Dual NIC routing (?) problem
    The MadDaemon 
    maddaemon at gmail.com
       
    Fri Jun 20 22:07:50 UTC 2008
    
    
  
On Fri, Jun 20, 2008 at 4:50 AM, Yuri Pankov <yuri.pankov at gmail.com> wrote:
> The MadDaemon wrote:
>>
>> On Tue, Jun 17, 2008 at 3:47 PM, Yuri Pankov <yuri.pankov at gmail.com>
>> wrote:
>>>
>>> The MadDaemon wrote:
>>>>
>>>> List,
>>>>
>>>> I'm having a problem with a dual-homed host running 7.0-RELEASE with
>>>> regards to traffic on one of the interfaces that I'm hoping someone
>>>> knows something about.
>>>>
>>>> The goal of this box is to run Nessus on bge0 only (which is plugged
>>>> into a trunk port on a switch), keeping fxp0 free as the admin
>>>> interface and for serving web pages on my LAN.
>>>>
>>>> Here's ifconfig:
>>>>
>>>> bge0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
>>>>       options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>>>>       ether 00:19:b9:22:a8:22
>>>>       inet 0.0.0.0 netmask 0xffffff00 broadcast 0.0.0.255
>>>>       media: Ethernet autoselect (100baseTX <full-duplex>)
>>>>       status: active
>>>> fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
>>>> 1500
>>>>       options=b<RXCSUM,TXCSUM,VLAN_MTU>
>>>>       ether 00:02:b3:bb:59:17
>>>>       inet 10.20.10.24 netmask 0xffffff00 broadcast 172.20.10.255
>>>>       inet 10.20.10.28 netmask 0xffffffff broadcast 172.20.10.28
>>>>       inet 10.20.10.29 netmask 0xffffffff broadcast 172.20.10.29
>>>>       media: Ethernet autoselect (100baseTX <full-duplex>)
>>>>       status: active
>>>>
>>>> /etc/rc.conf section:
>>>>
>>>> # Created: Mon Jun  9 09:32:52 2008
>>>> defaultrouter="10.20.10.254"
>>>> hostname="darkhorse.mydomain.local"
>>>> ifconfig_fxp0="inet 10.20.10.24  netmask 255.255.255.0"
>>>> ifconfig_fxp0_alias0="inet 10.20.10.28 netmask 255.255.255.255"
>>>> ifconfig_fxp0_alias1="inet 10.20.10.29 netmask 255.255.255.255"
>>>> ifconfig_bge0="inet 0.0.0.0 netmask 255.255.255.0"
>>>
>>> Try using ifconfig_bge0="up" in /etc/rc.conf instead of assigning bogus
>>> (probably) address.
>>
>> Tried that as well and it didn't work.  I found a few different things
>> regarding VLAN setup, so my new (and not working) configuration is
>> this (in part):
>>
>> ######################
>> # VLAN Configuration #
>> ######################
>> cloned_interface="vlan2"
>> ifconfig_vlan2="inet 10.21.1.245 netmask 255.255.255.0 vlan 2 vlandev
>> bge0"
>> cloned_interface="vlan5"
>> ifconfig_vlan5="inet 10.20.8.245 netmask 255.255.255.0 vlan 5 vlandev
>> bge0"
>
> So 10.20.8.245 is in tagged vlan 5.
Yes..
>> cloned_interface="vlan6"
>> ifconfig_vlan6="inet 10.20.7.245 netmask 255.255.255.0 vlan 6 vlandev
>> bge0"
>>
>> (I got the VLAN IDs straight from the router, so they are correct for
>> each VLAN.)
>>
>> root at darkhorse [~]# ifconfig bge0 inet 10.20.8.245 netmask 255.255.255.0
>
> and here you are trying to set 10.20.8.245 on parent bge0 without 802.1q
> tagging, how do you expect it to work?
I didn't, actually - lack of sleep = brainfart :(
>> root at darkhorse [~]# ifconfig bge0 up
>> root at darkhorse [~]# ifconfig bge0
>> bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>>        options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>>        ether 00:19:b9:22:a8:22
>>        inet 10.20.8.245 netmask 0xffffff00 broadcast 10.20.8.255
>>        media: Ethernet autoselect (100baseTX <full-duplex>)
>>        status: active
>> root at darkhorse [~]# ping -c 2 10.20.8.4
>> PING 10.20.8.4 (10.20.8.4): 56 data bytes
>>
>> --- 10.20.8.4 ping statistics ---
>> 2 packets transmitted, 0 packets received, 100.0% packet loss
>>
>
> Sorry if I understood you incorrectly.
No problem..
I believe if fixed it by setting this in /etc/rc.conf:
cloned_interfaces="vlan2 vlan5 vlan6 vlan7 vlan107 vlan201 vlan212"
ifconfig_vlan2="inet 10.21.1.245 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan5="inet 10.20.8.245 netmask 255.255.255.0 vlan 5 vlandev bge0"
ifconfig_vlan6="inet 10.20.7.245 netmask 255.255.255.0 vlan 6 vlandev bge0"
ifconfig_vlan7="inet 10.20.253.245 netmask 255.255.255.0 vlan 7 vlandev bge0"
ifconfig_vlan107="inet 10.21.7.245 netmask 255.255.255.0 vlan 107 vlandev bge0"
ifconfig_vlan201="inet 10.20.1.245 netmask 255.255.255.0 vlan 201 vlandev bge0"
ifconfig_vlan212="inet 10.21.2.245 netmask 255.255.255.0 vlan 212 vlandev bge0"
######################
# Bring up bge0 manually to make sure it's up:
ifconfig_bge0="up"
######################
    
    
More information about the freebsd-questions
mailing list