Unsolved: 5.2 Bridging issue

Aaron D. Gifford agifford at infowest.com
Thu Feb 12 17:13:24 PST 2004

I originally wrote:
>> I've got a bridge(4) issue on a BSD 5.2.1 box.  The bridging box has 
>> three ethernet interfaces, two bridged together in a single cluster, 
>> and one connected to the internet.  The box acts as a bridge for the 
>> two network segments, and as a router to the Internet (it's the 
>> default gateway).  The problem is, only one of the bridged segments 
>> can communicate with the BSD box directly (and thus the Internet), 
>> even though the two segments can talk to each other just fine.

And Bjorn Eikeland responded:
> Try sysctl net.inet.ip.check_interface=0 - sounds like the same problem 
> i had with my
> bridge a while back.
> good luck!
> Bjorn

I then replied that his Bjorn's explanation worked.  Well, I feel like 
an idiot now, but it turns out it didn't work after all.  I just had 
plugged in my test machine into the wrong ethernet port, so of course 
things worked.

Quick recap of my set-up:

FreeBSD box with 3 interfaces, two bridged, the other connects to the 
Internet.  The interfaces are as follows:

   em0   Bridged with rl1
   rl0   Not bridged, connects to rest of net
   rl1    NO IP ADDRESS   Bridged with em0 so hosts on this segment
                          are on the same subnet

All hosts on use as the default gateway.  The
FreeBSD box in question acts as a router and bridge, routing stuff to
an upstream router (call it

Some sysctl settings:
net.link.ether.bridge.enable: 1
net.link.ether.bridge.config: em0:1,rl1:1
net.link.ether.bridge_ipfw: 0
net.inet.ip.check_interface: 0

Routing Table:

Destination        Gateway            Flags    Refs      Use  Netif
default           UGS         0   193583    rl0
10/24              link#3             UC          0        0    em0          UH          0     2300    lo0      link#1             UC          0        0    rl0         01:23:45:67:89:ab  UHLW        1        0    rl0

ifconfig sample:
         inet netmask 0xfffffff0 broadcast
         ether 0f:1e:2d:3c:4b:3a
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active
         ether 00:11:aa:bb:22:cc
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active
         inet netmask 0xffffff00 broadcast
         ether ab:cd:ef:98:76:54
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
         inet netmask 0xff000000

Traffic between em0 and rl1 is bridged just fine, EXCEPT for traffic 
TO/FROM the FreeBSD host itself TO any hosts on rl1 (the interface 
without the IP address).

So on rl1 can talk with on em0, ARP traffic as 
well as IP traffic.  But the BSD host will never get ARP or IP traffic 
to/from on rl1.  The BSD host can talk just fine to on em0.

Anyone else have any ideas?

The system's running FreeBSD 5.2.1-RC2.

Thanks again in advance!
Aaron out.

More information about the freebsd-ipfw mailing list