Date: Sun, 13 Oct 2002 18:04:25 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Andriy Gapon <agapon@excite.com> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: ip broadcast bridging Message-ID: <20021013180425.C3866@carp.icir.org> In-Reply-To: <20021013194727.Q12422-100000@edge.foundation.invalid>; from agapon@excite.com on Sun, Oct 13, 2002 at 08:17:11PM -0400 References: <20021013194727.Q12422-100000@edge.foundation.invalid>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 13, 2002 at 08:17:11PM -0400, Andriy Gapon wrote: > > It looks like broadcast packets are not always bridged correctly. I have a ... > matches for the rules applicable only to the bridged interface without an > ip address. Of course I wouldn't be surpised if I hadn't > net.link.ether.bridge_ipfw: 0 What you see is perfectly normal. Bridged interfaces in a cluster are considered as a single "interface", so irrespective from where you get the traffic, it will be passed up the stack if it has proper addresses, which is what normally happens for multicast and broadcast IP packets. The fact that the interface has no IP associated does not matter, it is up and running for all practical purposes, and it will recognise the same traffic as the one on the other interface(s) in the cluster which have an IP address assigned. This is true both for ipfw1 and ipfw2 cheers luigi > My understanding that in this situation bridging should happen before ipfw > check and thus ipfw should not see any ip packets on the interface without > ip address. > After enabling logging for the rules in question it looks like only > broadcast packets of the bridged subnet originating from LAN connected to > ip-address-less interface get matched. > Using tcpdump I see that there is nothing wrong with the packets i.e. they > have correct ip and ether source addresses and correct destination: > broadcast ip address of the subnet and ff:ff:ff:ff:ff:ff ethernet > address. > > I have 4.7-RELEASE and ipfw2 on the bridge/gateway. > Sorry if this is not the most appropiate place to discuss this topic. > > -- > Andriy Gapon > * > "I do not know myself, and God forbid that I should." > Johann Wolfgang von Goethe > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021013180425.C3866>