The set-up:
We have two networks that we want to firewall and a network that we want to NAT. We are using VMware ESX 4.0 server to host the virtual machine which is Debian Squeeze with Linux kernel 2.6.30 and brctl 1.2. I've created two bridges (br0 and br1) and I assign an IP address to br0 and none to br1 so that it is transparent. We are using VGT (Virtual Guest Tagging) for our VLANs for eth0 and eth1 is using VST (Virtual Switch Tagging) for it's VLAN. br0 holds eth0.1 and eth0.11 and br1 holds eth0.2 and eth0.12. eth1 has an IP address of 192.168.1.1 and does NAT though iptables. I've set the virtual portgroup in ESX that is connected to eth0 to accept promiscuous mode.
For the most part things work fine, however, every once and a while the Mac address of a machine on the firewalled side of the switch will show up on the non-firewalled side and for about 1 minute all traffic to/from the machine ceases. This happend much more frequently when I was using purley VST for the bridges. I also get the error "eth0.1: received packet with own address as source" in the logs, again much less frequently with VGT than with VST.
I would like help tracking down the cause of these two problems, but I don't know where to go from here. I've sniffed the traffic on the interface listed in the error message, but all I've seen is a broadcast packet that matches the description of the error.
Thank you,
Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University
_______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
