I'm not sure if requests for help are appropriate for this list. If not, I apologize.
My ISP (bredbandsbolaget) here in Sweden delivers my broadband by ethernet. I get up to five IP:s through DHCP. I figured it would be a good idea to actually use these IP:s instead of going for a NAT/PAT/masquerading thing. So, bridging firewall, right?
I can't seem to get it to work. Worse, I'm too much of a newbie to even diagnose the problem.
Here's my setup:
|ISP | | firewall |
|DHCP|----|eth1 eth2|----|switch|----|computers|
The switch is a cheapo 3com 3CGSU05-ME gigabit thing.
Here's the firewall box:
aker:~# lspci | grep Eth
00:12.0 Ethernet controller: VIA Technologies, Inc. VT6102 [Rhine-II] (rev 7c)
04:04.0 Ethernet Controller: Intel Corporation 82541PI Gigabit Ethernet Controller (rev 05)
04:05:0 Ethernet Controller: Intel Corporation 82541PI Gigabit Ethernet Controller
I want to use the two Intel PRO/1000 GT NICs for the bridge.
aker:~# uname -sr
Linux 2.6.18-4-486
It's Debian Etch with a standard kernel.
aker:~# brctl --version
bridge-utils, 1.2
I did this:
aker:~# ifconfig eth1 promisc up
device eth1 entered promiscuous mode
audit(1180131751.392.2): dev=eth1 prom=256 old_prom=0 auid=4294967295
e1000: eth1: e1000_watchdog: NIC Link is Up 1000 Mbps Full Duplex
aker:~# ifconfig eth2 promisc up
device eth2 entered promiscuous mode
audit(1180131923.963.3): dev=eth2 prom=256 old_prom=0 auid=4294967295
e1000: eth2: e1000_watchdog: NIC Link is Up 100 Mbps Full Duplex
aker:~# brctl addbr br0
Bridge firewalling registered
aker:~# brctl addif br0 eth1
aker:~# brctl addif br0 eth2
aker:~# brctl setfd br0 0
aker:~# echo "1" > /proc/sys/net/ipv4/ip_forward
aker:~# brctl show br0
bridge name bridge id STP enabled interfaces
br0 8000.000e0cdd3b12 no eth1
eth2
Both NICs have links. eth2 has a 100 mbit FD link to ISP. eth1 a gig FD link to the switch.
Now I figure I should be ready to run my DHCP client on one of the computers, but that doesn't work. if I run "brctl showmacs br0" afterwards it only lists the MACs of the two NICs in the bridge. Seems like no traffic has gone through.
I tried setting all the /proc/sys/net/bridge/bridge-nf* values to 0. No difference.
I'm pretty new to linux, and to networking, and I don't really know how to figure out what I'm doing wrong. Any help would be greatly appreciated. And again, sorry if this is off-topic (is there somewhere else more appropriate for this kind of question?)
/Swedo
Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos & more.
_______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
