From owner-freebsd-stable Tue Oct 31 17:39:10 2000 Delivered-To: freebsd-stable@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id 353E537B479 for ; Tue, 31 Oct 2000 17:39:06 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id RAA03327; Tue, 31 Oct 2000 17:39:05 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.11.0/8.11.0) id eA11d4l52088; Tue, 31 Oct 2000 17:39:04 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200011010139.eA11d4l52088@curve.dellroad.org> Subject: Re: spontaneous reboot with bridging and firewalling two dc NICs In-Reply-To: <005301c04288$568c61c0$c70b200a@FairIsaac.com> "from Thomas T. Veldhouse at Oct 30, 2000 09:44:48 am" To: "Thomas T. Veldhouse" Date: Tue, 31 Oct 2000 17:39:04 -0800 (PST) Cc: freebsd-stable@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thomas T. Veldhouse writes: > Yesterday I emailed the list asking if it was possible to use two dc cards > for bridging. I am excited to say that it worked. I was trying to utilize > my 4 IP addresses behind my firewall. This leads to the problem that this > email is about. > > I did some test downloads from various sites to get some not so scientific > benchmarks and then I ran nmap against my newly exposed PCs to make sure > that my LAN is still secure. During these trials, my PC doing the bridging > spontaneously rebooted 3 times. Always during network usage. Nothing at > all was appended to the logs. I noticed this problem about 6 months ago > when I tried it with two ISA ed based cards. At the time I attributed it to > the driver, but now I can surmise that it is the bridging code, perhaps only > in combination with ipfw functionality. > > Unfortunately, this is my primary gateway and firewall, and I can not afford > to experiment with this box - so I had to go back to my old NAT setup. > > Does anybody have any suggestions? Is there any documentation on how I > might use proxy ARP to get the same affect (I have four public IP addresses > and I want one or two for the firewall box and the other two on my LAN). You might check out ng_bridge(4) and /usr/share/examples/netgraph/ether.bridge. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message