From owner-freebsd-stable Tue Jun 11 6: 0:53 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mail.qbrick.com (mail.qbrick.com [62.13.40.40]) by hub.freebsd.org (Postfix) with ESMTP id 4505D37B40D for ; Tue, 11 Jun 2002 06:00:47 -0700 (PDT) Received: from qbrick.com (unknown [62.13.40.34]) by mail.qbrick.com (Postfix) with ESMTP id 3FAD45031 for ; Tue, 11 Jun 2002 14:59:54 +0200 (CEST) Message-ID: <3D05F46C.40604@qbrick.com> Date: Tue, 11 Jun 2002 15:00:28 +0200 From: =?ISO-8859-1?Q?Johan_Bj=F6rk?= User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.0) Gecko/20020530 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-stable@FreeBSD.ORG Subject: Re: Bridge and ARP problem References: <851197237.1023111831656.JavaMail.Administrator@dumbo> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Just as a follow-up: I skipped the mess with one firewall. Found a PII 500Mhz, is using it for our local LAN. No probs. But I still think the idea should work. Perhaps with ipfw or OpenBSD(sorry) Cheers, johan Mnemonic Engineer wrote: > Why did you not setup a machine that only do NAT (with 2 3Com nic), and a machine that only do Bridging (with dc0 and the other 3Com) ? > > >>---------------------------------------- >>From: Johan Björk >>Sent: Mon Jun 03 13:48:59 GMT+02:00 2002 >>To: >>Subject: Re: Bridge and ARP problem >> >> >>Hi, >> >>Ok sorry if didn´t explained my problem better. Here we go: >> >>One box: 4 NIC, xl0,xl1,xl2,dc0 >> >>xl0 and dc0 is the bridge. None of these interfaces have an IP-address. >>xl0 is connected to the same switch as xl2. xl2 is my "outside" >>interface for my LAN. On xl1 I have DHCPd, IPnat is sending the >>trafic to xl2. >> >>map xl2 10.105.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp >>map xl2 10.105.1.0/24 -> 0.0.0.0/32 portmap auto >>map xl2 10.105.1.0/24 -> 0.0.0.0/32 >> >>The bridge(xl0 and dc0) is working. But in log/messages I get the Arp >>errors. >> >>[Internet] >> | >> | >>[ Switch ]---[xl0;No IP]-bridge-[dc0;No IP]---[DMZ Switch] >> | >> | >>[xl2 Outside interface LAN; With IP: XX.XXX.XXX.XX] >> | >> | >>[xl1 Inside interface LAN; With IP: 10.105.1.1] >> >>Sysctl: >>net.link.ether.bridge_cfg: xl0:0,dc0:0 >>net.link.ether.bridge: 1 >>net.link.ether.bridge_ipf: 1 >> >>My ipf.rules only allow tcp/udp in to the DMZ. No other protocol. >> >>Best regards, >>Johan Björk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message