From: Bart De Schuymer <bdschuym@pandora.be>
To: Joakim Tjernlund <joakim.tjernlund@transmode.se>
Cc: bridge@lists.linux-foundation.org
Subject: Re: [Bridge] IP address on physcial interface instead of bridge interface?
Date: Mon, 29 Mar 2010 10:51:26 +0200 [thread overview]
Message-ID: <4BB06A0E.9000705@pandora.be> (raw)
In-Reply-To: <OF35408968.E095E27C-ONC12576F5.002CCCB7-C12576F5.002F190B@transmode.se>
Joakim Tjernlund wrote:
> Bart De Schuymer <bdschuym@pandora.be> wrote on 2010/03/29 09:46:47:
>> Joakim Tjernlund wrote:
>>> Joakim Tjernlund/Transmode wrote on 2010/03/28 21:04:11:
>>>> Joakim Tjernlund/Transmode wrote on 2010/03/28 20:27:10:
>>>>> Bart De Schuymer <bdschuym@pandora.be> wrote on 2010/03/28 14:48:52:
>>>>>> Stephen Hemminger schreef:
>>>>>>> If you read the network receive code path in the kernel, you
>>>>>>> will see that there is a special hook used. Basically,
>>>>>>>
>>>>>>> if received_interface_is_part_of_bridge(incoming_interface)
>>>>>>> then process_bridged_packet(packet)
>>>>>>>
>>>>>>> Then bridge looks at packet and decides whether it is local or forwarded.
>>>>>>> The problem is with your application if it wants to use eth0 directly.
>>>>>>>
>>>>>>>
>>>>>> The ebtables brouting chain was designed to enable you to do this.
>>>>> Can you give me an example?
>>>> Found this on the net:
>>>> ebtables -t broute -A BROUTING -p 0800 -i eth1 --ip-dst 192.168.1.16 -j DROP
>>>> ebtables -t broute -A BROUTING -p 0806 -i eth1 -d 00:06:9C:00:B2:FB -j DROP
>>>> ebtables -t broute -A BROUTING -p 0806 -i eth1 --arp-ip-dst 192.168.1.16 -j DROP
>>>>
>>>> 192.168.1.16 and 00:06:9C:00:B2:FB are the IP and MAC addresses of eth1.
>>>>
>>>> Then add eth1 to the bridge and it appears to be working as I want.
>>>> Are there any "gotcha's" with this method?
>>> What about other protocols such as pppoe and OSPF, will these work over eth1 too?
>>> Are outgoing pkgs from the host bridged or just sent out over eth1?
>>>
>>> Jocke
>> The ebtables rules in the brouting chain see all traffic arriving on the
>> bridge port (currently unless the port is in learning state). So as long
>> as your setup is correct it should work with pppoe and OSPF too.
>
> Ah good. So the outgoing traffic will go out over the bridge port too and
> thereby be bridged?
If you want the ingoing traffic to go through eth1 I assume you want the
accompanying outgoing traffic to go through eth1 too. Your routing table
should be routing 192.168.1.0/24 to eth1. If this is not how you want it
to work, please explain.
> Still I wonder about OSPF. This protocol sends pks to multicast IP address
> 224.0.0.5/6 so how are these picked up by the broute rule?
>
> How is pppoe picked up by the broute rule? The ethertype is different from ipv4
> so I don't understand how it manages to do that.
>
You'll need additional ebtables rules.
--
Bart De Schuymer
www.artinalgorithms.be
next prev parent reply other threads:[~2010-03-29 8:51 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-25 16:42 [Bridge] IP address on physcial interface instead of bridge interface? Joakim Tjernlund
2010-03-25 17:03 ` richardvoigt
2010-03-25 20:24 ` Joakim Tjernlund
2010-03-25 21:03 ` Nicolas de Pesloüan
2010-03-26 7:44 ` Joakim Tjernlund
2010-03-26 8:55 ` Bart De Schuymer
2010-03-26 7:55 ` Joakim Tjernlund
2010-03-26 20:39 ` Nicolas de Pesloüan
2010-03-26 20:48 ` Joakim Tjernlund
2010-03-26 21:35 ` Nicolas de Pesloüan
2010-03-27 10:42 ` Joakim Tjernlund
2010-03-28 15:19 ` Joakim Tjernlund
2010-03-28 16:03 ` Stephen Hemminger
2010-03-28 16:19 ` Joakim Tjernlund
2010-03-26 21:42 ` richardvoigt
2010-03-27 10:50 ` Joakim Tjernlund
2010-03-28 3:17 ` Stephen Hemminger
2010-03-28 9:53 ` Joakim Tjernlund
2010-03-28 12:48 ` Bart De Schuymer
2010-03-28 18:27 ` Joakim Tjernlund
[not found] ` <OFDC6DBFAF.3C46B16B-ONC12576F4.00654457-C12576F4.00655D53@LocalDomain>
2010-03-28 19:04 ` Joakim Tjernlund
[not found] ` <OF59D1A758.6E7DFF8C-ONC12576F4.0068613D-C12576F4.0068C11D@LocalDomain>
[not found] ` <OF66063C34.9F68251B-ONC12576F5.0025FFA1-C12576F <4BB05AE7.10905@pandora.be>
[not found] ` <OF35408968.E095E27C-ONC12576F5. <4BB06A0E.9000705@pandora.be>
2010-03-29 6:57 ` Joakim Tjernlund
2010-03-29 7:46 ` Bart De Schuymer
2010-03-29 8:34 ` Joakim Tjernlund
2010-03-29 8:51 ` Bart De Schuymer [this message]
2010-03-29 8:59 ` Joakim Tjernlund
2010-03-29 9:31 ` Bart De Schuymer
2010-03-29 9:48 ` Joakim Tjernlund
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BB06A0E.9000705@pandora.be \
--to=bdschuym@pandora.be \
--cc=bridge@lists.linux-foundation.org \
--cc=joakim.tjernlund@transmode.se \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox