From owner-freebsd-net Mon Feb 5 4:32:16 2001 Delivered-To: freebsd-net@freebsd.org Received: from onion.ish.org (onion.ish.org [210.145.219.202]) by hub.freebsd.org (Postfix) with ESMTP id 83FB337B699; Mon, 5 Feb 2001 04:31:55 -0800 (PST) Received: from localhost (ishizuka@localhost [127.0.0.1]) by onion.ish.org (8.11.2/8.11.1/2000-12-01) with ESMTP id f15CVrn16675; Mon, 5 Feb 2001 21:31:53 +0900 (JST) (envelope-from ishizuka@ish.org) To: freebsd-net@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: BRIDGE breaks ARP? In-Reply-To: <200102051155.f15Bt0p20537@iguana.aciri.org> References: <20010205170801Q.ishizuka@onion.ish.org> <200102051155.f15Bt0p20537@iguana.aciri.org> X-Mailer: Mew version 1.94.2 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA) X-PGP-Fingerprint20: 276D 697A C2CB 1580 C683 8F18 DA98 1A4A 50D2 C4CB X-PGP-Fingerprint16: C6 DE 46 24 D7 9F 22 EB 79 E2 90 AB 1B 9A 35 2E X-PGP-Public-Key: http://www.ish.org/pgp-public-key.txt X-URL: http://www.ish.org/ Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20010205213153T.ishizuka@onion.ish.org> Date: Mon, 05 Feb 2001 21:31:53 +0900 From: Masachika ISHIZUKA X-Dispatcher: imput version 20000414(IM141) Lines: 42 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >> I cvsuped three hours ago and the same ARP troubles happened. > > can you repeat exactly what the problem was (bridge machine not > responding to ARP requests ?) and what is your exact setup (i > am interested in ipfw config, and the following sysctl vars: > > net.link.ether.bridge > net.link.ether.bridge_ipfw > net.link.ether.bridge_cfg The problem is that the bridge machine can not communicate any other machines unless net.link.ether.bridge=0. That is no response from/to any other machines to ping command. sysctl variables are shown bellow. net.link.ether.bridge=1 net.link.ether.bridge_ipfw=1 net.inet.ip.dummynet.expire=0 net.link.ether.bridge_cfg=fxp0:1,fxp1:1 And ipfw setup is shown as follows. ip="My IP address" net="My network address" ipfw add pass all from any to any via lo0 ipfw add deny all from any to 127.0.0.0/8 ipfw add pass ospf from ${net} to any bridged ipfw add pass all from ${net} to ${net} ipfw pipe 1 config mask dst-ip 0xffffffff buckets 1024 ipfw pipe 2 config mask src-ip 0xffffffff buckets 1024 ipfw add pipe 1 all from any to any bridged via fxp0 in ipfw add pipe 2 all from any to any bridged via fxp1 in ipfw add pass icmp from any to any ipfw add pass tcp from any to any established ipfw add pass tcp from any to ${ip} 53,110,113 setup ipfw add pass tcp from ${ip} to any setup ipfw add pass udp from any to ${ip} 33434-33500 #traceroute ipfw add pass udp from ${ip} to any 33434-33500 #traceroute ipfw add deny log all from any to ${ip} -- ishizuka@ish.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message