Re: Host address zero vs bridge, carp and nat

In reply to: Tomek CEDRO : "Re: Host address zero vs bridge, carp and nat"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <rb_at_gid.co.uk>
Date: Mon, 24 Apr 2023 12:38:29 UTC

Hi,

> On 24 Apr 2023, at 03:15, Tomek CEDRO <tomek@cedro.info> wrote:
> 
> On Mon, Apr 24, 2023 at 12:00 AM Bob Bishop wrote:
>> (..)
>> doesn’t pass traffic through the bridge. The NAT is in-kernel via ipfw and there are firewall rules in play but they do not seem to be a factor.
> 
> Have you tried sysctl ?
> net.link.bridge.ipfw=0
> net.link.bridge.pfil_bridge=0
> net.link.bridge.pfil_member=0

Interesting. Setting net.link.bridge.pfil_member=0 seems to fix it with no other change. So looks like it’s a libalias/pfil thing with the zero host address.

Need net.link.bridge.pfil_bridge=1 for ipfw to work at all.

net.link.bridge.ipfw=0.

> -- 
> CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
> 

--
Bob Bishop
rb@gid.co.uk