[Bridge] Trouble with ARP traffic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I've setup a Linux (SUSE v. 2.6.16.13-4-smp) in bridging mode. The br0
interface has two physical: eth0 and  eth1.

The eth0 interface is connected to  our LAN, the eth1 is connected to a
SONICWALL firewall. STP is turned off, since  it's the only bridge
connecting the two areas. The bridge is also filtering  some traffic via
iptables.

All is working fine, but when I use  tcpdump on the eth1 interface, I see
all the ARP requests of the LAN. In other  words, the entirely ARP
broadcasts (that will be resolved internally) are  passing the bridge and
reaching the firewall.

As a bridge, the Linux box should be  aware where every machine is located
and separate logically the two segments,  shouldn't it?

Also, the command "arp ?a" shows  only one address, wether the "brctl
showmacs br0"  shows all the addresses  correctly. Is this a normal
behaviour?

Thank you for any advice,

Raffaele


Output of brctl showstp  br0
---------------------------------------

br0
 bridge id                8000.001560a34be7
 designated root         8000.001560a34be7
 root port                  0                    path cost
0
 max age                   20.00                 bridge max age
50.00
 hello time                 2.00                 bridge hello
time           5.00
 forward delay             37.50                 bridge forward delay
15.00
 ageing time              300.01
 hello timer               1.39                  tcn timer
0.00
 topology change timer      0.00                 gc
timer                    0.05
 flags

eth0  (1)
 port id                 8001
state                 forwarding
 designated root         8000.001560a34be7       path
cost                  19
 designated bridge       8000.001560a34be7        message age
timer           0.00
 designated port         8001                    forward delay
timer         0.00
 designated cost            0                    hold
timer                  0.39
 flags

eth1  (2)
 port id                 8002
state                 forwarding
 designated root         8000.001560a34be7       path
cost                 100
 designated bridge       8000.001560a34be7       message age
timer           0.00
 designated port         8002                    forward delay
timer         0.00
 designated cost            0                    hold
timer                   0.39
 flags

Output of brctl showmacs  br0
------------------------------------------
1     00:04:23:0a:a6:13        no                86.16
  1     00:04:75:4c:d7:03        no                 5.06
  1     00:04:75:87:bd:a9        no               138.51
  1     00:04:76:a3:c9:b8        no               100.12
  2     00:06:b1:11:8d:a4        no                 0.07
  1     00:0f:20:3b:8e:4e        no                41.11
  1      00:0f:20:3b:fe:57       no                60.78
  1     00:14:69:b4:49:84        no                 0.14
  1     00:15:60:a3:4b:e7        yes                0.00
  1     00:30:c1:5f:24:56        no                28.16
  1     00:30:c1:8c:e7:61        no                39.05
  2     00:c0:f0:56:51:c6        yes                0.00
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.osdl.org/pipermail/bridge/attachments/20060831/4a6440d4/attachment.htm
[Index of Archives]     [Netdev]     [AoE Tools]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux