[ previous ] [ next ] [ threads ]
 
 From:  Matchstick <matchstick at oofg dot com>
 To:  Kolia <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Transparent bridge
 Date:  Fri, 9 Jul 2004 11:22:39 +0100
Friday, July 9, 2004, 8:22:02 AM, Kolia (nika at hotmail dot ge) wrote:

K> Greetings,

K> Recently I downloaded latest beta of the m0n0wall (1.1b15) and tried to
K> acomplish following:

K>                    bridging
K>          +------------------------+
K>          |                        |
K> inet <-------> WAN [m0n0] OPT1 <------> customers
K>                      LAN
K>                       ^
K>                       |
K>                   management

K> i.e. want bridging with filtering between WAN and OPT1 and management on
K> LAN interface.

K> I assigned an IP address to LAN interface and was able to get into
K> WebGUI. Then I went to 'OPT1' page and setup bridging between WAN and
K> OPT1. So far so good. Then I tried to enable OPT1 interface and as soon
K> as did this m0n0 GUI stopped responding although traffic between WAN and
K> OPT1 was Ok. I also wasn't able to ping LAN interface. Rebooting m0n0
K> didn't help and I was forced to reset config. I played with firewall
K> rules and allowed any to any on all interfaces but no success.

K> Then I burned iso image with 1.0.img and got what I wanted. Any ideas of
K> what I was doing wrong with 1.1b15?

K> Thank you in advance,
K> Kolia

I'm running pretty much the same configuration as you and wondering if
this is the same problem I had when I switched from a PC based
m0n0wall to a WRAP board.

Basically, as the OPT1 interface was running in promiscuous mode (so it
could form the bridge) it was responding to all ARP requests for the
LAN interface hardware address, before the LAN interface itself
managed to reply which meant that traffic for the LAN interface get
redirected through the bridge.

To test if it is this, try setting a static entry for the LAN IP
address in your client PCs ARP table and see if you can now connect to the
m0n0wall admin pages.

To actually fix the problem once I'd identified it (and that took me
quite a while) I simply swapped the Network Ports for LAN and OPT1
over in the Assign Network Ports page on M0n0 and I haven't had a
problem since (though an alternative if this doesn't work is to set up
your client PCs to load the static ARP entry into the table at boot).

Hope this helps.

-- 
Matchstick
matchstick at oofg dot com