> Where can we read your original post? It apparently was not sent to this > list.
Here it is (was moderated because of attachment) : Hello, I this is not a problem with my shorewall configuration but strange logs that I'd like to understand, so sorry for being a little offtopic. I have setup a xen machine (debian lenny + shorewall 3.2) with bonding and vlans following the attached schema (or here : http://i39.tinypic.com/esstqc.png) As soon as I launch my first domU in vlan 2, I get a lot of traffic aimed at other machines (and not broadcast) that is dropped. I find it strange to receive all that junk, and wondered if someone could tell me why it happens ? Jun 18 18:41:22 axen3 kernel: [ 7430.003077] Shorewall:FORWARD:REJECT:IN=br2 OUT=br2 PHYSIN=bond0.2 PHYSOUT=vif2.0 SRC=172.20.0.1 DST=172.20.2.xyz LEN=152 TOS=0x00 PREC=0x00 TTL=255 ID=61701 PROTO=UDP SPT=63577 DPT=514 LEN=132 Interfaces : #ZONE INTERFACE BROADCAST OPTIONS net2 br2 net5 br5 net10 br10 Zones : net2 dmz2:net2 net5 dmz5:net5 net10 dmz10:net10 Hosts : dmz2 br2:$VLAN2_DOMU dmz5 br5:$VLAN5_DOMU dmz10 br10:$VLAN10_DOMU here a /etc/network/interface extract for br2 : iface br2 inet manual up ifconfig bond0.2 mtu 1492 bridge_ports bond0.2 bridge_fd 1 bridge_hello 1 bridge_stp off Would anyone have an idea about why this happens ? Is this something inherent to bridges I have not understood ? Or should I better look at the switches ? Regards, Mikael Kermorgant ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
