From: יי Yann GROSSEL ייי <[EMAIL PROTECTED]> On Thu, 02 Jan 2003 09:42:13 -0500 "Bill Moran" <[EMAIL PROTECTED]> wrote: > >Gateways are designed to forward packets from network to network. If a > >machine wants to send a packet to a remote network, it will send that > >packet to the gateway by putting the gateway interface MAC address in > >the destination field of the ethernet packet. The gateway will know > >that it must forward the packet because of that. And it will know where > >to forward the packet by looking to the destination IP address field of > >the packet. > > > >Here the machines are "forwarding" ethernet packets with a destination > >MAC address field set to ANOTHER machine of our network. In other > >words, these packets are NOT targetted to the "gateways", neither from > >their MAC address destination field nor from their IP address > >destination field. > > > >So why are these packets "forwarded" ? > > Well, this is getting into internals that are a little beyond me, but I > would say that it's because forwarding occurs at the IP level. You > seem to be confusing the behaviour your expecting with a bridge, which > forwards at the MAC level. I'd bet the kernel logic that handles > forwarding knows nothing about MAC addresses (based on the network stack > model) and thus can't make decisions based on them.I think it can't be so. If a gateway's kernel doesn't look at the destination MAC address of ethernet packets before forwarding them, a gateway on a network with hubs (and not switches) will try to forward ALL packets passing on the wire.
Let me restate the fact that much of the exact answer to this is a little over my head (I'm surprised that a guru hasn't responded with an exact answer yet). I still don't see how your logic could work. By definition, and IP router can not be using MAC information. It's perfectly possible for a FreeBSD machine to be a gateway and have NO interfaces that use MAC addresses.
> Is there a reason that forwarding should be on for these machines? Some of the machines were not gateways, so we turned of forwading off on them after we noticed the problem. Doing so reduced the amount of "flood".
That would be what I would expect.
However other machines are true gateways to other networks so we can't turn forwading off on these.
Wow ... this must be a big network. I've never had need for very many gateways on a single hub/switch (never more than 1 that I can remember) Not knowing any of the details of your network, I can't say for sure, but I will state this observation: I have seen people blame FreeBSD for doing things when it was configured improperly. Specifically, I have seen people with outrageous (and pretty much incorrect) gateway/routing configs that blamed FreeBSD for the instability of the network. The problem was solved when I altered the network topology ... and ended up with a single gateway. Obviously, this isn't always possible on very large networks, but I still find it odd that you'd have more than 1 gateway on a particular hub/switch. Are the gateway machines still causing the flood?
Please CC me if you find a solution, as I'm curious now ;)PS: someone is posting right now in the [EMAIL PROTECTED] ML a problem that look very much like mine ("Routing and Zebra")
MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message