Date: Sat, 15 Dec 2001 15:35:16 +1100 From: eirvine <eirvine@tpgi.com.au> To: freebsd-stable@FreeBSD.ORG Subject: bridge funny stuff Message-ID: <3C1AD304.55FC5863@tpgi.com.au>
next in thread | raw e-mail | index | archive | help
Hi all,
I've got a freebsd box which I'm attempting to configure as a bridging firewall. I've got the bridge part to work, but there are a few wierd things that are happening. First, my config:
fxp0
|
-----
| |
de0-| |-de1
| |
-----
de0: external network. Unplumbed.
de1: internal network. Unplumbed.
fxp0: internal network. Control interface plumbed to ip
and ipv6.
Wierd thing (a).
After I initialise the bridge, de0 and de1 come up with those auto-configured site local (?) ipv6 addresses. They were not there before.
Here are the commands I use to initialise the bridge:
sysctl net.link.ether.bridge=1
sysctl net.link.ether.bridge_cfg=de0:0,de1:0
sysctl net.link.ether.bridge_ipfw=1
Wierd thing (b):
The kernel seems to get responses from network pings at both fxp0 and de1. I get messages like this on the
console:
Dec 13 19:16:43 teddy /kernel: arp: 00:03:47:13:6a:88 is using my IP address 137.111.240.192!
Dec 13 19:16:43 teddy /kernel: xx ouch, bdg_forward for local pkt
Dec 13 19:16:44 teddy /kernel: arp: 00:03:47:13:6a:88 is using my IP address 137.111.240.192!
etc...
de1 is part of the bridge, not the IP stack, right?
The idea of setting up a bridge with two unplumbed bridge interfaces and a third plumbed "control" interface is the standard way to do it with Solaris and OpenBSD - I think.
Is freebsd different in this respect? Have I found a bug?
Eddie.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C1AD304.55FC5863>