On Sun, Apr 09, 2006 at 01:10:21PM -0400, Jeff Quast wrote:
> On 4/9/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> > On Sat, Apr 08, 2006 at 01:04:33PM -0400, Jeff Quast wrote:
> > > I've been using openbsd+pf for a router for some time at a neighbor's
> > > house. The router has been upgraded and now has several NIC's.
> > >
> > > I'd like to use multiple interfaces with crossover cables instead of a
> > > single interface with a switch behind it for the internal network, how
> > > would this best be done? I attempted to bridge all of the internal
> > > interfaces, but I don't think this would do what I need it to, since a
> > > bridge can't have an IP address, and it did not apear to work.
> >
> > You could bridge them - this would be the classical 'switch' solution.
> > How to get this done is another question.
>
> dc0 was the classic internal interface running dhcpd. I kept that
> interface as-is.
>
> I set dc1, dc2, and rl0 as (only) "up" in their hostname.if files.
>
> I placed dc0, dc1, dc2, and rl0 into bridgename.bridge0 with default
> settings, like add dc0 add dc1, etc.
>
> brconfig showed bridge0 as it probobly should apear. Mac addresses of
> each client were listed on the proper port.
That looks good.
> dhcpd would not respond to client requests. I could use tcpdump on,
> say rl0 and see the dhcpd requests, but I did not see it on dc0. with
> IP addresses set manually, a client on dc2 could not ping a client of
> the same subnet on dc1, etc. I assumed the bridge did not do what I
> thought it was supposed to do, and dropped it.
Hmm, someone else will have to debug that. It'd probably be the
easiest/best solution, but I've never configured a bridge.
> So I assigned each NIC an IP address of *.1, .2, .3, and .4.
>
> I assumed with IP forwarding, a client connected to the .4 NIC could
> reach the .1 NIC. I was wrong with that as well.
>
> I enabled the bridge again with the internal NIC's having an IP
> assigned A client connected to the .4 NIC still could not reach .1, or
> a client connected to .1.
Have you set net.inet.ip{,6}.forwarding?
> > The other solution is to run it as a classical router serving a lot of
> > /32 subnets.
> >
> > Exactly what do you have problems with?
>
> I am guessing I did something fundamentaly wrong here?
Probably, but what? ;-)
Joachim
