Re: [Bridge] Bridge blocking network traffic

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
To: Mail List - Netfilter <netfilter@vger.kernel.org>
Cc: bridge@lists.linux-foundation.org
Subject: Re: [Bridge] Bridge blocking network traffic
Date: Thu, 01 Jul 2010 19:57:54 +0200	[thread overview]
Message-ID: <4C2CD722.4070905@plouf.fr.eu.org> (raw)
In-Reply-To: <AANLkTilE0uZQu6SjlkX1WaY32Ir9STQXT4kVNiSc4sCa@mail.gmail.com>

ratheesh k a écrit :
> 
> brctl addbr br0
> brctl  addif eth0
> brctl  addif eth1
> ifconfig br0  0.0.0.0 up
> 
> The problem was "default brouter policy is accept " . So packets are
> coming to layer2  only .

Indeed, by default (i.e. no brouting) packets received on a bridge port
are intercepted by the bridge. This is the intended behaviour of a
bridge, isn't it ? Thus a bridge port is not supposed to be assigned an
IP address (or be used by any protocol), because the IP stack (or any
other upper protocol layer) won't receive any packet directly from it
but from the bridge interface (which should have the IP address).

>I applied the below command and every thing
> seemed to work exactly like connecting eth0 and eth1 to hardware hub .
> 
> ebtables -t broute  -P BROUTING -j DROP

I strongly doubt it. This rule forces routing of all packets instead of
bridging, so IIUC it effectively totally disables bridging and you are
back to two independent interfaces.

next prev parent reply	other threads:[~2010-07-01 17:57 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-04-22  0:48 [Bridge] Bridge blocking network traffic benno joy
2010-04-22 20:09 ` Stephen Hemminger
2010-06-30  7:50   ` ratheesh k
2010-06-30  7:50     ` ratheesh k
2010-06-30 19:15     ` Grant Taylor
2010-07-01 17:05       ` ratheesh k
2010-07-01 17:05         ` ratheesh k
2010-07-01 17:57         ` Pascal Hambourg [this message]
2010-07-01 18:14           ` ratheesh k
2010-07-01 18:14             ` ratheesh k

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4C2CD722.4070905@plouf.fr.eu.org \
    --to=pascal.mail@plouf.fr.eu.org \
    --cc=bridge@lists.linux-foundation.org \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.