Hello again, I am still having the same issues trying to figure out how to set this scenario up. Could you please help me with RSTP bridging? what am I missing?
Thanks, sincerely Miguel Araujo >Hello everyone, > >I have two machines with OBSD intalled on them. Both will be firewalls >filtrating traffic from a DMZ. I need to avoid single points of failure, so >the whole architecture is redundant. This is a simple diagram of >my architecture: > >DMZ DMZ >| | >FW1 -------- --------FW2 >| \ / | >| \/ | >switch1------ -------switch2 >| | >----------------internal network > >Both OBSD machines will be used as firewalls running PF. I am creating a >bridge in each firewall. Creating a /etc/bridgename.bridge0 that contains: > >add vr0 >add vr1 >add msk0 >stp vr0 #I'm pretty sure this is done by default >stp vr1 >stp msk0 >up > >Both firewalls are connected to both switches. These are Dell 2816 with >RSTP activated on all ports. From time to time I get loops and traffic >raises and collapses my testing network bandwith. This points that Spanning >Tree is bad configured, but I don't know what I'm missing. > >I don't know what to look for. brconfig shows bridges are running on rstp >and the interfaces are in learning mode. The rstp roles are automatically >set and look correct. On the other side, my Dell switches have rstp >activated. > >Packet Filter is not activated yet. Any way to find out what is going >wrong here? pointer to good up to date how-tos on bridge firewalling? > >Thanks, regards >Miguel Araujo
