On Tue, Feb 12, 2013 at 03:13:09PM +0000, Stuart Henderson wrote: > Generally looking very good, just a couple of tweaks: > > On 2013/02/12 15:06, Jeremie Le Hen wrote: > > +<li>The <a href="#DHCPserver">DHCP server configuration</a> is not > > +described yet again in this section but the addressing scheme used here is > > +the same. > > +<li>The will also be the uplink router for your bridged network, so we > > s/The/This > > > +will use IP address 192.168.1.1 to match the DHCP server configuration. > > +<li>We will not cover the uplink, routing or firewalling configuration > > +here.</li> > > +</ul> > [..] > > +Then create the vether0 configuration: > > + > > +<blockquote><pre> > > +$ <b>cat /etc/hostname.vether0</b> > > +inet 192.168.1.2 255.255.255.0 192.168.1.255 > > If I understood the above paragraph correctly, this should be 192.168.1.1 > shouldn't it?
This is a remnant of the first version. Thanks again for your review. http://people.chchile.org/~jlh/tmp/faq6.html http://people.chchile.org/~jlh/tmp/faq6.diff Index: faq6.html =================================================================== RCS file: /cvs/www/faq/faq6.html,v retrieving revision 1.304 diff -u -p -r1.304 faq6.html --- faq6.html 2 Nov 2012 11:25:12 -0000 1.304 +++ faq6.html 12 Feb 2013 15:52:19 -0000 @@ -1295,7 +1295,7 @@ address, the bridge will pass network da maintainable (which can be a feature). <p> -<h3>An example of a bridge application</h3> +<h3>A simple example of a bridge application</h3> <p> One of my computer racks has a number of older systems, none of which @@ -1367,6 +1367,87 @@ directions. <p> That's it! Reboot, and you now have a functioning bridge. + +<p> +<h3>A bridge acting as a DHCP server</h3> + +<p> +Let's say we have a Soekris net5501, which has four +<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4";>vr(4)</a> +interfaces, vr0 through vr3. We want to bridge vr1, vr2 and vr3 +together, leaving out vr0 for an uplink (a cable modem for instance). +We also want to serve IP addresses through DHCP over the bridged +interfaces. Being a DHCP server and an uplink router, the box needs to +have an IP address on the bridged network (contrary to the previous +example in which the bridging box was not visible on the network). + +<p> +It is not possible to assign an IP address directly to a +<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4";>bridge(4)</a> +interface. The IP address should be added to one of the member +interfaces, but we cannot use a physical interface as the link might be +down, in which case the address would not be reachable. Fortunately, +starting with OpenBSD 4.7, there is a virtual Ethernet interface driver +<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vether&sektion=4";>vether(4)</a> +that can be used for that purpose. We will add it to the bridge, assign +the IP address to it and make dhcpd(8) listen there. + +<p> +Notes: + +<ul> +<li>The <a href="#DHCPserver">DHCP server configuration</a> is not +described yet again in this section but the addressing scheme used here is +the same. +<li>This will also be the uplink router for your bridged network, so we +will use IP address 192.168.1.1 to match the DHCP server configuration. +<li>We will not cover the uplink, routing or firewalling configuration +here.</li> +</ul> + +<p>First mark vr1, vr2 and vr3 as up: + +<blockquote><pre> +$ <b>cat /etc/hostname.vr1</b> +up +$ <b>cat /etc/hostname.vr2</b> +up +$ <b>cat /etc/hostname.vr3</b> +up +</pre></blockquote> + +<p> +Then create the vether0 configuration: + +<blockquote><pre> +$ <b>cat /etc/hostname.vether0</b> +inet 192.168.1.1 255.255.255.0 192.168.1.255 +up +</pre></blockquote> + +<p> +We configure the bridge interface to contain all the above +interfaces: + +<blockquote><pre> +$ <b>cat /etc/hostname.bridge0</b> +add vether0 +add vr1 +add vr2 +add vr3 +up +</pre></blockquote> + +<p> +And finally we make dhcpd(8) listen on the vether0 interface: + +<blockquote><pre> +$ <b>grep ^dhcpd_flags= /etc/rc.conf.local</b> +dhcpd_flags="vether0" +</pre></blockquote> + +<p> +Reboot and voilà! <p> <h3>Filtering on a bridge</h3> -- Jeremie Le Hen Scientists say the world is made up of Protons, Neutrons and Electrons. They forgot to mention Morons.
