DSL router when what I need is a bridge; ARP problem?
Gary Aitken
freebsd at dreamchaser.org
Wed May 28 23:33:25 PDT 2003
Grrr....
My only choice for a DSL isp will only do G.lite in routing mode, not
bridging.
So... I want the dsl modem to essentially act as a bridge, feeding
into one ethernet card on my freebsd box via a crossed cat5 cable, and
the freebsd box handling routing and other duties for hosts connected
to a hub on another ethernet card. I *thought* this was going to be
simple...
dsl line <---> Cisco 678 <-ed0-> freebsd <-de0-> local host
I naively picked up a Cisco 678 thinking it would do the trick.
However, even with CBOS 2.4.7 installed, it won't route out the
ethernet port -- only out the wan port. e.g., if the routing tables
in the cisco look like this:
cbos#show route
ip mask gateway type interface
0.0.0.0 0.0.0.0 a.b.c.d DSAR wan0-0
<router-ip> <255.255.255.252> <freebsd-ip> LAR eth0
<local-lan-ip> <255.255.255.248> <freebsd-ip> SAR eth0
The router can ping anything on the local lan, sending its request and
receiving its reply via the freebsd box; but if anything on the local
lan other than the directly connected freebsd box pings the router,
the router receives the ping but isn't smart enough to route the reply
back. Not exactly a very smart routing algorithm. Instead, it sends
out an ARP request on ed0 trying to discover the
ethernet address for the local lan host which is on de0; it receives
no reply, since the host is on the de0 lan on the other side of the
freebsd box. I'm not sure what the SAR type means (or DSAR and LAR
for that matter).
From the arp man page, it seems like an arp -s entry should be
automatically made in the freebsd box's arp cache as a result of the
freebsd box knowing about the hosts on the local lan, and it should
respond to the request from the router by sending its own (proxy)
ethernet address, and then forward the packet out the other side.
However, this doesn't happen. A dump of the arp tables shows only the
entry needed for routing on the local net, with no addresses
published.
If I manually add the ethernet address of the machine on the local net
to the freebsd arp table using
arp -s <local host name> <local host ethernet addr> pub only
then the freebsd box does respond to the arp request from the router,
but sends the ethernet address of the local host on de0, rather than
that of its own interface on ed0, to the router. The router then puts
the ping (icmp) reply onto the wire to the freebsd box (ed0), but it
is never picked up because it is addressed at the ethernet level to
the local host on the other side (de0).
On the other hand, if I add the ethernet address of the freebsd box
interface to the router (ed0) as the published entry for the local
host, the routing tables get generally bolluxed up, including
notifications to the local host that its ethernet address is now
different. This appears to be because the arp entry is made for the
inside local network on de0, rather than for the ethernet line running
to the router on ed0. The arp command appears to have no ability to
specify which interface the published address is for.
Can anyone shed some light on this? Is this a bug or a feature, or am
I just messed up and not doing it right?
And finally... can anyone suggest a different dsl modem which will
route properly, and which can accept vpi/vci pairs like (0,100)? I'm
told the Cisco 827H will deal with the vpi/vci pair (The Cisco 678
will only take a vci in the range [0..63], but I don't have a lot of
faith that it will route any better without info from someone who has
direct experience with it.
And, yes, I would like to shoot the bozo at my isp who set their stuff
up, but he's moved on to wreck havoc at yet another installation.
Gary
More information about the freebsd-questions
mailing list