Bridge interface and ARP traffic

Julian Elischer julian at freebsd.org
Mon May 30 05:18:26 UTC 2016 

On 27/05/2016 1:13 AM, John Nielsen wrote:
>> On May 20, 2016, at 12:30 AM, Aqz <poczta at aquaz.eu> wrote:
>>
>> Hello,
>>
>> I have a very strange issue with passing ARP traffic through bridge
>> interface.
>> I'm using FreeBSD 10.3-REL VMWare virtual machine as bridge between two
>> networks using the same IP address space. Bridge interface doesn't have IP
>> address assigned so it acts more like a switch between those two virtual
>> networks - let's call them NET and PUB.
>> Gateway for our network is in NET vlan, all the virtual machines are in the
>> PUB vlan.
>>
>> Traffic passes through this bridge, but there are few problems.
>>
>> I have to manually add static ARP table entries for gateway on all the
>> machines in PUB network - I can see ARP broadcasts from machines asking
>> where's the gateway, and the reply but only on one of bridged interfaces -
>> the one from NET side. The response is not visible on bridge interface, nor
>> the PUB vlan interface.
>>
>> Also, when I try to ping a machine that's in NET network from PUB network
>> all network traffic suddenly stops, even when I'm pinging some nonexistent
>> host. I have to use virtual console and ping for ex. DNS server, or any
>> internet host to make traffic start again.
>>
>> I'm not sure what I'm doing wrong - I've been using a similar configuration
>> before (with physical machines).
>>
>> Here's my ifconfig output http://aquaz.eu/bridgeifconfig.txt
> The first thing to check is the hypervisor. Do you have your VM configured to allow the NICs to use promiscuous mode? Is there any kind of IP/MAC matching or filtering going on?
>
> Next thing to check is firewall in the VM. Is IPFW or PF enabled? What is the output of "sysctl net.link.bridge" ?
>
> The ping problems are definitely weird, not sure what to think about that.

try the netgraph bridge for a comparison
there is a sample implementation in /usr/share/examples/netgraph I 
think under virtual.lan

>
> JN
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>

More information about the freebsd-net mailing list