Re: [Shorewall-users] VLAN martians

Thu, 25 Nov 2010 11:28:16 -0800 

On 11/25/10 11:11 AM, Stephen Brown wrote:
> I'm playing around with VLAN's and I have a VLAN capable (layer 2) smart 
> switch. I see a steady stream of martians in the logfile if I have the 
> routefilter option set on the loc zone interfaces in 
> /etc/shorewall/interfaces. I have two interfaces in the loc zone, eth1 
> and vlan2 respectively. vlan2 is an 802.1q trunk going towards the switch.
> 
> Is this the expected behavior in this configuration? I just want to make 
> sure Im not missing anything because I've seen some weird stuff happening.
> 
> Here's my /etc/shorewall/interfaces:
> 
> #ZONE    INTERFACE    BROADCAST    OPTIONS
> net     eth0    detect          tcpflags,nosmurfs,routefilter,logmartians
> loc     eth1    detect          dhcp,tcpflags,nosmurfs,logmartians
> loc    vlan2    detect        dhcp,tcpflags,nosmurfs,logmartians
> 
> And /etc/network/interfaces:
> 
> # eth1 - local lan segment (gigabit)
> auto eth1
> iface eth1 inet static
> address 10.5.1.1
> netmask 255.255.255.0
> 
> # VLAN 2 - VoIP network
> auto vlan2
> iface vlan2 inet static
> address 10.5.10.1
> netmask 255.255.255.0
> vlan_raw_device eth1
> 
> I just want to make sure my approach is right with this configuration... 
> my end goal is to contain my VoIP network in VLAN2. So far it works, but 
> still a few anomalies.....

Let's be clear -- Martians have nothing to do with Shorewall and
everything to do with routing. So ignore Shorewall for now and fix your
network configuration.

If you forward:

a) The output of 'shorewall show routing'; and
b) A copy of the martian messages that you are seeing

then we may be able to help.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Increase Visibility of Your 3D Game App & Earn a Chance To Win $500!
Tap into the largest installed PC base & get more eyes on your game by
optimizing for Intel(R) Graphics Technology. Get started today with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
http://p.sf.net/sfu/intelisp-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to