On Thursday 06 December 2007 13:31:38 Silver Salonen wrote:
> On Thursday 06 December 2007 13:21, Nikos Vassiliadis wrote:
> > On Thursday 06 December 2007 12:20:18 Atrox wrote:
> > > Well, as I understand, in my case, STP should be enabled mainly on
> > > TAP-interfaces as it would eliminate the scenario where, for an
> > > example, ARP-requests from for reach
> > > Have I understood it correctly?
> >
> > It sounds like you want to isolate the ethernets, not bridge them.
> > Bridging is not what you need, if I have understood correctly.
> >
> > You want to keep ARP and broadcasts to the relevant boxes, right?
> > You have to use VLANs on your switch to achieve this, not bridging.
> Actually the final target is to connect all the 3 LANs over VPN, so that
> they can browse eachother networks etc. When I did it, I could see
> duplicate packets looping through all bridges, so I thought I'd bring in
> STP. That's what it's for, right?

Not really, STP must be used/needed in a dynamic environment to
eliminate loops. Your environment doesn't seem dynamic to me. You
can create a loop-free topology like this:


1) is the shared network.
2) bridge1 bridges eth0 and tap0 which is the VPN to the root-bridge.
3) bridge2 bridges eth0 and tap0 which is the VPN to the root-bridge.
4) root-bridge bridges eth0, tap0 and tap1.

If you want STP, which you shouldn't normally using this topology,
increase root-bridge's priority manually, in order to win the elections
and be the root bridge.

Note that the external interfaces are not participating in the bridge.

HTH, Nikos
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to