On 9/2/05, Steve Yates <steve at teamits dot com> wrote:
> On Fri, 2 Sep 2005 14:48:23 -0400
> Chris Buechler <cbuechler at gmail dot com> wrote:
> 
> > you have the OPT1 interface plugged into the same broadcast domain as
> > the WAN?  Seems you have a network loop going on, which that would
> > cause.
> 
>         Nope...here's a diagram:
> 
> [OPT1] -- [switch] -- [m0n0] -- [hub] -- [router] -- [Internet]
> [LAN]------------------/
> 
> The m0n0wall PC has 3 NICs.  The hub exists solely because I have a PC
> connected to the hub to monitor traffic levels (using BWMeter).  The LAN
> interface is connected to another PC solely to configure m0n0wall.
> 

with a crossover cable, I presume?  


>         In this configuration m0n0wall is basically a transparent
> firewall, and all PCs on OPT1 have Internet access.  Pinging to the
> router from a PC shows no problems.  The only difficulty appears to be
> pinging from m0n0wall.  If there was a loop wouldn't OPT1 <-> Internet
> traffic be affected?
> 

yeah, you'd have all kinds of problems with broadcast storms and
everything else if they were plugged into the same broadcast domain.


>         Asked another way, "should" m0n0wall 1.2b9 have a WAN IP set up?

yes

> If not, then it cannot connect to an NTP server, it seems to me.  

correct


> But,
> with a WAN IP, it seems like it should be able to ping local PCs if the
> connection is truly bridged.
> 

yeah, I just tested one of my bridged m0n0walls, 1.2b9, nothing on the
LAN interface, and I can ping from m0n0wall to hosts on the bridged
interface as well as hosts on the Internet.  I never saw any duplicate
responses either, with numerous tries.

You mentioned 10.x.x.x in passing earlier, IIRC, what's the WAN
interface's IP and gateway?  Private IP space?  If so, what's NAT'ing
it?  What is the router in the picture?

-Chris