On Wed, 2 Jan 2002, Lennert Buytenhek wrote:
> > I'm trying to bridge two ethernets, which ought to be pretty basic. The
> > one oddity is that the Linux box I'm using to do it (rocky) is running
> > under VMWare 3.0 on a Win2K box (sandy), [snip]
> >
> > When I generate some traffic from sandy destined for rocky, everything
> > works fine and "brctl showmacs br0" shows sandy's MAC address on port 2.
> > However, when I try to generate traffic from sandy destined for another
> > host on the network, "brctl showmacs br0" shows sandy's MAC address on
> > port 1, and the return traffic doesn't get to it (predictably enough).
>
> So the problem is that your Win2K machine cuts itself off from its local
> network when you start VMWare? Sorry, but I really don't know what could
> be the problem there. Unless I misunderstand you of course.
Sorry, no. Here's a picture of the networking configuration:
TCP/IP disabled
v
|-----/------- Sandy (Win2K)
| |(VMNet1)
Outside World --------| |
| |(eth1)
|------------- Rocky (Debian in VMWare on Sandy)
(eth0)
The line from Sandy to the outside world is the real network card. The
line from Rocky to Sandy is a simulated ethernet between Rocky and Sandy
only. The line from Rocky to the outside world is a bridge onto Sandy's
network interface provided by VMWare; as far as I know this bridge is
working perfectly.
I mentioned VMWare because it might be a complicating factor, but I
haven't seen any evidence (apart from my current problem) that the above
setup isn't a perfect simulation of two different machines connected to
the outside world via a hub and to each other using different network
cards via a cross-over cable.
What I want to do is use Rocky to transparently firewall Sandy as much as
possible (obviously it's not going to be great). So I've disabled TCP/IP
on Sandy's main network interface and am trying to run a Linux ethernet
bridge on Rocky. It's this that I'm having the problem with. All the
separate network interfaces have different MAC addresses. When I ping
Rocky from Sandy, "brctl showmacs br0" shows Sandy's VMNet1 MAC address on
port 2 (eth1). But when I try to ping the outside world from Sandy, "brctl
showmacs br0" shows Sandy's VMNet1 MAC address as being on port 1 (eth0),
and as a result the return packets don't get sent to it by the bridge.
Hope this makes more sense. What I'm trying to do probably sounds a bit
strange, but I'm used to always keeping Windows boxes firewalled behind
Linux, and since Sandy is a laptop the usual "shove an old 486 on the
network" solution doesn't quite work :-) I'm hoping to use bridging rather
than routing for various reasons to do with the different places I might
be plugging it in.
Cheers,
Ganesh
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
