bridge problem
[EMAIL PROTECTED] /usr/local]# ifconfig bridge0 bridge0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 ether 5a:43:ed:13:ec:84 priority 32768 hellotime 2 fwddelay 15 maxage 20 [EMAIL PROTECTED] /usr/local]# ifconfig tap4 tap4: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet6 fe80::2bd:5eff:fe91:b704%tap4 prefixlen 64 scopeid 0x5 ether 00:bd:5e:91:b7:04 [EMAIL PROTECTED] /usr/local]# ifconfig bridge0 up [EMAIL PROTECTED] /usr/local]# ifconfig bridge0 addm tap4 ifconfig: BRDGADD tap4: Invalid argument why it can't add tap4 (or anything else - i tried) to the bridge ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Bridge problem and replies with bad MAC Adress [5.3R]
Hi, I'm trying to set up a bridge on FBSD 5.3-RELEASE with Generic kernel. I want to bridge re0 and xl0, so I've done this: sysctl net.link.ether.bridge.config=re0,xl0 sysctl net.link.ether.bridge.enable=1 re0 has IP adress set while xl0 do not. Both of these interfaces has Windows XP computers with DHCP enabled. DHCP is served by FreeBSD host, and works just fine for both segments. Connectivity between segments is also fine. Ping from a host on xl0 segment to re0 segment, and vice versa, is successful. However, while host on re0 segment can communicate with FreeBSD host, hosts on xl0 segment cannot. Interface setup: re0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 options=1bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING inet6 fe80::209:5bff:fee1:219%re0 prefixlen 64 scopeid 0x1 inet 10.0.8.46 netmask 0xfff0 broadcast 10.0.8.47 ether 00:09:5b:e1:02:19 media: Ethernet autoselect (1000baseTX full-duplex) status: active xl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 options=9RXCSUM,VLAN_MTU inet6 fe80::201:2ff:fefa:8431%xl0 prefixlen 64 scopeid 0x2 ether 00:01:02:fa:84:31 media: Ethernet autoselect (100baseTX full-duplex) status: active Test host (flugan) on xl0 segment with IP 10.0.8.34 (MAC 00:06:5b:d4:bc:6d) pings FreeBSD host: # tcpdump -eni xl0 23:00:04.356411 00:06:5b:d4:bc:6d ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: arp who-has 10.0.8.46 tell 10.0.8.34 23:00:04.356457 00:01:02:fa:84:31 00:06:5b:d4:bc:6d, ethertype ARP (0x0806), length 42: arp reply 10.0.8.46 is-at 00:01:02:fa:84:31 23:00:04.356675 00:06:5b:d4:bc:6d 00:01:02:fa:84:31, ethertype IPv4 (0x0800), length 74: IP 10.0.8.34 10.0.8.46: icmp 40: echo request seq 12800 23:00:04.356727 00:09:5b:e1:02:19 00:06:5b:d4:bc:6d, ethertype IPv4 (0x0800), length 74: IP 10.0.8.46 10.0.8.34: icmp 40: echo reply seq 12800 23:00:09.428029 00:06:5b:d4:bc:6d 00:01:02:fa:84:31, ethertype IPv4 (0x0800), length 74: IP 10.0.8.34 10.0.8.46: icmp 40: echo request seq 13056 23:00:09.428089 00:09:5b:e1:02:19 00:06:5b:d4:bc:6d, ethertype IPv4 (0x0800), length 74: IP 10.0.8.46 10.0.8.34: icmp 40: echo reply seq 13056 # arp -a wintendo.realworld.kanin (10.0.8.33) at 00:0f:b5:06:67:1f on re0 [ethernet] flugan.realworld.kanin (10.0.8.34) at 00:06:5b:d4:bc:6d on re0 [ethernet] studsboll.realworld.kanin (10.0.8.46) at 00:09:5b:e1:02:19 on re0 permanent [ethernet] I think this is the problem. When flugan (actually connected on xl0 segment) requests MAC address for 10.0.8.46 (FreeBSD interface re0), FreeBSD host replies with the MAC address for the xl0 interface. Altough, when flugan pings FreeBSD host, using the MAC address just received, FreeBSD host replies using MAC adress of re0 (far side). I guess the result of this is that the Windows Workstation on xl0 segment thinks the packet is garbage and discards it. Maybe. Maybe I've missed something important in my configuration? If this is a kernel or bridge.ko bug I guess you would know about it already. Please advice, Thanks. -- Rickard .--..--. .. | || | .-. | Rickard Borgmäster | | || |/ / | [EMAIL PROTECTED] | .-^ | .--. | | http://doktorn.sub.nu/ | ( o | ( () ) | |\ \ `' `-' `--' `--' `--' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re[2]: Bridge problem
Hello Bjorn, Monday, January 19, 2004, 11:05:49 PM, you wrote: I have a three ethernet adapter and need to bridge two of them (like an Ethernet switch but with firewall) But i have a some problem... When i enter # sysctl net.link.ether.bridge_cfg=lnc0:0,lnc1:0 i saw next: now lnc0 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc0 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc1 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc1 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc2 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc2 promisc ON if_flags 0x8943 bdg_flags 0x5 What is it means? When i try ping from net1 to net2 that's don't work... Please help, give me advice BE It means that the network cards are entering promiscous mode, which in BE turn means it will pick all packets that passes its physical layer and BE then the bridge code will forward it to the other interface. _however_ BE lnc2 should not enter promiscous mode if its not a part of the bridge? BE Post what version you're using and the rest of your sysctl statements for BE the bridge, also is it the kernel module or compiled in kernel? BE (Maybe you'll have more luck with this in the freebsd-net list?) BE hth, BE Bjorn BE ___ BE [EMAIL PROTECTED] mailing list BE http://lists.freebsd.org/mailman/listinfo/freebsd-questions BE To unsubscribe, send any mail to BE [EMAIL PROTECTED] Hello! I was know about this list from article How to get best results from the FreeBSD-questions mailing list which i find on my freeBSD 4.5 RELISE CD, but i don't know about freebsd-net list... Please tell how i can subscribe to it. About bridgin - now it work, i think my misstake was what i'm configure all ethernet adapter... But it worck only if computer in one subnet ,like 192.168.1.2---192.168.1.1---192.168.1.3 win98FreeBSD win98 bridge firewall And it is necessary to me setup freebsd like: 192.168.1.2-21-192.168.1.1-192.168.2.2-5 net1 192.168.2.1net2 (20 comp.FreeBSD(4 comp. win98) firewallwin98/XP) computers from net2 must access net1 shared I was try to forwart all packet from net1 to net2 and from net 2 to net 1 but when i ping a computer it recive packet with field 'from' 192.168.1.255 and it's don't work... I was try to start routed and setup route table, but still don't work... So, maybe, you can tell me how i must to do that correct... Or, maybe, any link with article or howto's... I will be very grateful! -- Best regards, Alexmailto:[EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Bridge problem
Hello All, I have a three ethernet adapter and need to bridge two of them (like an Ethernet switch but with firewall) But i have a some problem... When i enter # sysctl net.link.ether.bridge_cfg=lnc0:0,lnc1:0 i saw next: now lnc0 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc0 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc1 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc1 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc2 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc2 promisc ON if_flags 0x8943 bdg_flags 0x5 What is it means? When i try ping from net1 to net2 that's don't work... Please help, give me advice -- Best regards, Alex mailto:[EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Bridge problem
I have a three ethernet adapter and need to bridge two of them (like an Ethernet switch but with firewall) But i have a some problem... When i enter # sysctl net.link.ether.bridge_cfg=lnc0:0,lnc1:0 i saw next: now lnc0 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc0 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc1 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc1 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc2 promisc ON if_flags 0x8943 bdg_flags 0x5 now lnc2 promisc ON if_flags 0x8943 bdg_flags 0x5 What is it means? When i try ping from net1 to net2 that's don't work... Please help, give me advice It means that the network cards are entering promiscous mode, which in turn means it will pick all packets that passes its physical layer and then the bridge code will forward it to the other interface. _however_ lnc2 should not enter promiscous mode if its not a part of the bridge? Post what version you're using and the rest of your sysctl statements for the bridge, also is it the kernel module or compiled in kernel? (Maybe you'll have more luck with this in the freebsd-net list?) hth, Bjorn ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Bridge problem
Hi all, I have one old p166-box running 5.0 and an athlon. I am trying to let the athlon connect to the net through a bridge on the p166. I have a 100 mbit socket in the wall at my room which is at a student's house. The dhcp servers assignes 10.10.X.X adresses, and the internet connection is set up with a tunnel (vpn/mpd) against a gateway server. The athlon also runs MS Windows with netbeui and ipx/spx which is why I want the Freebsd-machine to work as a bridge and not as a router. Everything works fine, except my two machines cannot contact one another at the dhcp-assigned 10.10-adresses. Pinging simply times out. I get contact using the internet adresses through the internet connection tunnels, but linking up through the vpn gateway is ten times slower than what a direct connection should be. Setting up smb/nfs-shares through such a tunnel is also unpractical. I have two realtek-cards and one 3com card using the xl driver and I have tried different combinations of setups with no difference. I have used the athlon as a bridge with MS windows, and it worked perfectly. the handbook section 19.4.6 says it is a bad idea to assign both interfaces an address prior to bridging them. I could by a switch, but it costs money. I could use the athlon as a bridge, but I don't want the uptime of the p166 to depend on the athlon. I suspect this might be a routing issue, and I have played around abit with adding a route with the athlon-10.10.-ip pointing to the network card connected to it (rl0) with no luck. I have also tried to add routes on the athlon. I've tried assiging rl0 the ip adress it usually gets from the dhcp-server, which is based on its mac-adress, 10.10.75.180, prior to issuing the bridging command. Below is the output of netstat -r and ifconfig. xl0 is connected to the plug in the wall, rl0 is connected to the athlon which gets an adress of 10.10.66.194 from dhcp. Pinging 10.10.75.180 from the athlon gives response with time1ms even though this adress does not appear anywhere in the freebsd-box. Any suggestions? Cheers, Are # netstat -r Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire defaultuib-gw3.uib.no UGSc13ng0 10 fantoft-gw.fantoft UGSc20xl0 10.10.64/20link#1 UC 10xl0 fantoft-gw.fantoft 00:10:2f:ef:c4:1c UHLW30xl0 1071 localhost localhost UH 00lo0 uib-gw3.uib.no tunnel-43-204.vpn. UH 20ng0 # ifconfig xl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 inet 10.10.74.177 netmask 0xf000 broadcast 10.10.79.255 ether 00:60:08:92:a5:68 media: Ethernet autoselect (100baseTX full-duplex) status: active rl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 ether 00:50:bf:e7:69:f1 media: Ethernet autoselect (100baseTX full-duplex) status: active lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet 127.0.0.1 netmask 0xff00 ng0: flags=88d1UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST mtu 1500 inet 129.177.43.204 -- 129.177.43.1 netmask 0x To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
