ARP Question - Maybe?

Drew Tomlinson drew at mykitchentable.net
Sun Sep 28 17:44:09 PDT 2003 

On Sat, 27 Sep 2003 16:55:35 +0000, Nathan Kinkade <nkinkade at fastmail.fm> 
wrote:

> On Sat, Sep 27, 2003 at 03:31:16PM -0700, Drew Tomlinson wrote:
>> I'm trying to get a Linksys WET11 Wireless Ethernet Bridge working with 
>> a
>> D-Link 530 NIC that uses the rl driver.  I have configured the bridge 
>> and
>> gotten it to work with a Windows XP box if I tell the bridge to use "MAC
>> address cloning".  However I can not get it working on my 4.8 FBSD box.
>>
>> I'm not really sure but I suspect my problem might be with ARP?  The rl0
>> interface is configured as 192.168.100.2 and the bridge is connected to 
>> this
>> interface.  The bridge is configured with an IP address of 
>> 192.168.100.225
>> but as I understand it, this is only the address to use when connecting 
>> to
>> the web based configuration utility. I have a Linksys access point with 
>> IP
>> of 192.168.100.1.
>>
>> Anyway, after attempting connections to these three addresses, my arp 
>> table
>> looks like this:
>>
>> ? (192.168.100.1) at (incomplete) on rl0 [ethernet]
>> ? (192.168.100.2) at 00:05:5d:d0:ba:67 on rl0 permanent [ethernet]
>> ? (192.168.100.225) at (incomplete) on rl0 [ethernet]
>>
>> I can not get any response from any device beyond the rl0 interface.  I
>> setup ipfw to log all traffic to that interface and can see the traffic
>> going out:
>>
>> Sep 27 15:18:04 blacksheep /kernel: ipfw: 50 Accept ICMP:8.0 
>> 192.168.100.2
>> 192.168.100.1 out via rl0
>>
>> Sep 27 15:24:00 blacksheep /kernel: ipfw: 50 Accept ICMP:8.0 
>> 192.168.100.2
>> 192.168.100.225 out via rl0
>>
>> Can anyone educate me on arp and if it's my problem, tell me what I 
>> might
>> need to add to my arp table to get things going?
>>
>> Thanks,
>>
>> Drew

Thank you for your response.

> I had this problem recently.  Turns out that ipfw when used in
> conjunction with bridging (net.link.ether.bridge_ipfw=1) that your

I don't seem to have this.  I'm running 4.8.  Here's all of my net.link 
sysctls:

net.link.generic.system.ifcount: 8
net.link.ether.inet.prune_intvl: 300
net.link.ether.inet.max_age: 1200
net.link.ether.inet.host_down_time: 20
net.link.ether.inet.maxtries: 5
net.link.ether.inet.useloopback: 1
net.link.ether.inet.proxyall: 0
net.link.ether.inet.log_arp_wrong_iface: 1
net.link.ether.ipfw: 0
net.link.gif.max_nesting: 1
net.link.gif.parallel_tunnels: 0

> default rule must be to allow all.  You can mitigate this by making your
> last rule something like:
>
> deny { tcp or udp } from any to any

I am already set up like this.

> This should basically block pretty much any traffic that you are
> probably worried about.  To test that this is the problem, disable the
> firewall temporarily, maybe with something like:
>
> # sysctl net.link.ether.bridge_ipfw=0
>
> then try your network.  if it works, the re-enable ipfw by setting the
> above parameter back to 1.  then take a look at your arp cache expiry
> with `arp -an' and make note as to wether the net breaks again as soon
> as the arp entry expires.
>
> you can set ipfw to use a default rule of accepting by adding this
> option to you kernel config:
>
> options 	IPFIREWALL_DEFAULT_TO_ACCEPT

As I understand it, I don't need to configure my FBSD box as a bridge.  
Please let me know if I am incorrect.  Basically, I want to use my 
neighbor's connection as a backup link to the Internet.  He has a Linksys 
Wireless Access Point/Router in his home.  Instead of installing a 
wireless card in my FBSD box, I bought a Linksys Wireless Bridge so I 
could install it by a window to get a better signal.  The Linksys bridge 
connects via ethernet cable to the D-Link NIC in my FBSD box.  Here's a 
diagram of the setup:

         Internet
             |
         Public IP
             |
       ADSL Modem/Router
        192.168.10.1
             |
            dc0
        192.168.10.2
             |
         FBSD 4.8 --------- rl0
             |         192.168.100.2
            dc1              |
        192.168.1.2   192.168.100.225
             |         Wireless Bridge
        Internal LAN         |
                       192.168.100.1
                       Neighbor's AP

I can get to the wireless bridge from my neighbor's network and I can get 
to the rl0 from my internal LAN.  The breakage is between the rl0 
interface and the linksys wireless bridge.  Do you have any idea what I 
need to configure to make things work?

Thanks again for your time!!!

Drew

More information about the freebsd-questions mailing list