* [LARTC] linux bridging problem: how to emulate 2 separate
@ 2005-07-01 9:59 Antonio Pinizzotto
2005-07-01 17:12 ` Stephen Hemminger
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Antonio Pinizzotto @ 2005-07-01 9:59 UTC (permalink / raw)
To: lartc
Hi all.
I would need to use a single physical interface on a Linux box to manage
two different IP addresses (belonging to two separate logical subnets)
with two different MAC address. (I need to emulate te presence of two
separate physical interfaceses for a PC on the same LAN, at layer 2 and
layer 3).
Is it possible to use the linux ethernet bridging code and two tap
interfaces for this purpose?
Here is a picture of what I need to do.
LAN__________________________________
|
| eth0 (no IP)
________|________
| |
| br0 |
| (no IP) |
|_________________|
tap0 | | tap1
192.168.40.1/24 | | 192.168.30.1/24
MAC_0 | | MAC_1
__|________|__
| |
| PC |
| |
|______________|
I would need this picture to be equivalent to this one:
LAN__________________________________
eth0 | | eth1
192.168.40.1/24 | | 192.168.30.1/24
MAC_0 | | MAC_1
__|________|__
| |
| PC |
| |
|______________|
I tried but it doens't work. I don't know if it's not contemplate or if
I did a wrong configuration.
For example, on tap0, using tcpdump, I see all the L2 broadcast frames
going on the LAN; but on the counters of "ifconfig tap0" all of them are
considered dropped. No packet is counted as transmitted or received,
also if I try to ping from or to tap0.
The tap interface starts to transmit/receive pachets only if it is
connected to some process like qemu or openvpn.
Maybe, it is not possibile for tap interface to be used directly by the
linux os?
Thanks!
Antonio
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [LARTC] linux bridging problem: how to emulate 2 separate
2005-07-01 9:59 [LARTC] linux bridging problem: how to emulate 2 separate Antonio Pinizzotto
@ 2005-07-01 17:12 ` Stephen Hemminger
2005-07-01 18:37 ` Antonio Pinizzotto
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Stephen Hemminger @ 2005-07-01 17:12 UTC (permalink / raw)
To: lartc
On Fri, 01 Jul 2005 11:59:08 +0200
Antonio Pinizzotto <antonio.pinizzotto@iit.cnr.it> wrote:
>
> Hi all.
>
> I would need to use a single physical interface on a Linux box to manage
> two different IP addresses (belonging to two separate logical subnets)
> with two different MAC address. (I need to emulate te presence of two
> separate physical interfaceses for a PC on the same LAN, at layer 2 and
> layer 3).
>
> Is it possible to use the linux ethernet bridging code and two tap
> interfaces for this purpose?
>
>
> Here is a picture of what I need to do.
>
>
> LAN__________________________________
> |
> | eth0 (no IP)
> ________|________
> | |
> | br0 |
> | (no IP) |
> |_________________|
> tap0 | | tap1
> 192.168.40.1/24 | | 192.168.30.1/24
> MAC_0 | | MAC_1
> __|________|__
> | |
> | PC |
> | |
> |______________|
>
>
> I would need this picture to be equivalent to this one:
>
>
> LAN__________________________________
> eth0 | | eth1
> 192.168.40.1/24 | | 192.168.30.1/24
> MAC_0 | | MAC_1
> __|________|__
> | |
> | PC |
> | |
> |______________|
>
>
> I tried but it doens't work. I don't know if it's not contemplate or if
> I did a wrong configuration.
> For example, on tap0, using tcpdump, I see all the L2 broadcast frames
> going on the LAN; but on the counters of "ifconfig tap0" all of them are
> considered dropped. No packet is counted as transmitted or received,
> also if I try to ping from or to tap0.
> The tap interface starts to transmit/receive pachets only if it is
> connected to some process like qemu or openvpn.
> Maybe, it is not possibile for tap interface to be used directly by the
> linux os?
>
Stop abusing bridging. People keep trying these wacky multiple
network things and they won't work. Bridging really can't handle anything
with multiple interfaces that could possibly create a forwarding loop.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [LARTC] linux bridging problem: how to emulate 2 separate
2005-07-01 9:59 [LARTC] linux bridging problem: how to emulate 2 separate Antonio Pinizzotto
2005-07-01 17:12 ` Stephen Hemminger
@ 2005-07-01 18:37 ` Antonio Pinizzotto
2005-07-01 19:28 ` Stephen Hemminger
2005-07-01 19:52 ` Alexey Toptygin
3 siblings, 0 replies; 5+ messages in thread
From: Antonio Pinizzotto @ 2005-07-01 18:37 UTC (permalink / raw)
To: lartc
Stephen Hemminger wrote:
> On Fri, 01 Jul 2005 11:59:08 +0200
> Antonio Pinizzotto <antonio.pinizzotto@iit.cnr.it> wrote:
>
>
>>Hi all.
>>
>>I would need to use a single physical interface on a Linux box to manage
>>two different IP addresses (belonging to two separate logical subnets)
>>with two different MAC address. (I need to emulate te presence of two
>>separate physical interfaceses for a PC on the same LAN, at layer 2 and
>>layer 3).
>>
>>Is it possible to use the linux ethernet bridging code and two tap
>>interfaces for this purpose?
>>
>>
>>Here is a picture of what I need to do.
>>
>>
>> LAN__________________________________
>> |
>> | eth0 (no IP)
>> ________|________
>> | |
>> | br0 |
>> | (no IP) |
>> |_________________|
>> tap0 | | tap1
>>192.168.40.1/24 | | 192.168.30.1/24
>> MAC_0 | | MAC_1
>> __|________|__
>> | |
>> | PC |
>> | |
>> |______________|
>>
>>
>>I would need this picture to be equivalent to this one:
>>
>>
>> LAN__________________________________
>> eth0 | | eth1
>>192.168.40.1/24 | | 192.168.30.1/24
>> MAC_0 | | MAC_1
>> __|________|__
>> | |
>> | PC |
>> | |
>> |______________|
>>
>>
>>I tried but it doens't work. I don't know if it's not contemplate or if
>>I did a wrong configuration.
>>For example, on tap0, using tcpdump, I see all the L2 broadcast frames
>>going on the LAN; but on the counters of "ifconfig tap0" all of them are
>>considered dropped. No packet is counted as transmitted or received,
>>also if I try to ping from or to tap0.
>>The tap interface starts to transmit/receive pachets only if it is
>>connected to some process like qemu or openvpn.
>>Maybe, it is not possibile for tap interface to be used directly by the
>>linux os?
>>
>
>
>
> Stop abusing bridging. People keep trying these wacky multiple
> network things and they won't work. Bridging really can't handle anything
> with multiple interfaces that could possibly create a forwarding loop.
>
>
>
Dear Stephen,
probably my pictures or descriptions were not so clear.
I don't want abuse bridging.
As you can see in the second picture (of the previous e-mail) I just
would like to replicate the real topology (in which there are not loops
because each physical interface has its own subnet) using software
interfaces, taps. Moreover in the second picture no bridging is enabled
on the PC.
It is just an experiment to understand how the various software pieces
works togheter.
Below I tried to draw a clearer picture.
The first one is what I would like to get.
The second one is what I have.
LAN______________________________________________
|
| eth0 (no IP)
_____________________|________________________
| | Linux Box (PC)|
| ________|________ |
| | | |
| | br0 | |
| | (no IP) | |
| |_________________| |
| tap0 | | tap1 |
| 192.168.40.1/24 | | 192.168.30.1/24 |
| MAC_0 | | MAC_1 |
| ___|________|____ |
| | | |
| | OS TCP-IP stack | |
| | | |
| |_________________| |
| | | | | |
| | | | | |
| Processes |
| |
| |
|______________________________________________|
I would need the first picture to be equivalent to the next one:
LAN_____________________________________________
eth0 | | eth1
192.168.40.1/24 | | 192.168.30.1/24
MAC_0 | | MAC_1
_________________|________|___________________
| | | Linux Box (PC)|
| ___|________|____ |
| | | |
| | OS TCP-IP stack | |
| | | |
| |_________________| |
| | | | | |
| | | | | |
| Processes |
| |
| |
|______________________________________________|
Bye
Antonio
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [LARTC] linux bridging problem: how to emulate 2 separate
2005-07-01 9:59 [LARTC] linux bridging problem: how to emulate 2 separate Antonio Pinizzotto
2005-07-01 17:12 ` Stephen Hemminger
2005-07-01 18:37 ` Antonio Pinizzotto
@ 2005-07-01 19:28 ` Stephen Hemminger
2005-07-01 19:52 ` Alexey Toptygin
3 siblings, 0 replies; 5+ messages in thread
From: Stephen Hemminger @ 2005-07-01 19:28 UTC (permalink / raw)
To: lartc
On Fri, 01 Jul 2005 20:37:44 +0200
Antonio Pinizzotto <antonio.pinizzotto@iit.cnr.it> wrote:
> Stephen Hemminger wrote:
> > On Fri, 01 Jul 2005 11:59:08 +0200
> > Antonio Pinizzotto <antonio.pinizzotto@iit.cnr.it> wrote:
> >
> >
> >>Hi all.
> >>
> >>I would need to use a single physical interface on a Linux box to manage
> >>two different IP addresses (belonging to two separate logical subnets)
> >>with two different MAC address. (I need to emulate te presence of two
> >>separate physical interfaceses for a PC on the same LAN, at layer 2 and
> >>layer 3).
> >>
> >>Is it possible to use the linux ethernet bridging code and two tap
> >>interfaces for this purpose?
> >>
...
> Below I tried to draw a clearer picture.
> The first one is what I would like to get.
> The second one is what I have.
>
>
> LAN______________________________________________
> |
> | eth0 (no IP)
> _____________________|________________________
> | | Linux Box (PC)|
> | ________|________ |
> | | | |
> | | br0 | |
> | | (no IP) | |
> | |_________________| |
> | tap0 | | tap1 |
> | 192.168.40.1/24 | | 192.168.30.1/24 |
> | MAC_0 | | MAC_1 |
> | ___|________|____ |
> | | | |
> | | OS TCP-IP stack | |
> | | | |
> | |_________________| |
> | | | | | |
> | | | | | |
> | Processes |
> | |
> | |
> |______________________________________________|
>
>
> I would need the first picture to be equivalent to the next one:
>
>
> LAN_____________________________________________
> eth0 | | eth1
> 192.168.40.1/24 | | 192.168.30.1/24
> MAC_0 | | MAC_1
> _________________|________|___________________
> | | | Linux Box (PC)|
> | ___|________|____ |
> | | | |
> | | OS TCP-IP stack | |
> | | | |
> | |_________________| |
> | | | | | |
> | | | | | |
> | Processes |
> | |
> | |
> |______________________________________________|
It should work if the tap interface looks sufficiently like Ethernet.
You probably need filter rules to make sure and drop packets intended for
the other network get dropped and to prevent broadcast leakage.
Wouldn't a cheap ethernet hub and two ethernet interfaces do
the same thing?
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [LARTC] linux bridging problem: how to emulate 2 separate
2005-07-01 9:59 [LARTC] linux bridging problem: how to emulate 2 separate Antonio Pinizzotto
` (2 preceding siblings ...)
2005-07-01 19:28 ` Stephen Hemminger
@ 2005-07-01 19:52 ` Alexey Toptygin
3 siblings, 0 replies; 5+ messages in thread
From: Alexey Toptygin @ 2005-07-01 19:52 UTC (permalink / raw)
To: lartc
On Fri, 1 Jul 2005, Stephen Hemminger wrote:
>> LAN______________________________________________
>> |
>> | eth0 (no IP)
>> _____________________|________________________
>> | | Linux Box (PC)|
>> | ________|________ |
>> | | | |
>> | | br0 | |
>> | | (no IP) | |
>> | |_________________| |
>> | tap0 | | tap1 |
>> | 192.168.40.1/24 | | 192.168.30.1/24 |
>> | MAC_0 | | MAC_1 |
>> | ___|________|____ |
>> | | | |
>> | | OS TCP-IP stack | |
>> | | | |
>> | |_________________| |
>> | | | | | |
>> | | | | | |
>> | Processes |
>> | |
>> | |
>> |______________________________________________|
[snip]
> It should work if the tap interface looks sufficiently like Ethernet.
> You probably need filter rules to make sure and drop packets intended for
> the other network get dropped and to prevent broadcast leakage.
The way I interpret the drawing, ISTM that Antonio has the bridge a layer
below the tap devices (even though it's drawn a layer above). I don't
think that's a very sane idea...
The crux of the problem seems to be that Antonio wants a single physical
ethernet card to use two different MAC adresses, which I don't think
briding is ever going to solve. This is, perhaps, possible by putting the
card into promiscuous mode, and using some clever ebtables mangling.
Alexey
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-07-01 19:52 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-01 9:59 [LARTC] linux bridging problem: how to emulate 2 separate Antonio Pinizzotto
2005-07-01 17:12 ` Stephen Hemminger
2005-07-01 18:37 ` Antonio Pinizzotto
2005-07-01 19:28 ` Stephen Hemminger
2005-07-01 19:52 ` Alexey Toptygin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.