Date: Mon, 30 May 2016 13:18:12 +0800 From: Julian Elischer <julian@freebsd.org> To: John Nielsen <lists@jnielsen.net>, Aqz <poczta@aquaz.eu> Cc: freebsd-net@freebsd.org Subject: Re: Bridge interface and ARP traffic Message-ID: <4fe99aa3-61b9-d670-9715-60fd83d4512c@freebsd.org> In-Reply-To: <9746AF3A-3440-4277-9D25-E78B04A35A6D@jnielsen.net> References: <CACz0%2BRFx7jq%2BDVSwvPUdnHH0UkomYsCgpYqNr%2BRrF6iZNuXA8Q@mail.gmail.com> <9746AF3A-3440-4277-9D25-E78B04A35A6D@jnielsen.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27/05/2016 1:13 AM, John Nielsen wrote: >> On May 20, 2016, at 12:30 AM, Aqz <poczta@aquaz.eu> wrote: >> >> Hello, >> >> I have a very strange issue with passing ARP traffic through bridge >> interface. >> I'm using FreeBSD 10.3-REL VMWare virtual machine as bridge between two >> networks using the same IP address space. Bridge interface doesn't have IP >> address assigned so it acts more like a switch between those two virtual >> networks - let's call them NET and PUB. >> Gateway for our network is in NET vlan, all the virtual machines are in the >> PUB vlan. >> >> Traffic passes through this bridge, but there are few problems. >> >> I have to manually add static ARP table entries for gateway on all the >> machines in PUB network - I can see ARP broadcasts from machines asking >> where's the gateway, and the reply but only on one of bridged interfaces - >> the one from NET side. The response is not visible on bridge interface, nor >> the PUB vlan interface. >> >> Also, when I try to ping a machine that's in NET network from PUB network >> all network traffic suddenly stops, even when I'm pinging some nonexistent >> host. I have to use virtual console and ping for ex. DNS server, or any >> internet host to make traffic start again. >> >> I'm not sure what I'm doing wrong - I've been using a similar configuration >> before (with physical machines). >> >> Here's my ifconfig output http://aquaz.eu/bridgeifconfig.txt > The first thing to check is the hypervisor. Do you have your VM configured to allow the NICs to use promiscuous mode? Is there any kind of IP/MAC matching or filtering going on? > > Next thing to check is firewall in the VM. Is IPFW or PF enabled? What is the output of "sysctl net.link.bridge" ? > > The ping problems are definitely weird, not sure what to think about that. try the netgraph bridge for a comparison there is a sample implementation in /usr/share/examples/netgraph I think under virtual.lan > > JN > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4fe99aa3-61b9-d670-9715-60fd83d4512c>