Date: Fri, 14 Apr 2006 14:07:09 +0200 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: "Daniel O'Connor" <doconnor@gsoft.com.au> Cc: freebsd-net@freebsd.org Subject: Re: How to use if_bridge Message-ID: <20060414140709.20c51ebc@localhost> In-Reply-To: <200604142048.20189.doconnor@gsoft.com.au> References: <200604142048.20189.doconnor@gsoft.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_rK2jf=h_nQmefulo.3JK9lV Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable "Daniel O'Connor" <doconnor@gsoft.com.au> wrote: > I am trying to use if_bridge with OpenVPN and I am having some > trouble with basic bridging. >=20 > I am testing it on my laptop with has an ath interface which uses WPA > to a Linksys WRT54G and then to a FreeBSD gateway. >=20 > I have tried both configuring ath0 with an IP as well as bridge0 but > neither work. It seems that none of the packets from ath0 appear on > bridge0. ie.. > ath0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu > 1500 ether 00:90:96:c1:90:54 > media: IEEE 802.11 Wireless Ethernet autoselect (OFDM/48Mbps) > status: associated > ssid dons channel 6 bssid 00:13:10:9b:52:d4 > authmode WPA privacy ON deftxkey UNDEF TKIP 2:128-bit > txpowmax 35 protmode CTS burst roaming MANUAL bintval 100 > bridge0: flags=3D8143<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 > inet 10.0.2.102 netmask 0xff000000 broadcast 10.255.255.255 > ether ac:de:48:67:74:b6 > priority 32768 hellotime 2 fwddelay 15 maxage 20 > member: ath0 flags=3D7<LEARNING,DISCOVER,STP> > port 4 priority 128 path cost 55 blocking >=20 > When I run tcpdump.. > [inchoate 20:35] ~ >sudo tcpdump -ni bridge0 > Password: > tcpdump: verbose output suppressed, use -v or -vv for full protocol > decode listening on bridge0, link-type EN10MB (Ethernet), capture > size 96 bytes 20:35:30.586751 arp who-has 10.0.2.7 tell 10.0.2.102 > [etc] >=20 > Whereas a tcpdump on ath0 shows no ARP packets.. > I did the following to configure it.. >=20 > killall devd [to stop it running dhclient] > /etc/rc.d/netif stop ath0 > ifconfig bridge0 create > wpa_supplicant -i ath0 -c /etc/wpa_supplicant.conf > ifconfig bridge0 create > ifconfig bridge0 addm ath0 > dhclient bridge0 What's the intention behind the last step and why did you have to create bridge0 twice? =20 > I see the DHCPDISCOVER requests when I tcpdump bridge0 but they don't > appear on ath0. >=20 > If I run dhclient on ath0 it works fine for normal traffic but I > don't see any ath0 traffic on bridge0. If I create a tap interface > (eg cat /dev/tap0) and add it to the bridge (ifconfig bridge0 addm > tap0) it sees no packets either. >=20 > bridge0 appears to learn no addresses.. > [inchoate 20:46] ~ >ifconfig bridge0 addr > [inchoate 20:46] ~ > >=20 > Am I missing something obvious? > (This is on -current as of 27 Mar) If you didn't already, you have to set net.inet.ip.forwarding. Depending on your firewall setup you might have to disable some of the net.link.bridge sysctls as well. Fabian --=20 http://www.fabiankeil.de/ --Sig_rK2jf=h_nQmefulo.3JK9lV Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFEP5B1jV8GA4rMKUQRAtbzAJ4u+9DgbM77HxU7Fxa0nMP9OL5vrACeJ/5l NXAsYgsEuke86O7Hjxw+P08= =qKsS -----END PGP SIGNATURE----- --Sig_rK2jf=h_nQmefulo.3JK9lV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060414140709.20c51ebc>