Date: Thu, 02 Jan 2003 11:06:23 -0500 From: "Bill Moran" <bill_moran2@hotmail.com> To: y.grossel@hexanet.fr Cc: freebsd-questions@freebsd.org Subject: Re: promiscuous mode / strange ethernet packets duplication problem Message-ID: <F12YRtnW6q34u2qfu2F0001f315@hotmail.com>
next in thread | raw e-mail | index | archive | help
>From: יי Yann GROSSEL ייי <y.grossel@hexanet.fr>
>On Thu, 02 Jan 2003 09:42:13 -0500
>"Bill Moran" <bill_moran2@hotmail.com> wrote:
> > >Gateways are designed to forward packets from network to network. If a
> > >machine wants to send a packet to a remote network, it will send that
> > >packet to the gateway by putting the gateway interface MAC address in
> > >the destination field of the ethernet packet. The gateway will know
> > >that it must forward the packet because of that. And it will know where
> > >to forward the packet by looking to the destination IP address field of
> > >the packet.
> > >
> > >Here the machines are "forwarding" ethernet packets with a destination
> > >MAC address field set to ANOTHER machine of our network. In other
> > >words, these packets are NOT targetted to the "gateways", neither from
> > >their MAC address destination field nor from their IP address
> > >destination field.
> > >
> > >So why are these packets "forwarded" ?
> >
> > Well, this is getting into internals that are a little beyond me, but I
> > would say that it's because forwarding occurs at the IP level. You
> > seem to be confusing the behaviour your expecting with a bridge, which
> > forwards at the MAC level. I'd bet the kernel logic that handles
> > forwarding knows nothing about MAC addresses (based on the network stack
> > model) and thus can't make decisions based on them.
>
>I think it can't be so. If a gateway's kernel doesn't look at the
>destination MAC address of ethernet packets before forwarding them,
>a gateway on a network with hubs (and not switches) will try to
>forward ALL packets passing on the wire.
Let me restate the fact that much of the exact answer to this is a little
over my head (I'm surprised that a guru hasn't responded with an exact
answer yet).
I still don't see how your logic could work. By definition, and IP
router can not be using MAC information. It's perfectly possible for
a FreeBSD machine to be a gateway and have NO interfaces that use MAC
addresses.
> > Is there a reason that forwarding should be on for these machines?
>
>Some of the machines were not gateways, so we turned of forwading off
>on them after we noticed the problem. Doing so reduced the amount of
>"flood".
That would be what I would expect.
>However other machines are true gateways to other networks so we can't
>turn forwading off on these.
Wow ... this must be a big network. I've never had need for very many
gateways on a single hub/switch (never more than 1 that I can remember)
Not knowing any of the details of your network, I can't say for sure,
but I will state this observation:
I have seen people blame FreeBSD for doing things when it was configured
improperly. Specifically, I have seen people with outrageous (and pretty
much incorrect) gateway/routing configs that blamed FreeBSD for the
instability of the network. The problem was solved when I altered the
network topology ... and ended up with a single gateway.
Obviously, this isn't always possible on very large networks, but I still
find it odd that you'd have more than 1 gateway on a particular hub/switch.
Are the gateway machines still causing the flood?
>PS: someone is posting right now in the freebsd-net@freebsd.org ML a
>problem that look very much like mine ("Routing and Zebra")
Please CC me if you find a solution, as I'm curious now ;)
-Bill
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F12YRtnW6q34u2qfu2F0001f315>