bridging and promiscuous mode... works but can"t get packets
back
Juan Rodriguez Hervella
jrh at it.uc3m.es
Mon May 10 12:14:45 PDT 2004
On Monday 10 May 2004 20:32, Etienne Robillard wrote:
> Hi
>
> I am quite new to this list :)
>
> Context:
> There's a bridge that does one logical net for two nics (vr0,rl0) on the
> same box (freebsd-4.10-prerelease).
>
> vr0 = outsite net (isp connected with dhclient)
> rl0 = inside net (192.168.1.1) connected with a 10BaseT/UTP cable.
>
> The module in use is bridge.ko and ipfw is in use by the bridge.
> Moreover, there's two servers (dhcpd/dnscache) that do dhcp and
> name-resolution on 192.168.1.1 (rl0).
>
> Question: Why promiscuous-mode enabled interfaces routes packets
> outbound successfully but not inbound ?? That is, why the private host
> can lookup addresses, but fails to receive back tcp packets from the
> internet ?
>
> any ideas ?
>
> I would really much appreciate any kinds of comments or hints concerning
> this scenario...
>
> Thanks
>
Hello Etienne,
I think that you dont have to make bridging, I think you need to make NAT.
As far as I know, if you bridge both interfaces, you are joining the
networks at the link layer (L2), but the IP layer (L3)
is what it is used to route your packets in the internet. so
If your packets are sent with a private IP address as source address,
(192.168.X.X) you won't get any response back (private addressing is
not globally routable)
I've got dial-up access at home and I use
"ppp" with the NAT option to deal with the
same situation your are describing here, I think.
Hope this helps.
--
******
JFRH
******
User n.:
A programmer who will believe anything you tell him.
More information about the freebsd-net
mailing list