bridging and promiscuous mode... works but can"t get packets back

Etienne Robillard erob at videotron.ca
Mon May 10 15:28:51 PDT 2004

Previous message: bridging and promiscuous mode... works but can"t get packets back
Next message: How to use the RTM_IFINFO message of a Routing Socket
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Juan Rodriguez Hervella wrote:
| On Monday 10 May 2004 20:32, Etienne Robillard wrote:
|
|>Hi
|>
|>I am quite new to this list :)
|>
|>Context:
|>There's a bridge that does one logical net for two nics (vr0,rl0) on the
|>same box (freebsd-4.10-prerelease).
|>
|>vr0 = outsite net (isp connected with dhclient)
|>rl0 = inside net (192.168.1.1) connected with a 10BaseT/UTP cable.
|>
|>The module in use is bridge.ko and ipfw is in use by the bridge.
|>Moreover, there's two servers (dhcpd/dnscache) that do dhcp and
|>name-resolution on 192.168.1.1 (rl0).
|>
|>Question: Why promiscuous-mode enabled interfaces routes packets
|>outbound successfully but not inbound ?? That is, why the private host
|>can lookup addresses, but fails to receive back tcp packets from the
|>internet ?
|>
|>any ideas ?
|>
|>I would really much appreciate any kinds of comments or hints concerning
|>this scenario...
|>
|>Thanks
|>
|
|
| Hello Etienne,
|
| I think that you dont have to make bridging,  I think you need to make
NAT.
|
| As far as I know, if you bridge both interfaces, you are joining the
| networks at the link layer (L2), but the IP layer (L3)
| is what it is used to route your packets in the internet. so
| If your packets are sent with a private IP address as source address,
| (192.168.X.X) you won't get any response back (private addressing is
| not globally routable)
|
| I've got dial-up access at home and I use
| "ppp" with the NAT option to deal with the
| same situation your are describing here, I think.
|
| Hope this helps.
|

Solved :)

Thanks, Juan, for pointing this out in the ether :)

Apparently, natd seem's like working with promiscuous-kind-of nics...

Still strange, however, that the internal interface needs to be in
promisc-mode, so that packets from the dhcpd daemon goes in/out. Guess
there's plenty of homeworks for me to do in ifconfig(8) :P

erob


-----BEGIN PGP SIGNATURE-----
Comment: quork teht!

iD8DBQFAoAKOfhO/J4JSDfYRAt/vAKCE/gSUJzYp3gyugs/6d0C9+OwbxACgmg1W
lzGByZaHREflf/ggsgJFlRY=
=HJIC
-----END PGP SIGNATURE-----

Previous message: bridging and promiscuous mode... works but can"t get packets back
Next message: How to use the RTM_IFINFO message of a Routing Socket
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-net mailing list