Re: [SLUG] Bridging/network on PearPC

[O Plameras]

Hi Phil,
1.  In my linux-bridge at home, my routing table is as follows:
[EMAIL PROTECTED] route
Kernel IP routing table
Destination     Gateway         Genmask      Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U         0         
0        0   br0
default         192.168.1.100   0.0.0.0          UG      0          
0       0   br0

I activate the above route manually.
Ideally, there should be no routing table on the linux-bridge to do its
bridging tasks.  There is no need.
The reason why I have one is because I want to connect to other
networks whilst working on this linux-bridge.  But once I complete
my work I disable the routing table for security reasons.  But that
means I can only login from the console.
However, if there is a requirement for anyone to connect from a
remote machine then the route table has to be configured automatically
on boot.
Of course, this is done thru /etc/sysconfig/network-scripts/ifcfg-br0, etc.
2.  My bridge shows:
[EMAIL PROTECTED] ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.001060a7dd45       yes             bnep0
                                                                            
bnep1
                                                                      
     eth0
                                                                       
    eth1
                                                                       
    eth2

3. My bridge interface config:
/etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0
BOOTPROTO=static
IPADDR=192.168.1.10 (optionally IPADDR=0.0.0.0)
NETMASK=255.255.255.0
ONBOOT=yes
TYPE=Ethernet
4.  A sample interface config, i.e. eth0:
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
BRIDGE=br0
IPADDR=0.0.0.0
NETMASK=255.0.0.0
ONBOOT=yes
TYPE=Ethernet
HWADDR=00:50:8B:FE:B3:D9
5.  Other interfaces config:
/etc/sysconfig/network-scripts/ifcfg-eth1 (second ether)
/etc/sysconfig/network-scripts/ifcfg-eth2 (third ether)
/etc/sysconfig/network-scripts/ifcfg-bnep0 (first wireless bluez)
/etc/sysconfig/network-scripts/ifcfg-bnep1 (second wireless bluez)
Optionally, I can have a number of  additional interfaces here,
e.g. 802.11s.
6.  By configuring interfaces as above, one automates the bridging and
activation of the interfaces. There is no need to do the procedure
that you do manually. This will be done by the '/etc/init.d/network'
script. I am using FedoraCore 3. I have used the same methods for
FedoraCore 2.
7.  My interfaces are as follows:
[EMAIL PROTECTED] ~]# ifconfig -a | more
bnep0     Link encap:Ethernet  HWaddr 00:10:60:A7:DD:45
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:8 errors:0 dropped:0 overruns:0 frame:0
         TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:428 (428.0 b)  TX bytes:830 (830.0 b)
bnep1     Link encap:Ethernet  HWaddr 00:10:60:A7:DD:45
         BROADCAST MULTICAST  MTU:1500  Metric:1
         RX packets:163 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:6271 (6.1 KiB)  TX bytes:0 (0.0 b)
br0       Link encap:Ethernet  HWaddr 00:10:60:A7:DD:45
         inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:89946 errors:0 dropped:0 overruns:0 frame:0
         TX packets:43049 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:31360667 (29.9 MiB)  TX bytes:4987737 (4.7 MiB)
eth0      Link encap:Ethernet  HWaddr 00:50:8B:FE:B3:D9
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:399911 errors:0 dropped:0 overruns:0 frame:0
         TX packets:427279 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:332791445 (317.3 MiB)  TX bytes:65780888 (62.7 MiB)
eth1      Link encap:Ethernet  HWaddr 00:A0:CC:51:67:7D
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:326444 errors:1 dropped:0 overruns:0 frame:0
         TX packets:443250 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:54448251 (51.9 MiB)  TX bytes:277625591 (264.7 MiB)
         Interrupt:11 Base address:0xa000
eth2      Link encap:Ethernet  HWaddr 00:10:5A:67:F2:A1
         BROADCAST MULTICAST  MTU:1500  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
         Interrupt:5 Base address:0x1400
lo        Link encap:Local Loopback
         LOOPBACK  MTU:16436  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
I hope this info is useful.
O Plameras
Phil Scarratt wrote:
Peter Rundle wrote:
 brctl addbr br0
 brctl stp br0 off
 brctl addif br0 eth0
 brctl addif br0 eth1
 ifconfig eth0 down
 ifconfig eth1 down
 ifconfig eth0 0.0.0.0 up
 ifconfig eth1 0.0.0.0 up
 echo 1 >/proc/sys/net/ipv4/ip_forward
 ifconfig br0 192.168.0.254 up

I've just setup bridging for a VPN using the same process as above and 
have found that if I put the steps in a script (FC1) it doesn't work. 
IE you get a situation like the following (I've removed the Metric and 
Ref columns for wrapping purposes):

Main routing table directly after running script:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Iface
192.168.100.0   *               255.255.255.0   U     br0
192.168.100.0   *               255.255.255.0   U     eth1
10.0.0.0        *               255.0.0.0       U     eth0
127.0.0.0       *               255.0.0.0       U     lo
default         10.1.1.3        0.0.0.0         UG    eth0
Main routing table 10 or so seconds later:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Iface
192.168.100.0   *               255.255.255.0   U     eth1
192.168.100.0   *               255.255.255.0   U     eth1
10.0.0.0        *               255.0.0.0       U     eth0
127.0.0.0       *               255.0.0.0       U     lo
default         10.1.1.3        0.0.0.0         UG    eth0
Which then of course screws it all right up and doesn't work. I have 
absolutely no idea why - still looking. If I type out the individual 
commands in the script by hand it works fine, and I end up with:

Destination     Gateway         Genmask         Flags Iface
192.168.100.0   *               255.255.255.0   U     br0
10.0.0.0        *               255.0.0.0       U     eth0
127.0.0.0       *               255.0.0.0       U     lo
default         10.1.1.3        0.0.0.0         UG    eth0
I've even tried putting a sleep 2 (5 and 10 as well) between the last 
two lines (ie bringing eth1 up with 0.0.0.0 promisc and bringing br0 
up) and it doesn't help I get:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Iface
192.168.100.0   *               255.255.255.0   U     eth1
192.168.100.0   *               255.255.255.0   U     br0
10.0.0.0        *               255.0.0.0       U     eth0
127.0.0.0       *               255.0.0.0       U     lo
default         10.1.1.3        0.0.0.0         UG    eth0
And it still doesn't work. No idea but it only just happened last 
thing yesterday so still looking around for a cause/fix. I know this 
doesn't really deal with the original problem, but couldn't help 
commenting.

Fil

--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html