bridge with access on both interfaces

• Previous message: Darcy Buskermolen: "Re: ipfw/natd/3 nic"
• Next in thread: Michael W. Oliver: "Re: bridge with access on both interfaces"
• Reply: Michael W. Oliver: "Re: bridge with access on both interfaces"
• Reply: Robert Watson: "Re: bridge with access on both interfaces"
• Reply: Bruce A. Mah: "Re: bridge with access on both interfaces"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 24 Dec 2003 04:38:32 +1100 (EST)
To: freebsd-net@freebsd.org

Hello net crew,

We're new to bridges; please be gentle. 4.8-RELEASE box, 2 ed NICs,
test rig with 10-base coax. Bridging itself is working nicely.

Aim is for the box to bridge a 192.168.0.1 gateway (satellite down /
ISDN back proxy server black box) to a /24 of about a dozen mostly winXP
boxes, using IPFW to count and dis/enable bridged connections to gw. All
that's well along, but the firewall is just open so far while struggling
with inside/outside connectivity to/from the bridge box itself.

Assigning an address (.7) to the outside interface (ed0) works fine for
outside (gw side) access, but we also need this box accessible from the
inside, for ssh/webmin/web/mysql and a samba domain controller / file
server for the inside network. My coworker has that side well in hand.

What I can't get to is setting up both NICs for the same /24, using
either one or two separate addresses. I'd hoped to get away with one
IP, which some of the docs (and bridge.c, skimmed) led me to believe
that any local IPs of this host, on whatever of the bridged interfaces,
should provide unbridged local stack access - however if we need to have
'inside' and 'outside' IPs separately on each bridge interface, fine.

In short, ifconfig appears unwilling to have two NICs covering the same
/24. Can this be set up? I'm also at a bit of a loss with the routing,
so inside packets to the bridge box (ie unbridged packets) are responded
to on the same interface, and outside unbridged packets go only to/from
the gw. Some tcpdumps on both in and outside interfaces suggest an ARP
response problem also, perhaps; no responses on the inside iface at all.

I'm unsure if that's too little initial detail or too much?

Clues, anyone?

Ian

_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: Darcy Buskermolen: "Re: ipfw/natd/3 nic"
• Next in thread: Michael W. Oliver: "Re: bridge with access on both interfaces"
• Reply: Michael W. Oliver: "Re: bridge with access on both interfaces"
• Reply: Robert Watson: "Re: bridge with access on both interfaces"
• Reply: Bruce A. Mah: "Re: bridge with access on both interfaces"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]