Bridge interface and ARP traffic
John Nielsen
lists at jnielsen.net
Thu May 26 17:13:41 UTC 2016
> On May 20, 2016, at 12:30 AM, Aqz <poczta at aquaz.eu> wrote:
>
> Hello,
>
> I have a very strange issue with passing ARP traffic through bridge
> interface.
> I'm using FreeBSD 10.3-REL VMWare virtual machine as bridge between two
> networks using the same IP address space. Bridge interface doesn't have IP
> address assigned so it acts more like a switch between those two virtual
> networks - let's call them NET and PUB.
> Gateway for our network is in NET vlan, all the virtual machines are in the
> PUB vlan.
>
> Traffic passes through this bridge, but there are few problems.
>
> I have to manually add static ARP table entries for gateway on all the
> machines in PUB network - I can see ARP broadcasts from machines asking
> where's the gateway, and the reply but only on one of bridged interfaces -
> the one from NET side. The response is not visible on bridge interface, nor
> the PUB vlan interface.
>
> Also, when I try to ping a machine that's in NET network from PUB network
> all network traffic suddenly stops, even when I'm pinging some nonexistent
> host. I have to use virtual console and ping for ex. DNS server, or any
> internet host to make traffic start again.
>
> I'm not sure what I'm doing wrong - I've been using a similar configuration
> before (with physical machines).
>
> Here's my ifconfig output http://aquaz.eu/bridgeifconfig.txt
The first thing to check is the hypervisor. Do you have your VM configured to allow the NICs to use promiscuous mode? Is there any kind of IP/MAC matching or filtering going on?
Next thing to check is firewall in the VM. Is IPFW or PF enabled? What is the output of "sysctl net.link.bridge" ?
The ping problems are definitely weird, not sure what to think about that.
JN
More information about the freebsd-net
mailing list