Date: Wed, 24 Apr 2019 19:36:54 -0500 From: Dan Lists <lists.dan@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: Bridge not Forwarding ARP Message-ID: <CAPW8bZ1xOgMfpa7m7fxTEQRGKU22MfCS%2BxiqeSzgWnGUDS7cnw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I am trying to set up a bridged firewall in VMWare. I have a test setup like this: Internal --- vswitch --- (em2) Filter (em1) -- switch -- External The Internal, Filter, and External servers are all running FreeBSD 11.2. Filter has a bridge0 using members em1 (external side) and em2 (internal side). If I ping from Internal to External I see ARP Requests on em2, bridge0, and em1 of Filter. I see ARP Replies on em1 but they do not show up on bridge0. This is the same with or without a firewall running on Filter. If I ping from External to Internal then I see both ARP Requests and Replies on all interfaces and the ping works. I searched and read documentation and everything I can find says that ARP packets should be forwarded over the bridge. Why are the ARP Replies only being forwarded in one direction? I was looking at sysctl output and I found kern.features.security_mac but google search didn't turn up and documentation. I tried to change it (sysctl and loader.conf) but it seems hard coded to 1. I'm not really sure what to try. Any help would be appreciated.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPW8bZ1xOgMfpa7m7fxTEQRGKU22MfCS%2BxiqeSzgWnGUDS7cnw>