Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 05 Feb 2001 21:31:53 +0900
From:      Masachika ISHIZUKA <ishizuka@ish.org>
To:        freebsd-net@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject:   Re: BRIDGE breaks ARP?
Message-ID:  <20010205213153T.ishizuka@onion.ish.org>
In-Reply-To: <200102051155.f15Bt0p20537@iguana.aciri.org>
References:  <20010205170801Q.ishizuka@onion.ish.org> <200102051155.f15Bt0p20537@iguana.aciri.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
>>   I cvsuped three hours ago and the same ARP troubles happened.
> 
> can you repeat exactly what the problem was (bridge machine not
> responding to ARP requests ?) and what is your exact setup (i
> am interested in ipfw config, and the following sysctl vars:
> 
> 	net.link.ether.bridge
> 	net.link.ether.bridge_ipfw
> 	net.link.ether.bridge_cfg

  The problem is that the bridge machine can not communicate any
other machines unless net.link.ether.bridge=0. That is no response
from/to any other machines to ping command.
  sysctl variables are shown bellow.

net.link.ether.bridge=1
net.link.ether.bridge_ipfw=1
net.inet.ip.dummynet.expire=0
net.link.ether.bridge_cfg=fxp0:1,fxp1:1

  And ipfw setup is shown as follows.

ip="My IP address"
net="My network address"
ipfw add pass all from any to any via lo0
ipfw add deny all from any to 127.0.0.0/8
ipfw add pass ospf from ${net} to any bridged
ipfw add pass all from ${net} to ${net}
ipfw pipe  1 config mask dst-ip 0xffffffff buckets 1024
ipfw pipe  2 config mask src-ip 0xffffffff buckets 1024
ipfw add pipe  1 all from any to any bridged via fxp0 in
ipfw add pipe  2 all from any to any bridged via fxp1 in
ipfw add pass icmp from any to any
ipfw add pass tcp from any to any established
ipfw add pass tcp from any to ${ip} 53,110,113 setup
ipfw add pass tcp from ${ip} to any setup
ipfw add pass udp from any to ${ip} 33434-33500 #traceroute
ipfw add pass udp from ${ip} to any 33434-33500 #traceroute
ipfw add deny log all from any to ${ip}

-- 
ishizuka@ish.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010205213153T.ishizuka>