From owner-freebsd-questions  Thu Mar 30 14:31:15 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207])
	by hub.freebsd.org (Postfix) with ESMTP id D736937B95C
	for <freebsd-questions@FreeBSD.ORG>; Thu, 30 Mar 2000 14:31:09 -0800 (PST)
	(envelope-from cjc@cc942873-a.ewndsr1.nj.home.com)
Received: (from cjc@localhost)
	by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id RAA21144;
	Thu, 30 Mar 2000 17:30:21 -0500 (EST)
	(envelope-from cjc)
Date: Thu, 30 Mar 2000 17:30:21 -0500
From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com>
To: Julian Zottl <julianz@vsl.cua.edu>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Netmask problems...
Message-ID: <20000330173021.B20341@cc942873-a.ewndsr1.nj.home.com>
Reply-To: cjclark@home.com
References: <20000330010101.F17852@cc942873-a.ewndsr1.nj.home.com> <Pine.BSF.4.10.10003301356520.31646-100000@gateway.vsl.cua.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <Pine.BSF.4.10.10003301356520.31646-100000@gateway.vsl.cua.edu>; from julianz@vsl.cua.edu on Thu, Mar 30, 2000 at 02:18:55PM -0500
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, Mar 30, 2000 at 02:18:55PM -0500, Julian Zottl wrote:
> > Julian, Julian, Julian. We've been throught this. Trying to do routing
> > between different physical subnets that are one logical subnet is not
> > a good thing. For the above, you would want to do bridging, not
> > routing.
> > There are other options like using a RFC1918 address space on
> > one subnet if you really like to route.
> Hey Crist :)  Didn't want to e-mail you right out :)  This is actually for
> a different project (not the lab), so that is why I had to ask.  Reading
> the man pages for bridging, I see I need to set net.link.ether.bridge and
> net.link.ether.bridge_ipfw to 1, correct?

Only if you are going to run ipfw too do you need the second.

> So I just put these into my rc.conf

No. Do not put commands in rc.conf[0]. Personally, I have put bridging
commands in rc.local. Another good place is in /usr/local/etc/rc.d.

>  and compile a new kernel with "options BRIDGE" and all is well?

Yes. Also note that the bridge(4) manpage mentions how you need to
have the default rule be "allow." This implies the additional kernel
option,

options         IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default


[0] It's not just for asthetic reasons. There is no guarantee that
rc.conf is only loaded once during boot. rc.conf is also regularly
used in multiuser mode, e.g. periodic(8) references it.
-- 
Crist J. Clark                           cjclark@home.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message