From owner-freebsd-net Fri Dec 15 10:33:49 2000 From owner-freebsd-net@FreeBSD.ORG Fri Dec 15 10:33:47 2000 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from cgaylord.async.vt.edu (e028121.vtacs.vt.edu [63.164.28.121]) by hub.freebsd.org (Postfix) with ESMTP id 34EF537B400 for ; Fri, 15 Dec 2000 10:33:47 -0800 (PST) Received: by cgaylord.async.vt.edu (Postfix, from userid 1000) id 1749A2E1; Fri, 15 Dec 2000 13:33:46 -0500 (EST) Date: Fri, 15 Dec 2000 13:33:31 -0500 From: Clark Gaylord To: Luigi Rizzo Subject: Re: non-learning bridge for pathological network Message-ID: <20001215133331.E84586@cgaylord.async.vt.edu> References: <20001215002514.C84586@cgaylord.async.vt.edu> <200012150705.eBF75qr93086@iguana.aciri.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200012150705.eBF75qr93086@iguana.aciri.org>; from rizzo@aciri.org on Thu, Dec 14, 2000 at 11:05:52PM -0800 Resent-From: gaylord@cgaylord.async.vt.edu Resent-Date: Fri, 15 Dec 2000 13:33:45 -0500 Resent-To: freebsd-net@freebsd.org Resent-Message-Id: <20001215183346.1749A2E1@cgaylord.async.vt.edu> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Dec 14, 2000 at 11:05:52PM -0800, Luigi Rizzo wrote: > > The problem with the "just let it be a router" approach is that I > > want all traffic from B to go to A and C, not just that which is > > actually intended for said net (yes all can be considered nets). > > the thing is, i do not see much point for doing this (there would > be no receivers on the 'wrong' segment), so it would be easier for me to > understand what you have in mind if you describe the reason you want > to do this. It is to simulate a problem similar to the hidden node problem in wireless LAN. This is a lab situation, not one where we want a "good" network design. You could similarly consider the problem as similar to arbitrary monitoring, port replication, span port, etc. > > specific denies, e.g.: > > deny from A via ifC > > instead of > > deny from A to C > > > > I still get confused with via. > > 'via' does not work well with bridged packets, as ipfw has no > info on the output interface (as there can be more than one, essentially, > and ipfw is invoked only once and _before_ the output if is selected). Ah, yes, I see that now. Hmmm ... that does make it a poser. -- Clark K. Gaylord Blacksburg, Virginia USA cgaylord@vt.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message