Date: Mon, 10 May 2004 21:14:34 +0200 From: Juan Rodriguez Hervella <jrh@it.uc3m.es> To: freebsd-net@freebsd.org Cc: Etienne Robillard <erob@videotron.ca> Subject: Re: bridging and promiscuous mode... works but can"t get packets back Message-ID: <200405102114.34437.jrh@it.uc3m.es> In-Reply-To: <409FCAA5.5000504@videotron.ca> References: <409FCAA5.5000504@videotron.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 10 May 2004 20:32, Etienne Robillard wrote: > Hi > > I am quite new to this list :) > > Context: > There's a bridge that does one logical net for two nics (vr0,rl0) on the > same box (freebsd-4.10-prerelease). > > vr0 = outsite net (isp connected with dhclient) > rl0 = inside net (192.168.1.1) connected with a 10BaseT/UTP cable. > > The module in use is bridge.ko and ipfw is in use by the bridge. > Moreover, there's two servers (dhcpd/dnscache) that do dhcp and > name-resolution on 192.168.1.1 (rl0). > > Question: Why promiscuous-mode enabled interfaces routes packets > outbound successfully but not inbound ?? That is, why the private host > can lookup addresses, but fails to receive back tcp packets from the > internet ? > > any ideas ? > > I would really much appreciate any kinds of comments or hints concerning > this scenario... > > Thanks > Hello Etienne, I think that you dont have to make bridging, I think you need to make NAT. As far as I know, if you bridge both interfaces, you are joining the networks at the link layer (L2), but the IP layer (L3) is what it is used to route your packets in the internet. so If your packets are sent with a private IP address as source address, (192.168.X.X) you won't get any response back (private addressing is not globally routable) I've got dial-up access at home and I use "ppp" with the NAT option to deal with the same situation your are describing here, I think. Hope this helps. -- ****** JFRH ****** User n.: A programmer who will believe anything you tell him.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200405102114.34437.jrh>