[ previous ] [ next ] [ threads ]
 
 From:  "Bruce A. Mah" <bmah at acm dot org>
 To:  Fred Wright <fw at well dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] A strange Problem ( Bridgeing needed? )
 Date:  Fri, 20 Aug 2004 23:33:16 -0700
On Thu, 2004-08-19 at 14:23, Fred Wright wrote:
> On Thu, 19 Aug 2004, Melvin Backus wrote:

> > I believe that m0n0 will only do bridging if there are 3 or more 
> > interfaces.  If memory serves you can do what you're trying to do, but 
> > you'll need to add a 3rd NIC, even though you don't use it.
> 
> AFAIK you *do* need to use it.  AIUI the FreeBSD bridging code doesn't
> support bridging an interface that's also a "real IP" interface, even
> though there's no theoretical reason why that couldn't work.  Since you
> need the LAN interface for administration, it can't be bridged.  You can,
> however, connect two physical interfaces to the LAN; just be sure the
> bridged interface isn't trying to do ARP, etc.

I seem to remember that with FreeBSD bridging, it was recommended that
at most one of the interfaces in a bridge group have an address, and the
other(s) should be unnumbered.  I'm not sure how well any *other* setup
works...I'm pretty sure that nothing in the bridge code tries to enforce
this.

m0n0wall is a little more strict than that in that it only supports
bridging two interfaces per bridge group.  One of those interfaces must
have an IP address and the other must be unnumbered.

Note that the recent m0n0wall 1.1 betas support VLANs interfaces.  It
might be possible to do a bridging setup with two physical interfaces
and a VLAN interface attached to one of the physical interfaces.  I
haven't tried this, but I can't think of any reason this wouldn't work.

Bruce.
signature.asc (0.2 KB, application/pgp-signature)