Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 May 2016 11:13:28 -0600
From:      John Nielsen <lists@jnielsen.net>
To:        Aqz <poczta@aquaz.eu>
Cc:        freebsd-net@freebsd.org
Subject:   Re: Bridge interface and ARP traffic
Message-ID:  <9746AF3A-3440-4277-9D25-E78B04A35A6D@jnielsen.net>
In-Reply-To: <CACz0%2BRFx7jq%2BDVSwvPUdnHH0UkomYsCgpYqNr%2BRrF6iZNuXA8Q@mail.gmail.com>
References:  <CACz0%2BRFx7jq%2BDVSwvPUdnHH0UkomYsCgpYqNr%2BRrF6iZNuXA8Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
> On May 20, 2016, at 12:30 AM, Aqz <poczta@aquaz.eu> wrote:
>=20
> Hello,
>=20
> I have a very strange issue with passing ARP traffic through bridge
> interface.
> I'm using FreeBSD 10.3-REL VMWare virtual machine as bridge between =
two
> networks using the same IP address space. Bridge interface doesn't =
have IP
> address assigned so it acts more like a switch between those two =
virtual
> networks - let's call them NET and PUB.
> Gateway for our network is in NET vlan, all the virtual machines are =
in the
> PUB vlan.
>=20
> Traffic passes through this bridge, but there are few problems.
>=20
> I have to manually add static ARP table entries for gateway on all the
> machines in PUB network - I can see ARP broadcasts from machines =
asking
> where's the gateway, and the reply but only on one of bridged =
interfaces -
> the one from NET side. The response is not visible on bridge =
interface, nor
> the PUB vlan interface.
>=20
> Also, when I try to ping a machine that's in NET network from PUB =
network
> all network traffic suddenly stops, even when I'm pinging some =
nonexistent
> host. I have to use virtual console and ping for ex. DNS server, or =
any
> internet host to make traffic start again.
>=20
> I'm not sure what I'm doing wrong - I've been using a similar =
configuration
> before (with physical machines).
>=20
> Here's my ifconfig output http://aquaz.eu/bridgeifconfig.txt

The first thing to check is the hypervisor. Do you have your VM =
configured to allow the NICs to use promiscuous mode? Is there any kind =
of IP/MAC matching or filtering going on?

Next thing to check is firewall in the VM. Is IPFW or PF enabled? What =
is the output of "sysctl net.link.bridge" ?

The ping problems are definitely weird, not sure what to think about =
that.

JN=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9746AF3A-3440-4277-9D25-E78B04A35A6D>