[ previous ] [ next ] [ threads ]
 
 From:  Jesse Guardiani <jesse at wingnet dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: M0n0wall v1.2b3 in Bridge Mode
 Date:  Tue, 08 Feb 2005 22:21:46 -0500 
Chris Buechler wrote:

> On Tue, 8 Feb 2005 08:44:26 -0800, Brian Watters
> <brwatters at abs dash internet dot com> wrote:
>> Hello all,
>> 
>> In following the directions 100% @
>> http://m0n0.ch/wall/docbook/examples-filtered-bridge.html our bridge will
>> FLAT out not work, I wonder if there is any known issues with Bridging in
>> v1.2b3? .. The above doc is very straight forward and should work but ..
>> Could the online doc be missing any steps? .. Feedback please ...
>> 
> 
> I'm not sure why everybody keeps claiming bridging is broken in b3.  I
> have one in production which is what that write up is based on, and
> just set up another from scratch on a test network, following that
> step by step, to see if I could replicate any problems.  I couldn't,
> it worked right off.

I am the original complainer, and I now have a bridged 1.2b3 in production
right now too. Mine didn't work "right off" though. I ran into plenty of
problems. However, at the moment, I have three bridge related problems
that persist:

1.) There isn't a good way to NOT assign an IP to the WAN interface. This
    is a problem if you've already assigned a static IP to the WAN. How
    do you remove the IP? I had to manually edit my config.xml and then
    restore it.

    Why would you want an IP-less bridge? I couldn't get my bridge to be
    completely transparent with an IP on the WAN interface. The bridge
    wouldn't pass traffic outside the WAN's subnet. This was a problem
    for me because I have multiple subnets attached to the bridge. The
    workaround is fairly simple, but I think this deserves some sort of
    GUI solution.

2.) Anti spoofing rules are preventing me from managing my bridged
    m0n0wall from outside the LAN interfaces subnet. See this thread
    for more info:

    http://tinyurl.com/6bh65

    This problem exists currently on my production 4801.

3.) WAN interface sometimes steals packets from LAN interface when LAN
    is used for management and OPT1 is bridged with WAN. See this post
    for details:

    http://tinyurl.com/5qkm4

I think some combination of these problems may have resulted in my initial
general misconceptions about bridging in 1.2b3. Only after testing numerous
configurations could I begin to identify discrete problems.

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net