Date: Mon, 3 Jul 2000 15:45:05 -0500 From: Dan Nelson <dnelson@emsphone.com> To: Nick Evans <nevans@nextvenue.com>, freebsd-hackers@freebsd.org Subject: Re: BPF and Promiscuous Mode Message-ID: <20000703154505.A4860@dan.emsphone.com> In-Reply-To: <712384017032D411AD7B0001023D799B07C931@SN1EXCHMBX>; from "Nick Evans" on Mon Jul 3 16:10:42 GMT 2000 References: <712384017032D411AD7B0001023D799B07C931@SN1EXCHMBX>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Jul 03), Nick Evans said:
> I'm trying to use IPFilter's copying functions to make a load
> balancer, I have traffic being mirrored from a router to one
> interface on the BSD box, and for some reason the only time netstat
> reports any traffic on that interface is when tcpdump or some other
> program that utilizes BPF is running. I have a feeling that this is
> why I cannot get the packet copying functionality of IPFilter to
> work. I guess there is no similar way as in Linux (ifconfig <int>
> PROMISC) to turn BPF on permanently?
So you have:
[ router ]
|
|
[ BSD box ]
| |
| |
[ web ] [ web ]
[server] [server]
? You'll probably want either routing or bridging enabled on the BSD
box, to handle any DNS lookups or other activity the web servers will
be doing, and with either of those enabled, ipfilter should be able to
process the packets. I've never used ipfilter myself, though, so I
can't say whether this will definitely work or not.
--
Dan Nelson
dnelson@emsphone.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000703154505.A4860>