[ previous ] [ next ] [ threads ]
 
 From:  Stuart Shelton <stuart at openobjects dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  For bridged configurations, LAN & OPT1 should be interchangable
 Date:  Mon, 16 Jun 2008 22:21:26 +0100 
Hi guys,

I've just started using m0n0wall 1.3b11 on an ALIX/WRAP platform,  
where its primary function is to traffic-shape data from my local  
network to my ADSL router (which is on the same subnet).

This works when OPT1/vr2 is bridged to WAN/vr0 - but there are  
configuration issues with this setup.

Firstly, if WAN/vr0 and LAN/vr1 are on the same subnet with OPT1/vr2  
bridged with WAN/vr0 and all ports are connected (vr0 to the router  
and vr1/vr2 to an internal switch) then something odd occurs: all  
traffic is sent via LAN/vr1, and all traffic is lost.  I don't know  
why this should be - the cable is definitely good (I've tried several)  
and the switches are unmanaged.  I cannot access that web UI on the  
LAN/vr1 IP address, but I can access it on the WAN/vr0 (and therefore  
OPT1/vr2 bridge) IP address.

This was partially resolved by assigning LAN/vr1 an IP address in a  
different subnet, so that traffic would not be routed through it.  In  
this configuration, both internal and external traffic is correctly  
routed and the only remaining problem is that, for some reason, if the  
(now useless) LAN/vr1 cable is unplugged, then I lose access to the  
web UI through the WAN/OP1 IP address.  It still doesn't work from the  
LAN IP address regardless.

Finally, I edited /etc/hosts on the m0n0wall and changed the second  
entry (the one which isn't for 127.0.0.1/localhost) from starting with  
the LAN IP address to the WAN IP address.  Now finally I can unplug  
the LAN cable whilst still correctly handling inbound and outbound  
traffic whilst also retaining access to the web UI.  I suspect that  
this will again break when I next have to reboot, however...

A simple fix for this might be to add a "Primary host IP address" drop- 
down list to the web UI where the IP address for the second hosts  
entry can be chosen.  Even better would be if the WAN/OPT1-bridge-with- 
no-LAN configuration could be configured to work out of the box :)

Additional details as I worked through the problem can be found here:

http://forum.m0n0.ch/index.php/topic,2056.0.html

If the system configuration would be helpful, please let me know.

Cheers,

Stuart