Date: Sat, 25 Mar 2006 23:04:47 +0100 From: Andrew Seguin <asegu_fbsdnet@borgtech.ca> To: freebsd-net@freebsd.org Subject: Re: net.link.ether.bridge.config effeciency for more then 2 interfaces? [solved of sorts] Message-ID: <4425BE7F.3030708@borgtech.ca> In-Reply-To: <442304AD.1010709@borgtech.ca> References: <442304AD.1010709@borgtech.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew Seguin wrote:
> I'm trying to get a vlan based firewall working, but having a problem
> with ARP & DHCP not working well
> (dhcp could be maybe not working well because of ARP)
>
> The network is setup:
> IP: xyz.zyx.xzy.0/24
> [ISP router -> ISP Switch] -> firewall ->{vlans-tagged}->layer2
> switch->other switches
> (I don't have the authoritzation to put the firewall between the ISP
> router/switch unfortunatly)
The problem kept nagging at my head... a solution finnally came to me...
the switch between the two routers is the problem. So I needed an ARP
solution... a bit of googling and I found proxy_arp for linux and a two
clicks later found choparp. A quick test... and it works!
Simply I run choparp fxp0 <mac> xyz.zyx.xzy.16/28 xyz.zyx.xzy.32/27
xyz.zyx.xzy.64/26 xyz.zyx.xzy.128/25
and voila... no more need for a bridge! :)
I still don't know why bridging two vlans to the main internet
connection was wrotten performance for ARP, but at least this way it
works and it's more satisfying by not using bridge anymore.
Thanks to those on this list for having helped me several times before
and for simply being there for others!
Andrew
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4425BE7F.3030708>