From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 10:10:31 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 923E316A4CE for ; Thu, 12 Feb 2004 10:10:31 -0800 (PST) Received: from spintime.org (mail.spintime.org [207.206.44.110]) by mx1.FreeBSD.org (Postfix) with SMTP id 3468B43D1F for ; Thu, 12 Feb 2004 10:10:31 -0800 (PST) (envelope-from cody@wilkshire.net) Received: (qmail 83252 invoked by uid 0); 12 Feb 2004 18:10:07 -0000 Received: from cody@wilkshire.net by spintime.org by uid 0 with qmail-scanner-1.16 (clamscan: 0.54. Clear:. Processed in 1.927103 secs); 12 Feb 2004 18:10:07 -0000 X-Qmail-Scanner-Mail-From: cody@wilkshire.net via spintime.org X-Qmail-Scanner: 1.16 (Clear:. Processed in 1.927103 secs) Received: from unknown (HELO MISCHIEVOUS) (spinnah@spintime.org@198.30.217.3) by mail.spintime.org with SMTP; 12 Feb 2004 18:10:05 -0000 Message-ID: <000a01c3f193$7f36a500$011aa8c0@MISCHIEVOUS> From: "Cody Baker" To: References: <20040212144532.B3D3C43D2F@mx1.FreeBSD.org> Date: Thu, 12 Feb 2004 13:09:46 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: 5.2 Bridging issue X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 18:10:31 -0000 I am having this same issue, 5.2 RELESE. ----- Original Message ----- From: "Tony Saign" To: "'Aaron D. Gifford'" Cc: Sent: Thursday, February 12, 2004 9:45 AM Subject: RE: 5.2 Bridging issue > I have a similar setup, and it works just fine. > > My config; > > fxp0 = internet > fxp1 = LAN > ath0 = WLAN bridged to fxp1 > > fxp0 = 66.146.x.x > fxp1 = 172.17.1.1 > ath0 = zip, no ip address assigned > %ifconfig ath0 > ath0: flags=8943 mtu 1500 > ether 00:0b:cd:59:00:33 > media: IEEE 802.11 Wireless Ethernet autoselect mode 11g > status: associated > ssid BSDg 1:BSDg > channel 1 authmode OPEN powersavemode OFF powersavesleep 100 > wepmode MIXED weptxkey 1 > wepkey 1:104-bit > > My /etc/rc.conf > defaultrouter="66.146.x.x" > gateway_enable="YES" > ifconfig_fxp0="inet 66.146.x.x netmask 255.255.255.0" > ifconfig_fxp1="inet 172.17.1.1 netmask 255.255.255.0" > ifconfig_ath0="inet up ssid BSDg mediaopt hostap" > sysctl net.link.ether.bridge.enable=1 > sysctl net.link.ether.bridge.config="ath0 fxp1" > sysctl net.link.ether.bridge.ipfw=1 > > Kernel config includes DUMMYNET, and IPFW > IPFW handles NAT on my box. > I have a script in rc.d that runs to set band .a/b/g and WEP key > My system is 5.2-CURRENT, and also acts as a DNS/DHCP server. > > -Tony > > > -----Original Message----- > From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] > On Behalf Of Aaron D. Gifford > Sent: Thursday, February 12, 2004 2:57 AM > To: "FreeBSD List"@FreeBSD.ORG > Subject: 5.2 Bridging issue > > PROBLEM SUMMARY: > ---------------- > > I've got a bridge(4) issue on a BSD 5.2.1 box. The bridging box has three > ethernet interfaces, two bridged together in a single cluster, and one > connected to the internet. The box acts as a bridge for the two network > segments, and as a router to the Internet (it's the default gateway). The > problem is, only one of the bridged segments can communicate with the BSD > box directly (and thus the Internet), even though the two segments can talk > to each other just fine. > > > NETWORK SET-UP: > --------------- > > First, let me clue you in on my network set-up: > > FreeBSD 5.2 Box with 3 ethernet interfaces, em0, rl0, and rl1: > > [FreeBSD Box] > | | | > rl0 rl1 em0 > | | | > | | +---To-Internal-Network-Segment-#1... > | | > | +---To-Internal-Network-Segment-#2.. > | > +---Internet... > > Interfaces rl1 and em0 are bridged: > > net.link.ether.bridge.config=em0:1,rl1:1 > > Since they ARE bridged and so are "on the same subnet", only em0 has > an IP address: > > ifconfig em0 inet 10.10.10.1/16 > > I don't see how or why one would need or could assign an IP on the > same subnet to the other interface, rl1, unless it was handled like > many alias addresses, as a /32 host address. > > Interface rl0 is the link to the Internet. > > Bridging for the most part seems to be working. Hosts on segment #1 > (via em0) are visible to hosts on segment #2 (connected via rl1). They > can ping each other, get ARP address resolution, and pass IP traffic. > > All hosts use 10.10.10.1 as their default gateway to the Internet. > > Hosts on segment #1 can reach the Internet just fine. > > > PROBLEM DETAILS: > ---------------- > > Hosts on segment #2 cannot seem to be able to communicate with the > bridinging/routing FreeBSD box's own IP addresses, and since it is the > default gateway, in turn they cannot reach the Internet. No layer 2 > traffic (ARP) reaches the FreeBSD box directly (the ARP table shows > "incomplete" for all segment #2 addresses, even though ARP packets > DO reach segment #1 just fine, passing transparently through the > FreeBSD box. The BSD box just can't see stuff addressed directly to it. > > This is NOT a firewalling or NAT issue. This is exclusively a bridging > issue. Firewalling/NAT occurse elsewhere. > > So since I'm a FreeBSD bridge(4) newbie, after scouring the man page, > reading the Handbook's information, searching various mailing list archives, > I can't find anything useful that tells me if bridge's bdg_forward() knows > how to handle traffic like this. Apparently it doesn't. > > So bridging is just fine if you want your BSD box hidden, transparent, > invisible. But if you want it visible so it can act as a default gateway > to all segments of a subnet that are bridged together, HOW DOES ONE DO IT? > > I can't ifconfig the rl1 interface with an IP on the same subnet unless it's > a /32, and that accomplishes nothing (the IP packets are addressed to the > IP address assigned to em0). Bridging SHOULD just bridge, so traffic to > the BSD box's em0 IP should come in on rl1 and be processed by the host. > > Somehow the bridging code knows the MAC addresses on the segment #2 side of > things (rl1), since it passes traffic between the two segments just fine. > But the kernel's ARP table is totally ignorant. It can't find those hosts. > > > REQUEST FOR HELP: > ----------------- > > Thanks in advance for all help, pointers, etc. If there's not a way to do > this, then this sounds like an issue that should be added to the BUGS > section > of the bridge(4) man page. > > Aaron out. > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >