Date: Fri, 24 Apr 1998 09:02:10 +0100 From: Karl Pielorz <kpielorz@tdx.co.uk> To: Luigi Rizzo <luigi@labinfo.iet.unipi.it> Cc: current@FreeBSD.ORG Subject: Re: Bridging... Message-ID: <35404702.C76E25A2@tdx.co.uk> References: <199804240607.IAA20557@labinfo.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo wrote: > I am trying to see what could be the best way to implement bridging > within FreeBSD. The main app would be to connect 10/100 Mbit > interfaces in the most transparent way (I know doing packet filtering > on a 100 Mbit segment places a bit of load on the host and a > dedicated solution could be cheaper/more efficient). > > Comments/opinions ? That's funny - I was going ask _EXACTLY_ how you could do this with FreeBSD! We're thinking of putting a FBSD machine 'between' our Cisco 2503 and the rest of the LAN - the firewalling on FreeBSD is now 'better' than that on our aging IOS Cisco - plus the box can 'capture' the bad packets - rather than just junking them... I'd like to have done it 'transparently' somehow - literally just copying the traffic from say one fxp interface to another - running it through IPFW (if possible) on the way... Otherwise we have to do some renumbering and waste another 4 IP addresses (2 host subnet) on this, which although is no major shakes it would be nice to do it a bit 'cleaner'... <g> So - Yes, I think it's a good idea! <g> > when configured as a bridge, just set the interfaces in promiscuous > mode, and pass incoming packets to the other interfaces in the > cluster using the usual bridging algorithms (see my bridge code on > my web page). Would this include running through IPFW or similar? - and could it still use bpf etc. to sniff packets? Regards, Karl Pielorz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35404702.C76E25A2>