CFR: bridge locking
Daniel C. Sobral
dcs at tcoip.com.br
Fri Aug 22 06:58:23 PDT 2003
Maxim Konovalov wrote:
> [ CC: trimmed ]
>
> On Wed, 20 Aug 2003, 14:52-0300, Daniel C. Sobral wrote:
>
> [...]
>
>>If you get bridge to send/receive packets to/from vlan interfaces
>>attached to them, I'll be forever grateful.
>>
>>I've been trying to configure a setup where a firewall is connected to
>>redundant switches, but no solution I found could handle the vlan
>>attachments. :-(
>
>
> http://people.freebsd.org/~maxim/diff/bridge.diff
>
> Let me know if it helps.
Actually, this *did* help with something else.
ifconfig fxp1 up
ifconfig fxp3 up
ifconfig vlan0 create
ifconfig vlan1 create
ifconfig vlan0 vlan 999 vlandev fxp1
ifconfig vlan1 vlan 999 vlandev fxp3
ifconfig vlan0 200.220.254.190/26
ifconfig vlan1 up
sysctl net.link.ether.bridge=1
sysctl net.link.ether.bridge_cfg="vlan0 vlan1"
Link to fxp1 down, link to fxp3 up.
Without this patch, pings to and from 200.220.254.190 won't work. With
your patch, they do. Thanks.
This was tested on a FreeBSD 4.7. The patch did not apply cleanly, and
required removal of a couple of lines (because "verbose", removed in the
patch, is used in one place), but both these things were easily done.
--
Daniel C. Sobral (8-DCS)
Gerencia de Operacoes
Divisao de Comunicacao de Dados
Coordenacao de Seguranca
VIVO Centro Oeste Norte
Fones: 55-61-313-7654/Cel: 55-61-9618-0904
E-mail: Daniel.Capo at tco.net.br
Daniel.Sobral at tcoip.com.br
dcs at tcoip.com.br
Outros:
dcs at newsguy.com
dcs at freebsd.org
capo at notorious.bsdconspiracy.net
Telling the truth to people who misunderstand you is generally
promoting a falsehood, isn't it?
-- A. Hope
More information about the freebsd-net
mailing list