Bart De Schuymer <bdschuym@xxxxxxxxxx> wrote on 2010/03/29 11:31:27: > > Joakim Tjernlund wrote: > > Bart De Schuymer <bdschuym@xxxxxxxxxx> wrote on 2010/03/29 10:51:26: > >> Joakim Tjernlund wrote: > >>> Bart De Schuymer <bdschuym@xxxxxxxxxx> wrote on 2010/03/29 09:46:47: > >>>> Joakim Tjernlund wrote: > >>>>> Joakim Tjernlund/Transmode wrote on 2010/03/28 21:04:11: > >>>>>> Joakim Tjernlund/Transmode wrote on 2010/03/28 20:27:10: > >>>>>>> Bart De Schuymer <bdschuym@xxxxxxxxxx> wrote on 2010/03/28 14:48:52: > >>>>>>>> Stephen Hemminger schreef: > >>>>>>>>> If you read the network receive code path in the kernel, you > >>>>>>>>> will see that there is a special hook used. Basically, > >>>>>>>>> > >>>>>>>>> if received_interface_is_part_of_bridge(incoming_interface) > >>>>>>>>> then process_bridged_packet(packet) > >>>>>>>>> > >>>>>>>>> Then bridge looks at packet and decides whether it is local or forwarded. > >>>>>>>>> The problem is with your application if it wants to use eth0 directly. > >>>>>>>>> > >>>>>>>>> > >>>>>>>> The ebtables brouting chain was designed to enable you to do this. > >>>>>>> Can you give me an example? > >>>>>> Found this on the net: > >>>>>> ebtables -t broute -A BROUTING -p 0800 -i eth1 --ip-dst 192.168.1.16 -j DROP > >>>>>> ebtables -t broute -A BROUTING -p 0806 -i eth1 -d 00:06:9C:00:B2:FB -j DROP > >>>>>> ebtables -t broute -A BROUTING -p 0806 -i eth1 --arp-ip-dst 192.168.1.16 -j DROP > >>>>>> > >>>>>> 192.168.1.16 and 00:06:9C:00:B2:FB are the IP and MAC addresses of eth1. > >>>>>> > >>>>>> Then add eth1 to the bridge and it appears to be working as I want. > >>>>>> Are there any "gotcha's" with this method? > >>>>> What about other protocols such as pppoe and OSPF, will these work over eth1 too? > >>>>> Are outgoing pkgs from the host bridged or just sent out over eth1? > >>>>> > >>>>> Jocke > >>>> The ebtables rules in the brouting chain see all traffic arriving on the > >>>> bridge port (currently unless the port is in learning state). So as long > >>>> as your setup is correct it should work with pppoe and OSPF too. > >>> Ah good. So the outgoing traffic will go out over the bridge port too and > >>> thereby be bridged? > >> If you want the ingoing traffic to go through eth1 I assume you want the > >> accompanying outgoing traffic to go through eth1 too. Your routing table > >> should be routing 192.168.1.0/24 to eth1. If this is not how you want it > >> to work, please explain. > > > > I want eth1 to act as if was br0. Instead of having to set an IP address > > on br0 and eth1 to 0.0.0.0 I want to keep the IP address on eth1 and br0 > > should be 0.0.0.0. > > OK, that's how it will work. But note that this means the outbound IP > and ARP traffic isn't bridged. But I don want the outbound traffic(and ARP) to be bridged. > > >>> Still I wonder about OSPF. This protocol sends pks to multicast IP address > >>> 224.0.0.5/6 so how are these picked up by the broute rule? > >>> > >>> How is pppoe picked up by the broute rule? The ethertype is different from ipv4 > >>> so I don't understand how it manages to do that. > >>> > >> You'll need additional ebtables rules. > > > > Ah, but say I add > > ebtables -t broute -A BROUTING -p 0800 -i eth1 --ip-dst 224.0.0.5 -j DROP > > then only the host receives these pkgs and the other members > > in the bridge wont get the multicast pkg? > > Yes. I guess an ebtables module like the iptables TEE target could help > here, but it's not implemented. > > But there's probably an easier solution to your problem: just never use > eth1 directly. Not that easy to do as we have legacy and also let linux via it cmdline set the IP address so there won't be a br0 I/F until later. > The case where you don't have a bridge is then replaced by using a > bridge (br0) with only one port member: eth1. The second case is then > simply achieved by adding another port to the bridge. All your > applications always use br0 as interface. This will have some inpact on > speed, though, because the incoming traffic is queued twice. Tried the below script and can at least ping/telnet to the node after that: #eth1 has IP 192.168.1.16 brctl addbr br0 brctl setfd br0 0 ifconfig br0 192.168.1.16 brctl addif br0 eth1 ifmetric eth1 5 Not sure what the implications are yet though. Jocke _______________________________________________ Bridge mailing list Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/bridge
