From owner-freebsd-net Tue Aug 29 10:25:33 2000 Delivered-To: freebsd-net@freebsd.org Received: from onion.ish.org (onion.ish.org [210.145.219.202]) by hub.freebsd.org (Postfix) with ESMTP id 47A5737B422 for ; Tue, 29 Aug 2000 10:25:28 -0700 (PDT) Received: from localhost (ishizuka@localhost [127.0.0.1]) by onion.ish.org (8.9.3/3.7Wpl2-2000/05/28) with ESMTP id CAA69603 for ; Wed, 30 Aug 2000 02:25:26 +0900 (JST) To: freebsd-net@freebsd.org Subject: bridge on FreeBSD 4.1R X-Mailer: Mew version 1.94.2 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA) X-PGP-Fingerprint20: 276D 697A C2CB 1580 C683 8F18 DA98 1A4A 50D2 C4CB X-PGP-Fingerprint16: C6 DE 46 24 D7 9F 22 EB 79 E2 90 AB 1B 9A 35 2E X-PGP-Public-Key: http://www.ish.org/pgp-public-key.txt X-URL: http://www.ish.org/ Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20000830022526S.ishizuka@onion.ish.org> Date: Wed, 30 Aug 2000 02:25:26 +0900 From: Masachika ISHIZUKA X-Dispatcher: imput version 20000414(IM141) Lines: 55 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I want to use bridge on 4.1-RELEASE with the following kernel options and two fxp NICs. options IPFIREWALL options IPFIREWALL_VERBOSE options BRIDGE options DUMMYNET I have two questions. (1) options IPFIREWALL_DEFAULT_TO_ACCEPT is needed ? On 4.0R, I think the 'options IPFIREWALL_DEFAULT_TO_ACCEPT' is needed to pass the non IP packets like ARP. On 4.1R, with the 'options IPFIREWALL_DEFAULT_TO_ACCEPT', the counter values of 'ipfw -at list 65535' is not up even when passing ARP packets. I think the line number of 681 in /sys/net/bridge.c is bypass the ipfw for non IP packets. Is it right ? (2) Arp invalid MAC address once a week or less ? I use bridge shown as follows. Backbone #1 Backbone #2 ^ ^ | | +-----+-----+ +-----+-----+ |cisco 7206 | |cisco 7513 | +-----+-----+ +-----+-----+ | | ------+------------+------------+------ | |MAC: A1:A2:A3:A4:A5:A6 +-----+-----+ | bridge | | (4.1R) | +-----+-----+ |MAC: B1:B2:B3:B4:B5:B6 | |MAC: C1:C2:C3:C4:C5:C6, IP: 10.1.1.1 +-----+-----+ | client PC | | (4.1R) | +-----------+ Normally, the arp tables of cisco 7206 and cisco 7513 are '10.1.1.1 C1C2.C3C4.C5C6'. But once a week or less, The arp tables of both cisco routers are '10.1.1.1 B1B2.B3B4.C5C6', that is the first 4 bytes of MAC address in arp table is invalid. Are there any one with the same problems ? Thank you for advice and sorry to my poor English. -- ishizuka@ish.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message