I am fighting against this, I can not believe no one can
point me to anything to work on.
Hello again,
I am still having the same issues trying to figure out how to set this scenario
up. Could you please help me with RSTP bridging? what am I missing?
Thanks, sincerely
Miguel Araujo
Hello everyone,
I have two machines with OBSD intalled on them. Both will be firewalls
filtrating traffic from a DMZ. I need to avoid single points of failure, so
the whole architecture is redundant. This is a simple diagram of
my architecture:
DMZ DMZ
| |
FW1 -------- --------FW2
| \ / |
| \/ |
switch1------ -------switch2
| |
----------------internal network
Both OBSD machines will be used as firewalls running PF. I am creating a
bridge in each firewall. Creating a /etc/bridgename.bridge0 that contains:
add vr0
add vr1
add msk0
stp vr0 #I'm pretty sure this is done by default
stp vr1
stp msk0
up
Both firewalls are connected to both switches. These are Dell 2816 with
RSTP activated on all ports. From time to time I get loops and traffic
raises and collapses my testing network bandwith. This points that Spanning
Tree is bad configured, but I don't know what I'm missing.
I don't know what to look for. brconfig shows bridges are running on rstp
and the interfaces are in learning mode. The rstp roles are automatically
set and look correct. On the other side, my Dell switches have rstp
activated.
Packet Filter is not activated yet. Any way to find out what is going
wrong here? pointer to good up to date how-tos on bridge firewalling?
Thanks, regards
Miguel Araujo
