5.1r Bridge with one ip - no access from non-ip side

Bjorn Eikeland bjorn at eikeland.info
Mon Jan 5 16:38:09 PST 2004 

Hi

I've set up a bridge between the lan in my flat an my isp's adsl modem/nat 
router to shape traffic and also provide some services to both the lan and 
'wan' side.

current setup:

  router --- (xl0) bridge (fxp0) --- switch w/ clients
10.0.0.1    no-ip         dhcp   dhcp (10.0.0.2, 10.0.0.20-10.0.0.30)

The bridge works for the clients and from the router to the clients.

The fxp0 interface is configured by dhcp via the bridge, and later given a 
alias of 10.0.0.10 (just to have a fixed ip when switching between xl0 and 
fxp0 getting a ip assigned to it) so the fxp0 side is listening to the 
router when being configured, but not later.

If I clear the arp entries (arp -da) and flush the routes (route flush) 
and ping the 10.0.0.1 router the arp entry is restored and a route is also 
put back.

beerserver# arp 10.0.0.1
? (10.0.0.1) at 00:00:c5:98:21:0c on fxp0 [ethernet]
beerserver# netstat -rn
Destination        Gateway            Flags    Refs      Use  Netif Expire
10/24              link#2             UC          2        0   fxp0
10.0.0.1           00:00:c5:98:21:0c  UHLW        0        2   fxp0   1186
10.0.0.2           00:a0:c9:f1:4e:6d  UHLW        1       56   fxp0   1181
127.0.0.1          127.0.0.1          UH          0        0    lo0

Router pinging "bridge" (10.0.0.10):
Tcpdump shows the packet arriving on xl0:
00:10:18.628986 10.0.0.1 > 10.0.0.10: icmp: echo request
But it shows this on fxp0:
00:12:45.645646 arp who-has 10.0.0.10 tell 10.0.0.1

"Bridge" pinging router (10.0.0.1)
Tcpdump shows packet leaving fxp0:
00:19:49.621531 10.0.0.10 > 10.0.0.1: icmp: echo request
Tcpdump show reply comming back on xl0:
00:21:30.836404 10.0.0.10 > 10.0.0.1: icmp: echo request
00:21:30.836817 10.0.0.1 > 10.0.0.10: icmp: echo reply

Just in case its a problem with the alias, I've tried only assigning 
10.0.0.10 to fxp0, same result.

The bridge is compiled into the kernel as I read the module had problems 
with this, but compiling it into the kernel did not solve my problem. 
(I've checked the module isnt loaded)

Any suggestions?
(Please ask if you need more info/configs)

- Bjorn

More information about the freebsd-net mailing list