, as I want to see each other directly through bridging. xl1 has 192.168.1.1 as a default gw for all the machines. Everyting works just fine, for all intranet communication, between these three ethernet segments. The problem is when there's a sesion between internal machine and internet, and only for machines on xl0 and xl2 (every unnumbered interface). The problem, as I see it, is becuase FreeBSD tries to forward the packet, according to its routing tables (normall!!), and this always points to xl1 interface. But this prevent the machine on xl0/xl2 from seeing the packet, obviously the bridging is skipped this way. I wonder, is it logical to have net.link.ether.bridge turned on, and have the normal routing applied for packets with destination IPs on one of the bridge-cluster interfaces,skipping all unnumbered ifaces.