[4.10-R]Getting A Particular BRIDGE Setup Working

From: The Jetman (jetman_at_mycbc.com)
Date: 02/05/05

  • Next message: Julian Elischer: "Re: Netgraph performance question" 
    To: "FreeBSD Net" <freebsd-net@freebsd.org>
Date: Fri, 4 Feb 2005 19:31:50 -0500

    I've made a nbr of BRIDGE boxes w/ various revs of FBSD, but I always
    get stuck w/ one configuration. Currently, I have a firewall/gateway
    box (also FBSD) which connects to the 'Net via a DSL modem. If I place
    my BRIDGE on the exterior leg (bet the gateway and the DSL modem), it
    works perfectly. That is, traffic passes thru the BRIDGE as expected.
    Unfortunately, I can't get detailed traffic stats, since the internal
    workstations'traffic have been NAT'd into a single traffic stream by
    the firewall. FWIW, I use two IP-less Ethernet cards for the BRIDGE
    itself and another Ethernet w/ an IP, plugged into my switch, to control
    the BRIDGE box itself and to look at the traffic stats. BTW, the traffic
    stats app (NTOP) works perfectly, under this arrangement.

    The problem manifests itself if I connect the BRIDGE box to the
    interior Ethernet leg of the firewall/gateway, thereby connecting it
    to the switch, along w/ the BRIDGE's control port. The BRIDGE fails and
    I always get spurious error messages from ARP, indicating one of my
    IP-less Ethernet cards is using the IP address of my control port. If I
    lose the control port (disconnect it), the BRIDGE works fine, but I can't
    see any traffic stats, the principal purpose of the BRIDGE.

    Is there a SYSCTL variable to control this behavior or perhaps something
    else I'm not aware of ? TIA. Later....Jet

    =============== From the desk of Jethro Wright, III ================
    + Beer is proof that God loves us and wants us to be happy. -
    === jetman516 at hotmail.com =============== Benjamin Franklin ===

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Julian Elischer: "Re: Netgraph performance question"