[ previous ] [ next ] [ threads ]
 
 From:  "Fred Weston" <fred at daytonawan dot com>
 To:  "'Magne Andreassen'" <magne dot andreassen at bluezone dot no>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] WAN & LAN connected to same switch
 Date:  Wed, 3 Dec 2003 14:32:29 -0500
There are no VLANs set up on the switch.  I am relying on layer 3 to
separate the LAN from the WAN, and yes I know that's a bad way to do it.
I am running m0n0wall on a net4521.  My router is connected to the
switch, m0nowall WAN is connected to the switch set up with a static
public IP address, m0n0wall LAN is setup as 192.168.1.0/24 connected to
the switch.  There is no problem when I first boot the firewall, however
if I leave a ping to an Internet host running on a NAT'd client over the
course of about 20 minutes it starts timing out.  When it starts
dropping packets, about 1 out of every 20 pings gets a reply.  I can
always ping the firewall successfully from the LAN.  Other hosts
connected to the switch with public IP addresses have no problems
pinging out to the Internet with 0% loss, so it's something to do with
m0n0wall.

Does someone know if the net45xx series uses distinct mac addresses for
each ethernet interface or if they're shared?

My soekris has two Engenius 802.11 cards, the first one is enabled as an
optional interface bridged with LAN in hostap mode, the second one is
not being used by m0n0wall currently.

I did just notice this in the logs:

Dec 3 06:27:00 	/kernel: arp: 00:00:24:c1:84:21 is using my IP address
66.208.144.130!
Dec 3 06:27:00 	/kernel: arp: 00:00:24:c1:84:20 is using my IP address
66.208.144.130!
Dec 3 06:27:01 	/kernel: arp: 00:00:24:c1:84:20 is using my IP address
192.168.1.1!
Dec 3 06:27:01 	/kernel: arp: 00:00:24:c1:84:21 is using my IP address
192.168.1.1!
Dec 3 06:27:36 	/kernel: arp: 00:00:24:c1:84:20 is using my IP address
192.168.1.1!
Dec 3 06:27:36 	/kernel: arp: 00:00:24:c1:84:21 is using my IP address
192.168.1.1!
Dec 3 06:40:31 	/kernel: arp: 00:00:24:c1:84:20 is using my IP address
192.168.1.1!
Dec 3 06:40:31 	/kernel: arp: 00:00:24:c1:84:21 is using my IP address
192.168.1.1!
Dec 3 08:26:39 	/kernel: arp: 00:00:24:c1:84:20 is using my IP address
192.168.1.1!
Dec 3 08:26:39 	/kernel: arp: 00:00:24:c1:84:21 is using my IP address
192.168.1.1!
Dec 3 08:33:27 	/kernel: arp: 00:00:24:c1:84:20 is using my IP address
192.168.1.1!
Dec 3 08:33:27 	/kernel: arp: 00:00:24:c1:84:21 is using my IP address
192.168.1.1!
Dec 3 08:40:36 	/kernel: arp: 00:00:24:c1:84:20 is using my IP address
192.168.1.1!
Dec 3 08:40:36 	/kernel: arp: 00:00:24:c1:84:21 is using my IP address
192.168.1.1!

Those are the MAC addresses of the Soekris itself, I'm not sure why it
would complain about that in the logs.  I've since disconnected my LAN
interface from the switch, and connected it to a PC using a crossover
cable and that seems to be working so far.  I'm going to let it sit for
a while to see if I get any more dropped connections.  It's odd that it
would work for a while the way I had it connected previously, and then
suddenly stop.  However, it still remains to be seen if the crossover
cable on the LAN has actually fixed anything.

Cheers



-----Original Message-----
From: Magne Andreassen [mailto:magne dot andreassen at bluezone dot no] 
Sent: Wednesday, December 03, 2003 1:49 PM
To: 'Fred Weston'; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] WAN & LAN connected to same switch


Fred Weston wrote:
> 
> I am having a problem with sporadic packet loss, and can't
> figure out what's causing it.  Does connecting the LAN and 
> WAN ethernet ports to the same switch cause any ill effects?  
> Some commercial firewalls use the same MAC address for all 
> ethernet interfaces by default, so plugging them in to the 
> same switch/hub causes bad things to happen.
> 
I assume you are running VLAN on your switch?
Where is the loss? WAN or LAN/client side?
What hardware are you running m0n0wall on?
How is your m0n0wall setup?
Logs?


Magne