Intel PRO/1000 and BRIDGE
Jeff Opie
newbsdguy at attbi.com
Mon Jun 2 04:48:34 PDT 2003
I have a Dell PE1650 server with dual on-board Intel 82544 NICs which is
intended to be an external firewall using options BRIDGE, IPFIREWALL,
etc.
Packets are not being passed from em0 to em1. I have tried 4.7-Release
(em driver 1.3.4), 4.8-Release (em driver 1.4.10) and the current 1.5.31
em driver, all with the same result.
Does anyone have BRIDGE support working with the em driver?
Some diagnostic info:
I have tcpdump output from em0 and em1. The configuration is as follows:
external addresses 208.255.47.16 (255.255.255.240)
internal addresses 192.168.1.1 (255.255.255.0)
• Internet access to Cisco 2600 router at address 208.255.47.17
(netmask 255.255.255.240).
• Dell pe1650 (this is the BRIDGE box)
o em0 at 208.255.47.29 - input from Cisco 2600
o em1 - no assigned address - output to Cisco 2900
switch(1)(Japan)
• NAT box (FreeBSD)
o 208.255.47.30 (fxp0) input from Cisco 2900 switch(1)
o 192.168.1.1 (fxp1) output to Cisco 2900 switch(2)
o All internal users connected to 2900 switch(2)
• Name servers 198.6.1.195, 198.6.1.122
Mail trying to get in from outside.
Applications trying to get out:
• gotomypc
• Browser to www.yahoo.com
tcpdump on em0:
> tcpdump -r tcpem0.log
07:00:20.760264 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:21.337076 208.255.47.30.17739 > paynetonline.com.pop3: S
2821828019:2821828019(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:00:22.762997 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:24.326340 208.255.47.30.17739 > paynetonline.com.pop3: S
2821828019:2821828019(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:00:24.465501 208.255.47.30.17738 > paynetonline.com.pop3: S
2672892996:2672892996(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
07:00:24.765731 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:26.768455 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:28.771209 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:30.335287 208.255.47.30.17739 > paynetonline.com.pop3: S
2821828019:2821828019(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:00:30.773946 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:32.408094 CDP v2, ttl=180s DevID 'japan' Addr (1): IPv4
192.168.1.14 PortID 'FastEthernet0/4' CAP 0x0a[|cdp]
07:00:32.778826 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:34.779675 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:36.579422 208.255.47.30.17740 > mail.attbi.com.pop3s: S
2825668862:2825668862(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:00:36.782171 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:38.784876 802.1d config TOP_CHANGE 8000.00:05:32:98:35:80.8010
root 8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:39.548940 208.255.47.30.17740 > mail.attbi.com.pop3s: S
2825668862:2825668862(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:00:40.787711 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:00:42.371188 208.255.47.30.17741 > paynetonline.com.pop3: S
2827294789:2827294789(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:00:42.790396 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
>
tcpdump on em1:
> tcpdump -r tcpem1.log
07:00:59.716659 208.255.47.30.17746 > cache06.ns.uu.net.domain: 2255
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:00.640335 208.255.47.30.17744 > cache05.ns.uu.net.domain: 481+ A?
mail.attbi.com. (32)
07:01:00.717579 208.255.47.30.17746 > cache06.ns.uu.net.domain: 2255
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:00.816704 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:00.845695 208.255.47.30.17745 > paynetonline.com.pop3: S
2974090183:2974090183(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
07:01:01.719021 208.255.47.30.17746 > cache06.ns.uu.net.domain: 2255
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:02.643299 208.255.47.30.17744 > cache05.ns.uu.net.domain: 481+ A?
mail.attbi.com. (32)
07:01:02.821114 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:03.401722 208.255.47.30.17747 > paynetonline.com.pop3: S
2832708953:2832708953(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:01:04.820883 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:06.388796 208.255.47.30.17747 > paynetonline.com.pop3: S
2832708953:2832708953(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:01:06.649256 208.255.47.30.17744 > cache05.ns.uu.net.domain: 481+ A?
mail.attbi.com. (32)
07:01:06.823285 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:06.865166 208.255.47.30.17745 > paynetonline.com.pop3: S
2974090183:2974090183(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
07:01:08.826024 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:10.828782 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:12.397725 208.255.47.30.17747 > paynetonline.com.pop3: S
2832708953:2832708953(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:01:12.831525 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:14.683010 208.255.47.30.17748 > cache05.ns.uu.net.domain: 482
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:14.834256 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:15.682707 208.255.47.30.17748 > cache05.ns.uu.net.domain: 482
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:16.642873 208.255.47.30.17749 > cache05.ns.uu.net.domain: 483+ A?
www.yahoo.com. (31)
07:01:16.684454 208.255.47.30.17748 > cache05.ns.uu.net.domain: 482
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:16.839957 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:17.635682 208.255.47.30.17749 > cache05.ns.uu.net.domain: 483+ A?
www.yahoo.com. (31)
07:01:18.839977 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:19.638545 208.255.47.30.17749 > cache05.ns.uu.net.domain: 483+ A?
www.yahoo.com. (31)
07:01:20.842494 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:21.641621 208.255.47.30.17749 > cache05.ns.uu.net.domain: 483+ A?
www.yahoo.com. (31)
07:01:22.845540 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:24.429478 208.255.47.30.17750 > paynetonline.com.pop3: S
2838098001:2838098001(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:01:24.847967 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:25.647467 208.255.47.30.17749 > cache05.ns.uu.net.domain: 483+ A?
www.yahoo.com. (31)
07:01:26.850711 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:27.420073 208.255.47.30.17750 > paynetonline.com.pop3: S
2838098001:2838098001(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:01:28.853459 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:30.859518 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:32.427419 CDP v2, ttl=180s DevID 'japan' Addr (1): IPv4
192.168.1.14 PortID 'FastEthernet0/4' CAP 0x0a[|cdp]
07:01:32.858945 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:33.428935 208.255.47.30.17750 > paynetonline.com.pop3: S
2838098001:2838098001(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
07:01:33.430027 208.255.47.30.17751 > cache06.ns.uu.net.domain: 2256+
A? poll.gotomypc.com. (35)
07:01:33.650000 208.255.47.30.17752 > cache05.ns.uu.net.domain: 484
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:34.425832 208.255.47.30.17751 > cache06.ns.uu.net.domain: 2256+
A? poll.gotomypc.com. (35)
07:01:34.651009 208.255.47.30.17752 > cache05.ns.uu.net.domain: 484
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:34.861686 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:35.652482 208.255.47.30.17752 > cache05.ns.uu.net.domain: 484
PTR? 1.0.0.127.in-addr.arpa. (40)
07:01:36.428712 208.255.47.30.17751 > cache06.ns.uu.net.domain: 2256+
A? poll.gotomypc.com. (35)
07:01:36.864733 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:38.431708 208.255.47.30.17753 > cache05.ns.uu.net.domain: 2256+
A? poll.gotomypc.com. (35)
07:01:38.431772 208.255.47.30.17751 > cache06.ns.uu.net.domain: 2256+
A? poll.gotomypc.com. (35)
07:01:38.867169 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:40.869910 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:42.437329 208.255.47.30.17753 > cache05.ns.uu.net.domain: 2256+
A? poll.gotomypc.com. (35)
07:01:42.437412 208.255.47.30.17751 > cache06.ns.uu.net.domain: 2256+
A? poll.gotomypc.com. (35)
07:01:42.872647 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:44.878281 802.1d config 8000.00:05:32:98:35:80.8010 root
8000.00:05:32:98:35:80 pathcost 0 age 0 max 20 hello 2 fdelay 15
07:01:45.461321 208.255.47.30.17754 > paynetonline.com.pop3: S
2843466202:2843466202(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
>
This looks a lot different than output from the current operational
BRIDGE box (promiscuous mode on fxp0, fxp1) which I want to replace.
Please let me know if I can supply more info.
]hanks in advance -
Jeff Opie
newbsdguy at attbi.com
More information about the freebsd-net
mailing list