Date: Wed, 18 Aug 1999 08:08:46 +0200 (CEST) From: Ludo Koren <ludo_koren@tempest.sk> To: norman@nttmcl.com Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: ipfw + bridging: fwd rule enacted but no effect Message-ID: <199908180608.IAA57956@t47.tempest.sk> In-Reply-To: <Pine.GSO.3.95LJ1.1b4.990817164514.27565B-100000@alicia.nttmcl.com> (message from Norman Nie on Tue, 17 Aug 1999 16:46:15 -0700 (PDT))
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm having problems with ipfw fwd + bridging. Please help! > My setup is: > [A]-----[fxp0:D:fxp1]-----[C] fxp2 ---- | | [B] > D is the box that runs ipfw + bridging. > My rule is very simple: > 100 fwd B log all from A to C last rule allow from any to any > Ideally , it should redirect any packets from A to C and emit > them out on interface fxp2 (linked to B). And those packets > are to be dropped dead on B. > What happened is that logging messages indicate that rule 100 > were envoked but with no effect. One can still ping from A to > C. > IPFW with no bridging (ie. machine B acting as a router) works > fine. > Bridging alone works fine. > But when combining ipfw + bridging, the fwd command doesn't > work. > Any one has the same problem before? > Also, I assume when doing bridging, I don't need to config the > routing table in machine B. Is this correct? Several days ago I sent similar question with no answer. After looking into the source code I realized this feature is not implemented. I spoke about it with Luigi Rizzo who has implemented the bridging stuff. He suggested that it's not appropriate for bridging as such. It should be done in `higher level'. But the problem is you need configuration as a gateway. Basically, I was convinced to implement it, but now I am considering if the solution is technically correct (e.g. I will not get troubles if the load on bridge will be high). ludo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908180608.IAA57956>