* [Bridge] Arp & Bridge
@ 2007-09-19 14:32 David Martin
2007-09-19 15:24 ` Stephen Hemminger
0 siblings, 1 reply; 2+ messages in thread
From: David Martin @ 2007-09-19 14:32 UTC (permalink / raw)
To: bridge
[-- Attachment #1: Type: text/plain, Size: 1138 bytes --]
here is my bridge config :
Let say br0 containing eth0 and eth1, with br0 IP adress is 192.168.0.10
For some reasons, I would like to be able to send packet from the bridge
machine, only via a specific device.
Thus, I set IP adress for eth0 and eth1 (let's say 192.168.0.11 and
192.168.0.12).
I know a bridge is not supposed to have IP adress on the interfaces..
___________________________
| br0 (192.168.0.10) |
| +--- eth0 (192.168.0.11) --------------------------- ethernet
wire --------------------- 192.168.0.1
| +--- eth1 (192.168.0.12) ----------------------------ethernet
wire --------------------- 192.168.0.254
|___________________________|
But when I try to send packet's from only one device, it does not work.
ie : ping -I eth0 192.168.0.1 gives no response.
I noticed that arp are sent and received by eth1, but they are of course
received by br0 too.
So the arp table is completed for br0 but not for eth1...
The question is :
Why does br0 update the arp table, but eth1 doesnt? how is the arp table
are updated? eth1 is the one sending the request!
Is there any mean to solve that?
[-- Attachment #2: Type: text/html, Size: 1574 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [Bridge] Arp & Bridge
2007-09-19 14:32 [Bridge] Arp & Bridge David Martin
@ 2007-09-19 15:24 ` Stephen Hemminger
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Hemminger @ 2007-09-19 15:24 UTC (permalink / raw)
To: David Martin; +Cc: bridge
On Wed, 19 Sep 2007 16:32:26 +0200
David Martin <dmartin@mediatvcom.com> wrote:
> here is my bridge config :
> Let say br0 containing eth0 and eth1, with br0 IP adress is 192.168.0.10
>
> For some reasons, I would like to be able to send packet from the bridge
> machine, only via a specific device.
> Thus, I set IP adress for eth0 and eth1 (let's say 192.168.0.11 and
> 192.168.0.12).
> I know a bridge is not supposed to have IP adress on the interfaces..
> ___________________________
> | br0 (192.168.0.10) |
> | +--- eth0 (192.168.0.11) --------------------------- ethernet
> wire --------------------- 192.168.0.1
> | +--- eth1 (192.168.0.12) ----------------------------ethernet
> wire --------------------- 192.168.0.254
> |___________________________|
>
> But when I try to send packet's from only one device, it does not work.
> ie : ping -I eth0 192.168.0.1 gives no response.
>
> I noticed that arp are sent and received by eth1, but they are of course
> received by br0 too.
> So the arp table is completed for br0 but not for eth1...
>
> The question is :
> Why does br0 update the arp table, but eth1 doesnt? how is the arp table
> are updated? eth1 is the one sending the request!
> Is there any mean to solve that?
If you need to limit arp responses checkout arp_filter sysctl and
stop doing the wierdness with IP addresses.
If you are trying to do some form of security (or ISP workarounds)
investigate using filtering (ebtables) to do it.
--
Stephen Hemminger <shemminger@linux-foundation.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-09-19 15:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-09-19 14:32 [Bridge] Arp & Bridge David Martin
2007-09-19 15:24 ` Stephen Hemminger
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.