Bridge, dpcpd, sshd

[Chris]

--- On Thu, 3/24/11, Nerius Landys <nlandys at gmail.com> wrote:

> From: Nerius Landys <nlandys at gmail.com>
> Subject: Re: Bridge, dpcpd, sshd
> To: "Chris" <devnullaccount at yahoo.se>
> Cc: freebsd-questions at freebsd.org
> Date: Thursday, March 24, 2011, 1:56 AM
> >
> > I have a server machine that I use as DHCP server,
> sshd login etc, and since I have multiple Ethernet
> interfaces on it, I would like to use two of those for the
> internal network to avoid adding one more ethernet switch
> for just one extra machine. DHCP should configure hosts on
> both those interfaces and all the hosts should be on the
> same subnet.
> >
> > So, I set up a bridge interface as per the FreeBSD
> handbook (ch. 31.5), but now dhcpd is refusing to start
> during boot as it claim that the "bridge0" interface doesn't
> exist. If I manually start dhcpd with the same parameters
> after the machine has come up, it will start and it will
> also work as expected and assign addresses to users
> connecting from teh bridge interface.
> >
> > sshd seems to do something similar, it refuses to
> start, but can manually be re-started later on.
> >
> > Is this some kinf of expected behavior, or does it
> sound like I'm doing something badly wrong? Can I force
> bride0 to be configured earlier in the boot so it is always
> there when the daemons start waking up?
> >
> > Configuration info below.
> >
> > TIA,
> >  Chris
> >
> > ===== rc.conf extract ====
> > dhcpd_enable="YES"
> > dhcpd_ifaces="bridge0"
> > cloned_interfaces="bridge0"
> > ifconfig_bridge0="addm dc0 addm dc1 up"
> > ifconfig_bridge0="inet 172.16.0.100/24"
> > ifconfig_dc0="up"
> > ifconfig_dc1="up"
> >
> > ===== sshd.conf extract =====
> > ListenAddress 172.16.0.100
> >
> > === the dhcpd.conf is quite standard and does not say
> anything about the interfaces, that info is in rc.conf above
> ====
> >
> > === /var/log/messages extract ====
> >  dhcpd: bridge0: not found
> 
> I am running a very similar setup.  I learned from my
> own experience
> that sometimes little things like the order of statements
> or what's
> exactly inside the statement affects the outcome.  In
> any case after
> much tweaking I got my router to work, and here is my
> complete
> rc.conf.  People on this mailing list have helped me
> come up with my
> rc.conf (thank you all):
> 
> gateway_enable="YES"
> hostname="speedy.i"
> ifconfig_fxp2="DHCP"
> cloned_interfaces="bridge0"
> ifconfig_bridge0="addm fxp0 addm fxp1 addm re0 addm ath0
> up"
> ifconfig_fxp0="up"
> ifconfig_fxp1="up"
> ifconfig_re0="up"
> ifconfig_ath0="ssid speedy.i mode 11g mediaopt hostap
> channel 2 -bgscan up"
> ipv4_addrs_bridge0="192.168.0.254/24"
> ipnat_enable="YES"
> hostapd_enable="YES"
> sshd_enable="YES"
> named_enable="YES"
> ntpdate_enable="YES"
> ntpd_enable="YES"
> linux_enable="YES"
> dhcpd_enable="YES"
> dhcpd_ifaces="bridge0"
> apache22_enable="YES"
> 
> The ath0 stuff is for a wireless access point and is not
> needed in
> your case.  The rest you can probably understand.
> 
> fxp2 is the external facing interface, it's what is
> connecting to AT&T
> UVerse via DHCP.
> 
> The line "ipv4_addrs_bridge0" is important and from what I
> recall it
> needs to come after the interfaces are brought up, just
> like in the
> above rc.conf.
> 
> Of course there is also some dhcpd config that is not
> present here.
> 
> If you still can't get it to work, try disabling dhcpd to
> have a
> static IP network, try getting that to work first. 
> Then add dhcpd
> once the static network is working.
> 

Hi Nerius and thanks for your reply.

I tried changing rc.conf as per your suggestion and added the ipv4_addrs_ command, but it did not manage to set any address on the bridge anyway, and I'm still getting errors starting the daemons because the bridge isn't created yet.
And then I realized how long it has been since I upgraded that machine, it's actually running FreeBSD-6.0 (I'm a bit ashamed here...), so I would guess that it is so far outdated that these things aren't supposed to work. I guess I'll have to bite the bullet and reinstall the machine this weekend and try again with the same config and see if that makes it any better. I'll come back to the list if that doesn't solve it.

Thanks for the help
/Chris