Date: Sun, 12 Sep 2004 19:03:42 +0530 From: Subhro <subhro.kar@gmail.com> To: SharkTECH Maillists <freebsd@sharktech.net> Cc: freebsd-questions@freebsd.org Subject: Re: Interface Bonding & Bridging problem Message-ID: <b2807d0404091206331bd58efe@mail.gmail.com> In-Reply-To: <049601c4980d$859444e0$dec2fea9@psyxakias> References: <049601c4980d$859444e0$dec2fea9@psyxakias>
next in thread | previous in thread | raw e-mail | index | archive | help
I am not 100% sure of what I speak about. Bridge works in layer 2 i.e. the data link layer. The virtual interface does not have a data link layer so it is not possible to get the bridging done as the way you are saying Regards S. On Sat, 11 Sep 2004 17:42:09 +0300, SharkTECH Maillists <freebsd@sharktech.net> wrote: > Hello, > > I have been running a FreeBSD 4.10-STABLE server having 3 nics installed but > was using only 2 of them (1 for uplink and 1 for switch) to monitor, filter > and shape my network and had absolutely no problems at all. > > However, in order to increase the ability of handling even more packets > (especially while filtering incoming DDoS), I decided to get a 2nd uplink > from backbone, connect it to em1, bond em0/em1 (uplinks) to ngeth0/fec0 > (virtual interface) and bridge ngeth0/fec0 with em2 (switch link). In order > for this to work, etherchanneling is enabled between uplink1/uplink2 at the > backbone side. > > The problem is although bonding seems to work fine as I can assign IPs at > fec0/ngeth0 and send/receive packet with both cards using the virtual > interface, I cannot get bridging to work at all between ngeth0/fec0(virtual) > and em2(switch). There are no errors in logs, it just doesn't seem to > bridge. > > After doing a 2 days research in Google, FreeBSD maillists, web articles and > asking for help in freebsdhelp IRC channels, I ended up that someone in > FreeBSD maillists may be able to help me providing me a different > bonding/bridging way or even by applying a patch. > > I was thinking that the solution may be to do both bonding & bridging using > netgraph, and not bridging using FreeBSD's kernel bridge. I'd be glad to try > this but unfortunately I haven't figured out how, even after reading several > articles. So if anyone can help me on this step-by-step, please do. > > I will appreciate any replies after you take a look at the diagrams and > settings below, that are showing what exactly I have done until now. > > Best Regards, > > Angelos Pantazopoulos > freebsd@sharktech.net > SharkTECH Internet Services > > ==================================================== > S E T T I N G S > ==================================================== > > Using 1 uplink settings (works excellent) > ----------------------------------------- > #bridging# > (options BRIDGE in kernel) > ifconfig em0 -arp > sysctl net.link.ether.bridge=1 > sysctl net.link.ether.bridge_cfg=em0,em1 > sysctl net.link.ether.bridge_ipfw=1 > > Using 2 uplinks with ng_fec (bridging problem) > ---------------------------------------------- > #bonding# > kldload ng_ether > kldload ng_fec > ngctl mkpeer fec dummy fec > ngctl msg fec0: add_iface '"em0"' > ngctl msg fec0: add_iface '"em1"' > ngctl msg fec0: set_mode_inet > ifconfig em0 promisc > ifconfig em1 promisc > ifconfig fec0 promisc > > #bridging# > (options BRIDGE in kernel) > sysctl net.link.ether.bridge=1 > sysctl net.link.ether.bridge_cfg=fec0,em2 > sysctl net.link.ether.bridge_ipfw=1 > > Using 2 uplinks with ng_one2many (bridging problem) > --------------------------------------------------- > #bonding# > kldload ng_ether > kldload ng_one2many > ifconfig em0 promisc -arp up > ifconfig em1 promisc -arp up > ngctl mkpeer . eiface hook ether > ngctl mkpeer ngeth0: one2many lower one > ngctl connect em0: ngeth0:lower lower many0 > ngctl connect em1: ngeth0:lower lower many1 > ifconfig ngeth0 -arp up > > #bridging# > (options BRIDGE in kernel) > sysctl net.link.ether.bridge=1 > sysctl net.link.ether.bridge_cfg=ngeth0,em2 > sysctl net.link.ether.bridge_ipfw=1 > > ==================================================== > D I A G R A M S > ==================================================== > > Using 1 uplink (works excellent): > ---------------------- > INTERNET UPLINK > ---------------------- > | > | > em0 > *************** > FREEBSD BOX FOR <<-- Bridging em0 and em2 > IPFW FILTERING > *************** > em2 > | > | > ---------------------- > SWITCH > ---------------------- > > Using 2 uplinks (bridging problem): > ---------------------- > INTERNET UPLINK > ---------------------- > | | > | | > em0 em1 > \ / > \ / > (virtual) > *************** > FREEBSD BOX FOR <<-- Bonding em0/em1 and bridging with em2 > IPFW FILTERING > *************** > em2 > | > | > ---------------------- > SWITCH > ---------------------- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b2807d0404091206331bd58efe>