Re: [Ntop-misc] ntopng bridge on nat gateway with vlans

Tue, 30 May 2017 06:22:31 -0700

Hi Marco,
 
thank you for the answer.
 
Let's try to make an easy testcase. How about this:
eth0 wan (external ip)
eth1 lan (192.168.x.x)
 
lan gets NATed to wan. So i cannot build a bridge between eth0 and eth1.
So where to attach the bridge?
 
Maybe:
eth0 remove external ip 
create br0 without attached interfaces
br0 add external ip 
Start ntop to use bridge br0 and parameter to attach eth0
ntopng -i bridge:br0,eth0
Then rewrite the firewall to NAT out over br0 instead of eth0
 
Can this work? Or do I need at least one attached interface at the existing bridge and then let ntopng attach a second interface?
 
regards, Thomas
 
Gesendet: Dienstag, 30. Mai 2017 um 10:24 Uhr
Von: "Marco Teixeira" <ma...@scom.uminho.pt>
An: ntop-misc@listgateway.unipi.it
Betreff: Re: [Ntop-misc] ntopng bridge on nat gateway with vlans
Hi Thomas,
To the best of my knowledge, packets still have to pass on eth0, so attach it there.
I don't use NTOP with a setup like yours, but you might have to account for the VLAN tagging in NTOP config... maybe.
 
=Marco
 
2017-05-30 8:45 GMT+01:00 <thomasmeier1...@gmx.de>:
Dear community,
 
I have a NAT gateway with iptables that is acting as main gateway for all workstations.
Ntopng is working fine, but now i like to use inline traffic policing. Therefore I need a bridge.
 
Currently i have a eth0(WAN untagged), eth1.1 (workstations), eth1.2 (phones), eth1.3 (servers).
 
Now i would like to change the eth1 devices to br0 devices for each vlan. This is working in another setup.
Then i would have br0.1 br0.2 br0.3
 
But how to attach ntopng then for the bridge mode? Is is possible? Or do I have to provide a separate machine?
 
kind regards, 
Thomas
 

_______________________________________________
Ntop-misc mailing list
Ntop-misc@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________ Ntop-misc mailing list Ntop-misc@listgateway.unipi.it http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________
Ntop-misc mailing list
Ntop-misc@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

Reply via email to