From owner-freebsd-questions Thu Jan 2 7:16:15 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3C53437B401 for ; Thu, 2 Jan 2003 07:16:13 -0800 (PST) Received: from snowflake.hexanet.fr (snowflake.hexanet.fr [81.23.32.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8E18543EA9 for ; Thu, 2 Jan 2003 07:16:12 -0800 (PST) (envelope-from y.grossel@hexanet.fr) Received: from snowflake (snowflake [127.0.0.1]) by snowflake.hexanet.fr (Postfix) with SMTP id 8703511E9; Thu, 2 Jan 2003 16:16:11 +0100 (CET) Date: Thu, 2 Jan 2003 16:16:11 +0100 From: =?ISO-8859-1?Q?=E9=E9?= Yann GROSSEL =?ISO-8859-1?Q?=E9=E9=E9?= To: "Bill Moran" Cc: freebsd-questions@freebsd.org Subject: Re: promiscuous mode / strange ethernet packets duplication problem Message-Id: <20030102161611.353d1fd1.y.grossel@hexanet.fr> In-Reply-To: References: Organization: Hexanet X-Mailer: Sylpheed version 0.8.8 (GTK+ 1.2.10; i386-debian-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 02 Jan 2003 09:42:13 -0500 "Bill Moran" wrote: > >Gateways are designed to forward packets from network to network. If a > >machine wants to send a packet to a remote network, it will send that > >packet to the gateway by putting the gateway interface MAC address in > >the destination field of the ethernet packet. The gateway will know > >that it must forward the packet because of that. And it will know where > >to forward the packet by looking to the destination IP address field of > >the packet. > > > >Here the machines are "forwarding" ethernet packets with a destination > >MAC address field set to ANOTHER machine of our network. In other > >words, these packets are NOT targetted to the "gateways", neither from > >their MAC address destination field nor from their IP address > >destination field. > > > >So why are these packets "forwarded" ? > > Well, this is getting into internals that are a little beyond me, but I > would say that it's because forwarding occurs at the IP level. You > seem to be confusing the behaviour your expecting with a bridge, which > forwards at the MAC level. I'd bet the kernel logic that handles > forwarding knows nothing about MAC addresses (based on the network stack > model) and thus can't make decisions based on them. I think it can't be so. If a gateway's kernel doesn't look at the destination MAC address of ethernet packets before forwarding them, a gateway on a network with hubs (and not switches) will try to forward ALL packets passing on the wire. > IP forwarding would have nothing to do with MAC addresses, if it did, > how could you forward across a PPP or serial link (or any other media > that doesn't have a MAC addy)? Well, I think in this case the packets to be forwarded are already "inside" the machine that have got the PPP or serial link when the forwarding occurs. So the kernel knows how to send them through the link, there is no MAC addresses involved. > Is there a reason that forwarding should be on for these machines? Some of the machines were not gateways, so we turned of forwading off on them after we noticed the problem. Doing so reduced the amount of "flood". However other machines are true gateways to other networks so we can't turn forwading off on these. Regards Yann PS: someone is posting right now in the freebsd-net@freebsd.org ML a problem that look very much like mine ("Routing and Zebra") -- Yann GROSSEL Email: y.grossel@hexanet.fr HEXANET NOC URL: http://www.hexanet.fr/ Tel: +33 (0)3 26 79 30 05 Fax: +33 (0)3 26 79 30 06 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message