BRIDGE breaks ARP?
I'm running -STABLE (cvsup'ed on 26jan2001) on a machine with the BRIDGE option, bridging between two PCI NICs (rl0 and xl0). I'm having ARP problems. Machines on the "rl0" card are unable to get a hardware address for the bridge. (For whatever reason, I have no problems talking via the "xl0" interface.) I've done "tcpdump" on the bridge, and it's receiving ARP queries on the "rl0" interface, but it doesn't appear to be sending replies. I did a "tcpdump" on the "xl0" interface too, just in case ARP replies were going out over the wrong interface, but no such luck. If I turn off bridging (sysctl -w net.link.ether.bridge=0), the ARP problem quickly resolves itself. So the problem would seem to be related somehow to the bridge code. I can sidestep the problem by using "arp -s" commands on the other machines to tell them the bridge's hardware address -- but I really shouldn't have to do this. Any ideas? Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: BRIDGE breaks ARP?
On Sat, Feb 03, 2001 at 02:26:10PM -0800, Rich Wales wrote: > I'm running -STABLE (cvsup'ed on 26jan2001) on a machine with the > BRIDGE option, bridging between two PCI NICs (rl0 and xl0). > > I'm having ARP problems. Machines on the "rl0" card are unable to > get a hardware address for the bridge. (For whatever reason, I have > no problems talking via the "xl0" interface.) [snip] > I can sidestep the problem by using "arp -s" commands on the other > machines to tell them the bridge's hardware address -- but I really > shouldn't have to do this. > > Any ideas? Not all cards support bridging. The bridge(4) manpage _used to_ have a list of cards that work. Now all it says is, "Interfaces that cannot be put into promiscuous mode or that don't support sending packets with arbitrary Ethernet source addresses are not compati- ble with bridging." And I have not been able to figure out if the rl(4) device satisfies those conditions. I should note that rl(4) was not on the list of working cards prior to the change in the manpage. Maybe someone who knows more about the rl(4) driver can elaborate? -- Crist J. Clark [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: BRIDGE breaks ARP?
Crist Clark wrote: > Not all cards support bridging. As far as I can tell, the "rl" device is (or, at least, is supposed to be) supported by the bridge code. "ifconfig rl0" on my bridge shows the interface is running in promis- cuous mode, and bridging works perfectly for me in all respects other than ARP. The "rl0" card in my bridge is identified as an "Accton MPX 5030/5038", and I'm running it in 100baseTX full-duplex mode (connected to another machine via a crossover cable). Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: BRIDGE breaks ARP?
> > can you repeat exactly what the problem was (bridge machine not > > responding to ARP requests ?) and what is your exact setup (i ... > The problem is that the bridge machine can not communicate any > other machines unless net.link.ether.bridge=0. That is no response > from/to any other machines to ping command. well that description is a bit too generic to help. does the machine doing the ping have an arp entry for the bridge ? can you see (using tcpdump) the ARP and ping requests and replies on the client doing the ping and on the interface of the bridge ? it was my understanding that the problem lied in failure to reply to ARP messages. cheers luigi To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: BRIDGE breaks ARP?
Tom Veldhouse wrote: > > Any chance this problem could be caused by having MROUTING > > and BRIDGE in the kernel at the same time? . . . I have > > noticed that I had MROUTING in the kernel and I have these > > same problems. Masachika ISHIZUKA replied: > I do not have MROUTING. And neither do I. I noticed something else this morning that might be significant. My main desktop machine (the one which can't talk directly to my bridge via its "rl0" interface unless I use an "arp -s" command to hardwire it with knowledge of the bridge's hardware address) logged a bunch of unsuccessful attempts by the bridge to supply its =external= interface's hardware address. For example: Feb 4 20:23:09 jekyll /kernel: arp: 00:60:97:05:32:cd attempts to modify permanent entry for 171.66.188.114 on rl0 I had "tcpdump arp" commands (one for each of the two interfaces in the bridge cluster) running on my bridge at the time, and the bridge did =not= send out any ARP replies directed to my desktop. It did, however, send out quite a few ARP replies addressed to my DSL modem (on the external, "xl0" interface). Is it possible that these ARP replies were being bridged to the internal, "rl0" interface, and that my desktop (currently running 4.2-RELEASE) was picking them up and trying to process them, even though they were intended for another host (my DSL modem)? If so, this seems buggy to me; my desktop really only wants to know about =one= hardware address for the bridge (not two). Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: BRIDGE breaks ARP?
Luigi, I'm running a Bridge+IPFW+Dummynet box between my lan and my router (which is my default gateway). I access the box via SSH and everything is working great. I would like to do some routing in this box too (offloading the router), but I would like to do that WITHOUT have to change all default gateways in our Workstations. I thought the best option here would be to configure the DEFAULT GATEWAY IP ADDRESS in the Bridge Box, but in this scenario I would have to change the router ip address also (since I will be using it in our bridge box). Is there any way you know that I can intercept and re-route packets using the box as bridge ? I mean, the default gateway is still my router, but some packets don't arrive in it, because the bridge box can send them to another ethernet card. Thanks for listening and best regards, Antonio Carlos Pina [EMAIL PROTECTED] - Original Message - From: "Luigi Rizzo" <[EMAIL PROTECTED]> To: "Vincent Poy" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, February 12, 2001 5:25 AM Subject: Re: BRIDGE breaks ARP? > > > whether or not you have "options BRIDGE' in your kernel config file. > > > (or a message saying "BRIDGE ..." when the system boots) > > > > My kernel config doesn't have the BRIDGE option so I guess the > > bridging code is part of ET's drivers. > > yes, i suspected so... > > luigi > > > > > Cheers, > > Vince - [EMAIL PROTECTED] - Vice President __ > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] > > WurldLink Corporation / / / / | / | __] ] > > San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] > > HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[] > > Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin > > > > > > > > > > root@oahu [8:24pm][/usr/temp/zebra] >> ifconfig bg0 > > > > > > bg0: flags=8843 mtu 1500 > > > > > > inet 216.235.44.1 netmask 0xff00 broadcast 216.235.44.255 > > > > > > inet 216.235.45.1 netmask 0xff00 broadcast 216.235.45.255 > > > > > > inet 216.235.56.193 netmask 0xffe0 broadcast 216.235.56.223 > > > > > > ether 00:00:00:03:00:00 > > > > > > > > > > > > I've asked Dennis at ETinc the question and his response was: > > > > > > > > > > > > if you want to route from one DLCI to the other then you have to put them > > > > > > in separate bridge groups with their own subnet. You are creating isolated > > > > > > segments with the ipmap functionality...the mechanism is designed for end > > > > > > users who get 1 or 2 addresses. > > > > > > > > > > > > You COULD fix the O/S to route back to the same interface, but I dont know > > > > > > how complicated that would be. I dont think there is an easy way to > > > > > > disable > > > > > > split-horizon. > > > > > > > > > > > > Dennis > > > > > > > > > > > > > > > > > > Cheers, > > > > > > Vince - [EMAIL PROTECTED] - Vice President __ > > > > > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] > > > > > > WurldLink Corporation / / / / | / | __] ] > > > > > > San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] > > > > > > HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[] > > > > > > Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin > > > > > > > > > > > > > > > > > > > > I'm not sure if this is related but we're using FreeBSD with a > > > > > > > > Emerging Technologies T1 card to do ADSL Bridging and ran into a problem > > > > > > > > where for example, if a bridge group was like... > > > > > > > > > > > > > > > > 216.235.44.1 255.255.255.0 > > > > > > > > > > > > > > > > All the nodes 216.235.44.2-254 can see 216.235.44.1 fine but it > > > > > > >
Re: BRIDGE breaks ARP?
hi, i am not sure i understand what you want to do. luigi > > I'm running a Bridge+IPFW+Dummynet box between my lan and my router (which > is my default gateway). I access the box via SSH and everything is working > great. > > I would like to do some routing in this box too (offloading the router), but > I would like to do that WITHOUT have to change all default gateways in our > Workstations. I thought the best option here would be to configure the > DEFAULT GATEWAY IP ADDRESS in the Bridge Box, but in this scenario I would > have to change the router ip address also (since I will be using it in our > bridge box). > > Is there any way you know that I can intercept and re-route packets using > the box as bridge ? I mean, the default gateway is still my router, but some > packets don't arrive in it, because the bridge box can send them to another > ethernet card. > > Thanks for listening and best regards, > Antonio Carlos Pina > [EMAIL PROTECTED] > > > > > > - Original Message - > From: "Luigi Rizzo" <[EMAIL PROTECTED]> > To: "Vincent Poy" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Monday, February 12, 2001 5:25 AM > Subject: Re: BRIDGE breaks ARP? > > > > > > whether or not you have "options BRIDGE' in your kernel config file. > > > > (or a message saying "BRIDGE ..." when the system boots) > > > > > > My kernel config doesn't have the BRIDGE option so I guess the > > > bridging code is part of ET's drivers. > > > > yes, i suspected so... > > > > luigi > > > > > > > > Cheers, > > > Vince - [EMAIL PROTECTED] - Vice President __ > > > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / > |[__ ] > > > WurldLink Corporation / / / / | / | > __] ] > > > San Francisco - Honolulu - Hong Kong / / / / / |/ / | > __] ] > > > HongKong Stars/Gravis UltraSound Mailing Lists Admin > /_/_/_/_/|___/|_|[] > > > Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin > > > > > > > > > > > > > root@oahu [8:24pm][/usr/temp/zebra] >> ifconfig bg0 > > > > > > > bg0: flags=8843 mtu 1500 > > > > > > > inet 216.235.44.1 netmask 0xff00 broadcast > 216.235.44.255 > > > > > > > inet 216.235.45.1 netmask 0xff00 broadcast > 216.235.45.255 > > > > > > > inet 216.235.56.193 netmask 0xffe0 broadcast > 216.235.56.223 > > > > > > > ether 00:00:00:03:00:00 > > > > > > > > > > > > > > I've asked Dennis at ETinc the question and his response was: > > > > > > > > > > > > > > if you want to route from one DLCI to the other then you have to > put them > > > > > > > in separate bridge groups with their own subnet. You are > creating isolated > > > > > > > segments with the ipmap functionality...the mechanism is > designed for end > > > > > > > users who get 1 or 2 addresses. > > > > > > > > > > > > > > You COULD fix the O/S to route back to the same interface, but I > dont know > > > > > > > how complicated that would be. I dont think there is an easy way > to > > > > > > > disable > > > > > > > split-horizon. > > > > > > > > > > > > > > Dennis > > > > > > > > > > > > > > > > > > > > > Cheers, > > > > > > > Vince - [EMAIL PROTECTED] - Vice President > __ > > > > > > > Unix Networking Operations - FreeBSD-Real Unix for Free / / / / > | / |[__ ] > > > > > > > WurldLink Corporation / / / / > | / | __] ] > > > > > > > San Francisco - Honolulu - Hong Kong / / / / / > |/ / | __] ] > > > > > > > HongKong Stars/Gravis UltraSound Mailing Lists Admin > /_/_/_/_/|___/|_|[] > > > > > > > Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server > Admin > > > > > > > > > > > > > > > > > &
