From owner-freebsd-net@FreeBSD.ORG Mon Aug 11 01:55:15 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A4D3137B401 for ; Mon, 11 Aug 2003 01:55:15 -0700 (PDT) Received: from relay.macomnet.ru (relay.macomnet.ru [195.128.64.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6FB4B43F3F for ; Mon, 11 Aug 2003 01:55:14 -0700 (PDT) (envelope-from maxim@FreeBSD.org) Received: from news1.macomnet.ru (7pzwqbrn@news1.macomnet.ru [195.128.64.14]) by relay.macomnet.ru (8.11.6/8.11.6) with ESMTP id h7B8tAd11933271; Mon, 11 Aug 2003 12:55:10 +0400 (MSD) Date: Mon, 11 Aug 2003 12:55:10 +0400 (MSD) From: Maxim Konovalov To: Will Andrews In-Reply-To: <20030811065231.GQ95290@procyon.firepipe.net> Message-ID: <20030811105953.I84996@news1.macomnet.ru> References: <20030811065231.GQ95290@procyon.firepipe.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: net@FreeBSD.org Subject: Re: Bridging in FreeBSD without one side being blocked? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 08:55:15 -0000 Hello Will, On Sun, 10 Aug 2003, 23:52-0700, Will Andrews wrote: > Hello (please cc: me as I am not subscribed, thanks), > > I was wondering if anyone has managed to set up bridge in such a > way that hosts on both sides will be able to access the machine > doing the bridging. The reason I need this is because I need to > join two media types (10baseT/100baseTX and 1000baseSX), and both > sides of the bridge need access to the machine in question. I'd > prefer to do it like this instead of buying another switch with > the necessary media ports or a media converter just for this. > > As far as I can tell, it does not seem like FreeBSD's BRIDGE is > capable of doing this sort of thing. Does someone know if > > ng_bridge can do it, or if it could be made to with some slight > modifications? I could not find any documentation about someone > that has done something like this. > > I should note.. later I may add an Atheros card to the bridge, > configured in 802.11a host AP mode. Same conditions apply. :) > > Seems to me that if a packet is destined for an IP associated > with any of the bridge's child interfaces, the code should > recognize that the packet can be delivered directly to it, as > opposed to simply dropping it. First, there is a bug in bridge code when it is loaded as module. Use static compiled bridge instead. Second, if your NICs in a bridge cluster have different if_hwassist checksum capabilities, you hit another bug. Third, if you use vlan(4) there is a bug with bridging them too. Forth, you have to turn net.inet.ip.check_interface off (sysctl net.inet.ip.check_interface=0). I have a gross hack http://people.freebsd.org/~maxim/diff/bridge.diff to work around all these bugs but I still can't figure how to fix them properly. -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org