[Bridge] Trouble with ARP traffic

Fri, 01 Sep 2006 09:02:27 -0700

Hi,

 

I’ve setup a Linux (SUSE v. 2.6.16.13-4-smp) in bridging mode. The br0 interface has two physical: eth0 and eth1.

The eth0 interface is connected to our LAN, the eth1 is connected to a SONICWALL firewall. STP is turned off, since it’s the only bridge connecting the two areas.

The bridge is also acting filtering some traffic via iptables.

 

All is working fine, but when I use tcpdump on the eth1 interface, I see all the ARP requests of the LAN. In other words, the entirely ARP broadcasts (that will be resolved internally) are passing the bridge and reaching the firewall.

 

As a bridge, the Linux box should be aware where every machine is located and separate logically the two segments, shouldn’t it?

 

Also, the command “arp –a” shows only one address, wether the “brctl showmacs br0”  shows all the addresses correctly. Is this a normal behaviour?

 

Thank you for every advice,

Raffaele

 

 

Output of brctl showstp br0

---------------------------------------

 

br0

 bridge id              8000.001560a34be7

 designated root        8000.001560a34be7

 root port                 0                    path cost                  0

 max age                  20.00                 bridge max age            50.00

 hello time                2.00                 bridge hello time          5.00

 forward delay            37.50                 bridge forward delay      15.00

 ageing time             300.01

 hello timer               1.39                 tcn timer                  0.00

 topology change timer     0.00                 gc timer                   0.05

 flags

 

 

eth0 (1)

 port id                8001                    state                forwarding

 designated root        8000.001560a34be7       path cost                 19

 designated bridge      8000.001560a34be7       message age timer          0.00

 designated port        8001                    forward delay timer        0.00

 designated cost           0                    hold timer                 0.39

 flags

 

eth1 (2)

 port id                8002                    state                forwarding

 designated root        8000.001560a34be7       path cost                100

 designated bridge      8000.001560a34be7       message age timer          0.00

 designated port        8002                    forward delay timer        0.00

 designated cost           0                    hold timer                 0.39

 flags

 

Output of brctl showmacs br0

------------------------------------------

 

1     00:04:23:0a:a6:13       no                86.16

  1     00:04:75:4c:d7:03       no                 5.06

  1     00:04:75:87:bd:a9       no               138.51

  1     00:04:76:a3:c9:b8       no               100.12

  2     00:06:b1:11:8d:a4       no                 0.07

  1     00:0f:20:3b:8e:4e       no                41.11

  1     00:0f:20:3b:fe:57       no                60.78

  1     00:14:69:b4:49:84       no                 0.14

  1     00:15:60:a3:4b:e7       yes                0.00

  1     00:30:c1:5f:24:56       no                28.16

  1     00:30:c1:8c:e7:61       no                39.05

  2     00:c0:f0:56:51:c6       yes                0.00

 

 

_______________________________________________
Bridge mailing list
[email protected]
https://lists.osdl.org/mailman/listinfo/bridge

Reply via email to